CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

OSV•added 2026/06/05 4:37 p.m.•4 views

ROOT-APP-NPM-CVE-2021-3795 CVE-2021-3795 in @rootio/semver-regex - Patched by Root

Root has patched CVE-2021-3795 in the @rootio/semver-regex package for Root:npm. Multiple fixed versions available...

7.5CVSS7.2AI score0.00468EPSS

Exploits1

OSV•added 2026/06/04 9:5 p.m.•8 views

ROOT-APP-NPM-CVE-2026-44002 CVE-2026-44002 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-44002 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

5.8CVSS5.8AI score0.00036EPSS

Exploits1

OSV•added 2026/06/04 7:50 p.m.•2 views

ROOT-APP-NPM-CVE-2026-2950 CVE-2026-2950 in @rootio/lodash - Patched by Root

Root has patched CVE-2026-2950 in the @rootio/lodash package for Root:npm. Multiple fixed versions available...

6.5CVSS5.9AI score0.00026EPSS

Exploits0

OSV•added 2026/06/04 7:47 p.m.•17 views

ROOT-APP-NPM-GHSA-R4Q5-VMMM-2653 GHSA-r4q5-vmmm-2653 in @rootio/follow-redirects - Patched by Root

Root has patched GHSA-r4q5-vmmm-2653 in the @rootio/follow-redirects package for Root:npm. Multiple fixed versions available...

5.8AI score

Exploits0

vulnersOsv•added 2026/06/04 6:0 p.m.•2 views

@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @abyedev/hono-dotenv (=1.0.0) +560 more potentially affected by CVE-2026-47674 via hono (>=0.5.10 <=4.12.2)

hono NPM version =0.5.10, =0.1.8-fix.3, =5.0.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.1.4, =2026.4.4, =1.0.2, =0.1.1, =0.0.1, =0.0.2-a, =0.1.22, =1.1.1, =1.3.0 and more Source cves: CVE-2026-47674 Source advisory: OSV:GHSA-XRHX-7G5J-RCJ5...

5.3CVSS5.4AI score0.00098EPSS

Exploits0

OSV•added 2026/06/04 9:56 a.m.•4 views

ROOT-APP-NPM-CVE-2023-26133 CVE-2023-26133 in @rootio/progressbar.js - Patched by Root

Root has patched CVE-2023-26133 in the @rootio/progressbar.js package for Root:npm. Multiple fixed versions available...

9.8CVSS5.8AI score0.00077EPSS

Exploits1

OSV•added 2026/06/04 9:12 a.m.•4 views

ROOT-APP-NPM-CVE-2026-4923 CVE-2026-4923 in @rootio/path-to-regexp - Patched by Root

Root has patched CVE-2026-4923 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...

5.9CVSS6.2AI score0.00018EPSS

Exploits0

OSV•added 2026/06/04 6:33 a.m.•4 views

ROOT-APP-NPM-CVE-2022-37599 CVE-2022-37599 in @rootio/loader-utils - Patched by Root

Root has patched CVE-2022-37599 in the @rootio/loader-utils package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.04206EPSS

Exploits0

vulnersOsv•added 2026/05/20 7:10 p.m.•2 views

01-dev (=1.0.0), 04-musicplayer (=1.0.0) +1205 more potentially affected by CVE-2024-23222 via art-template (>=4.11.0 <=4.13.4)

art-template NPM version =4.11.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =1.0.2, =1.0.0-alpha.1, =1.0.3, =1.1.4, =1.0.0, =0.1.0, =0.0.1, =0.0.2-alpha.13 and more Source cves: CVE-2024-23222 Source advisory: SNYK:JS-ARTTEMPLATE-16779844...

8.8CVSS7.9AI score0.00602EPSS

Exploits6

OSV•added 2026/05/20 5:2 a.m.•5 views

MAL-2026-4560 Malicious code in fca-official-uzair-rajput (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83c96ed99bb1a48e80228ec0ca012c1dbb7817fe1dbbd492fcb3d2927805f29e fca-official-uzair-rajput is a Facebook chat API library whose only documented entry point, login, invokes an auto-update routine on every call when...

6.3AI score

Exploits0References1

OSV•added 2026/05/20 3:37 a.m.•3 views

MAL-2026-4608 Malicious code in mcp-server-iehub-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba03746ec3542dbe6ea365d04c04a7b9ac1366a547da3a6e7bc146900ad67a51 proxy.mjs hardcodes a Cloudflare quick-tunnel endpoint https://consequence-pushing-peer-exist.trycloudflare.com and uses fetch... POST... with...

