CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

24 matches found

OSV•added 2025/11/13 3:23 a.m.•1 views

MAL-2025-189387 Malicious code in scripts-hermes-pulsar-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c868f2b930f8cef33f4482af086921d64684fe465c818ac9af2b1f199e0a258 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•2 views

Malicious code in secure-old-deploy-resolve-encode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edd40e8463e8ef60e60e2f721f62d52e42e5b10ad7481073017d47ad4d0616fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 7:18 p.m.•3 views

MAL-2025-178748 Malicious code in tanabufir-softafai-dubuatgifa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 062528bd0fe362ff7b3815e2ddd794e5ed742a5f4d3aeb380a802f9f14113831 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:47 p.m.•1 views

MAL-2025-155454 Malicious code in guras-nutra-nuyi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14191cf20bfc55c6b3a5a09088f42c69165bff7abf9a2a2cbdab6d9a66bdb684 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-147729 Malicious code in scripts-equinox-achernar-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75261065f0a6b02ca3e374fc44540af758f88fa9649ec332f7b2c9b4b226f83d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•2 views

MAL-2025-146737 Malicious code in proxima-scripts-wezen-slidev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5276ed126e2063e64fb1b6332fed4302d4454bc508f04b29c7812df1983b202e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in scripts-sadr-parcel-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39d4129ff9bff98bbff961f993a0ce01ca0fe2ec0098fc4f27ecfb22382b00c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/11 8:46 p.m.•1 views

Malicious code in hissing_antlion_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd4be41fd3c2c1842edfb8f6fb52f5c2040fe9b5167bb8bb9eec5c6caa45dd06 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/11 3:19 p.m.•0 views

MAL-2025-117639 Malicious code in umi-lapis46-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59a47570fb65d63e7bfa64c1752cbb7df48c2f89ffe8b5183f8bc9803e9a46cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/11 3:19 p.m.•1 views

MAL-2025-116270 Malicious code in oktafian-lumpur45-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66024982217ef3ba8f7f527bcbe0969f91ad74d37493ac1e9fa01245a06deb20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/11 4:25 a.m.•1 views

MAL-2025-89117 Malicious code in ogi-rujaksoto7-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5fa442d740d78f2eab2c4056b87fc15a070abb3dada23afbef21dd5a7dc5d19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/11 3:48 a.m.•1 views

MAL-2025-76723 Malicious code in ade-naget60-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1e622259f4221b15a3317201b7c18f314a001b1cd3f5bb62236decf28106d6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/11 2:29 a.m.•1 views

MAL-2025-76564 Malicious code in zaki-gudeg82-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b6955507a1e9dcf495134075f3126c5f8d60f2586a26c05536f077d9b107e37 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/11 12:41 a.m.•1 views

MAL-2025-66658 Malicious code in administrative-black-swordfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01f1e4954bfa2700db10200c4386536e411a3aa9de21a23a49af95b93ab7a9d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/10 5:18 a.m.•1 views

MAL-2025-54414 Malicious code in putri-rendang50-kyuki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 061e4e5c079bee57ceabdd6292daab1e8b9d2824e0b3b26a8c12ecc87260662e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-1492

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.02482EPSS

Exploits1References7

vulnersOsv•added 2025/09/24 6:57 p.m.•6 views

@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +387 more potentially affected by CVE-2025-59343 via tar-fs (>=0.1.8 <=1.16.3)

tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2025-59343 Source advisory: OSV:GHSA-VJ76-C3G6-QR...

8.7CVSS5.8AI score0.00033EPSS

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in ca-npm-scripts (npm)

The package ca-npm-scripts was found to contain malicious code...

OSV•added 2025/08/14 6:52 p.m.•2 views

MAL-2025-16415 Malicious code in ca-npm-scripts (npm)

The package ca-npm-scripts was found to contain malicious code...

vulnersOsv•added 2025/03/27 6:31 p.m.•3 views

@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +387 more potentially affected by CVE-2024-12905 via tar-fs (>=0.1.8 <=1.16.3)

tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3X...

7.5CVSS6.7AI score0.00806EPSS

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by