CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

OSSF Malicious Packages•added 3 days ago•5 views

Malicious code in nrwl.angular-console (VSCode)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 12636eadc931d19fc68ca6d30f5397404c6b782a67537c770c944ed9337a4125 The compromised version of the Nx Console VS Code extension contains malicious code injected into its main execution file. When a develope...

6.1AI score

Exploits0References4

OSV•added 3 days ago•1 views

MAL-2026-5161 Malicious code in nrwl.angular-console (VSCode)

6.1AI score

Exploits0References4

OSV•added 3 days ago•1 views

MAL-2026-5162 Malicious code in nrwl.angular-console (VSCode:https://open-vsx.org)

6.1AI score

Exploits0References4

CISA•added 2026/05/28 12:0 p.m.•11 views

Supply Chain Compromises Impact Nx Console and GitHub Repositories

CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development CI/CD pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code VS...

9.8CVSS5.8AI score0.32065EPSS

Exploits1References8

NVD•added 2026/05/27 5:16 p.m.•7 views

CVE-2026-48027

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.8CVSS0.32065EPSS

Exploits1References5

Vulnrichment•added 2026/05/27 3:50 p.m.•4 views

CVE-2026-48027 Compromised Nx Console version 18.95.0

9.3CVSS5.8AI score0.32065EPSS

Exploits1References4

Cvelist•added 2026/05/27 3:50 p.m.•65 views

CVE-2026-48027 Compromised Nx Console version 18.95.0

9.3CVSS0.32065EPSS

Exploits1References4

CVE•added 2026/05/27 3:50 p.m.•23 views

CVE-2026-48027

Summary: CVE-2026-48027 affects Nx Console, a UI for Nx & Lerna. A malicious copy of Nx Console version 18.95.0 was published briefly in Visual Studio Marketplace (and OpenVSX) around 12:30–12:48 UTC (≈18 minutes) and 12:33–13:09 UTC (≈36 minutes) respectively. The compromised package allowed cod...

9.8CVSS5.8AI score0.32065EPSS

In wildExploits1References5Affected Software1

EUVD•added 2026/05/27 3:50 p.m.•5 views

EUVD-2026-32550

9.8CVSS5.8AI score0.32065EPSS

Exploits1References4

ATTACKERKB•added 2026/05/27 3:50 p.m.•6 views

CVE-2026-48027

9.3CVSS5.8AI score0.32065EPSS

Exploits1References5

CISA•added 2026/05/27 12:0 p.m.•52 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-8398link is external Daemon Tools Lite Embedded Malicious Code Vulnerability CVE-2026-45321link is external TanStack Unspecified Vulnerability...

9.8CVSS6AI score0.32065EPSS

In wildExploits5References8

CNNVD•added 2026/05/27 12:0 a.m.•6 views

Nx Console 安全漏洞

Nx Console is an open-source repository management interface that supports visual workflows and AI enhancements. Version Nx Console 18.95.0 contains a security vulnerability. This vulnerability stems from the release of a malicious version on the Visual Studio Marketplace and OpenVSX, which could...

9.8CVSS5.8AI score0.32065EPSS

Exploits1References5

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-44044

Name of the Vulnerable Software and Affected Versions Nx Console version 18.95.0 Description A supply chain compromise occurred where a malicious version of Nx Console, the user interface for Nx and Lerna, was published to official marketplaces. The compromised version was available in the Visual...

9.8CVSS5.8AI score0.32065EPSS

Exploits1References20

CISA KEV Catalog•added 2026/05/27 12:0 a.m.•11 views

Nx Console Embedded Malicious Code Vulnerability

Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfuscated payload that could harvested credentials from multiple sources on disk and in memory...

9.8CVSS5.9AI score0.32065EPSS

In wildExploits1

VulnCheck KEV•added 2026/05/27 12:0 a.m.•11 views

VulnCheck KEV: CVE-2026-48027

9.8CVSS5.8AI score0.32065EPSS

In wildExploits1References3

The Hacker News•added 2026/05/25 2:13 p.m.•20 views

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should've patched years ago. Good times...

7.1CVSS7AI score0.00007EPSS

Exploits4

The Hacker News•added 2026/05/21 4:27 a.m.•15 views

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code VS Code extension. The development comes as the Nx team revealed that the extensio...

5.9AI score

Exploits0

The Hacker News•added 2026/05/19 7:49 a.m.•8 views

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code VS Code Marketplace. The extension in question is rwl.angular-console version 18.95.0, a popular user interface and plugin for code editors like VS Code,...

6.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by