5.8AI score

Exploits0References1

vulnersOsv•added 2026/05/12 3:6 p.m.•6 views

10minions-engine (>=0.0.1 <=0.0.4), @0xr404/lol404 (>=1.1.0 <=1.1.6) +3362 more potentially affected by CVE-2026-44293 via protobufjs (>=7.0.0 <=7.5.5)

protobufjs NPM version =7.0.0, =0.0.1, =1.1.0, =1.0.1-beta.0, =0.0.2-beta.0, =1.0.0, =1.5.10, =0.10.1, =1.1.0, =6.0.0, =2.0.2, =3.3.2 and more Source cves: CVE-2026-44293 Source advisory: SNYK:JS-PROTOBUFJS-16643421...

8.8CVSS5.4AI score0.00058EPSS

Exploits0

vulnersOsv•added 2026/05/09 12:45 a.m.•3 views

@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @abyedev/hono-dotenv (=1.0.0) +550 more potentially affected by CVE-2026-44459 via hono (>=1.6.4 <=4.12.16)

hono NPM version =1.6.4, =0.1.8-fix.3, =5.0.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.1.4, =2026.4.4, =1.0.2, =0.1.1, =0.0.1, =0.0.2-a, =0.1.22, =1.1.1, =1.3.0 and more Source cves: CVE-2026-44459 Source advisory: SNYK:JS-HONO-16624529...

3.8CVSS5.4AI score0.00021EPSS

Exploits0

vulnersOsv•added 2026/05/07 6:30 p.m.•2 views

@awinogrodzki/embed-plugin-youtube (>=5.0.5 <=5.0.9), @radio4000/components (>=0.0.24 <=0.2.17) +11 more potentially affected by CVE-2025-65122 via youtube-regex (=1.0.5)

youtube-regex NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on youtube-regex and may be impacted: - @awinogrodzki/embed-plugin-youtube =5.0.5, =0.0.24, =1.0.0, =0.1.0-alpha.4c5f8c5a, =0.1.0-alpha.4c5f8c5a, =0.0.2, =1.0.1, =0.6.0,...

7.5CVSS5.4AI score0.00057EPSS

Exploits0

vulnersOsv•added 2026/04/19 9:0 p.m.•3 views

1router (>=0.3.96 <=1.0.2), 9router-custom (=0.3.55) +2146 more potentially affected by CVE-2026-41238 via dompurify (>=3.0.1 <=3.3.3)

dompurify NPM version =3.0.1, =0.3.96, =0.3.33, =0.5.0, =1.0.0, =1.5.1, =0.18.0-beta.0, =0.0.1, =0.1.0-alpha.1, =0.1.0, =0.1.0, =0.0.0-dev-20240828032938, =0.2.8-experimental.0, =1.2.0, =1.0.0, =1.0.35 and more Source cves: CVE-2026-41238 Source advisory: SNYK:JS-DOMPURIFY-16132234...

6.9CVSS5.4AI score0.00039EPSS

Exploits0

OSV•added 2026/04/16 9:59 a.m.•3 views

MAL-2026-2767 Malicious code in ground-platform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 349e5651266238ca632ac59b3cdfc35ffe594ec082531700d4fde5a4d3bd0a51 The package ground-platform was found to contain malicious code...

5.7AI score

Exploits0

OSV•added 2026/04/16 9:56 a.m.•3 views

MAL-2026-2760 Malicious code in f0-email-verification (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f1be0fb20c0bda97570f04e023025da0e132b6f20c647025acbbaaad2916722 The package f0-email-verification was found to contain malicious code...

5.7AI score

Exploits0

vulnersOsv•added 2026/04/10 9:3 p.m.•4 views

@0xchain/empty (>=0.0.1 <=1.1.0-beta.4), @0xchain/expandable-text (>=0.0.1 <=1.1.0-beta.18) +101 more potentially affected by CVE-2026-40299 via next-intl (>=4.0.2 <=4.9.0)

next-intl NPM version =4.0.2, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.1, =0.1.0, =0.1.1, =2.2.0, =2.5.0 and more Source cves: CVE-2026-40299 Source advisory: SNYK:JS-NEXTINTL-15995498...

6.9CVSS5.4AI score0.00059EPSS

Exploits0

vulnersOsv•added 2026/04/09 2:22 p.m.•9 views

@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +22 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.4.5)

openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: unknown CVE Source advisory: SNYK:JS-OPENCLAW-15989068...

5.5AI score

Exploits0

vulnersOsv•added 2026/04/07 6:10 p.m.•4 views

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-41297 via openclaw (>=2026.3.22 <=2026.3.28)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-41297 Source advisory: SNYK:JS-OPENCLAW-15929056...

7.6CVSS5.4AI score0.00043EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by