CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

136 matches found

OSSF Malicious Packages•added 3 days ago•8 views

Malicious code in align_rest_api (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a3b4fd5fe3e581dc76f4fbe187da4427e159ff73a717a99c2f519af87ca7b2c8 The OpenSSF Package Analysis project identified 'alignrestapi' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The packa...

OSV•added 2026/05/21 8:21 p.m.•0 views

MAL-2026-4230 Malicious code in cryptoco-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46f83b7a7a5e28fe4fadbd72b0d38ff322210501ef54807160a13b7d797e6c68 On require, index.js opens TCP connections to the cloud link-local metadata address 169.254.169.254 across ports 80, 443, 8080, 3000, 5432, and 6379,...

Exploits0References9

OSSF Malicious Packages•added 2026/05/17 3:19 p.m.•10 views

Malicious code in claude-code-base-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3000eab5b77e9247ae3dc1125384eaeb03ecdae7ecd17fe30ee6216a6a87c686 The package claude-code-base-action was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/16 4:22 a.m.•6 views

Malicious code in @zentrafinance/types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa8866d3eaa828e8b575d8351ed3430237e14f71bb1af0acc90c468a7e8b8cb The package @zentrafinance/types was found to contain malicious code. Source: ghsa-malware...

Exploits0References1

OSV•added 2026/05/13 11:31 p.m.•1 views

MAL-2026-3721 Malicious code in npmjs_ethers-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 44bf066109e89ee5929d905131a51645ca3fa95245ea078f5f727412e2f39a40 The OpenSSF Package Analysis project identified 'npmjsethers-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

OSSF Malicious Packages•added 2026/05/08 10:5 a.m.•6 views

Malicious code in @gaia-codesearch/gaia-api-typescript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59cc0f371f067ea9c6f0bbe7076f9f33181d8e1ae55c43ff05ae2b854de41549 The package @gaia-codesearch/gaia-api-typescript was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/06 9:15 a.m.•5 views

Malicious code in money-badger-open-rpc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a9d70a5231934ee14ab33334a3de0db40d5520fb4ef092a5a24cbdffff9751e The package money-badger-open-rpc was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/04 10:10 a.m.•3 views

Malicious code in @t-in-one/save_application_hid_to_storage (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/02 9:5 a.m.•0 views

MAL-2026-3233 Malicious code in apexomni (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a53c153f68abdc118a92f4c3a13c2ad21e0d098bdf5e7cf57e679e467b226c06 The package apexomni was found to contain malicious code. Source: ghsa-malware 8ec8450f87a6c99576d96e1c59179c61ef89603915c8d003af0f5f6992348092 Any...

Exploits0References1

OSV•added 2026/04/29 9:15 p.m.•2 views

MAL-2026-3184 Malicious code in @breezeai-frontend/tailwind-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93dd597412bdae22d265ee51f76a40cefa637f09bdf73cb7ede9ac63daf05ac8 The package @breezeai-frontend/tailwind-config was found to contain malicious code. Source: ghsa-malware...

Exploits0References1

OSV•added 2026/04/27 2:25 p.m.•2 views

MAL-2026-3111 Malicious code in @apple-pay-trust/authorize-payment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6403670e0f9573b88d997609a27ef3630ca5d0442446368011a1980a1b56298 The package @apple-pay-trust/authorize-payment was found to contain malicious code. Source: ghsa-malware...

Exploits0References1

OSV•added 2026/04/26 12:39 p.m.•0 views

MAL-2026-3067 Malicious code in @ozon-complt/split (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c1f495268eb36a5d6c7f43e110ffb8cb58953bce375fdb4e6feb02818b3ce0 The package @ozon-complt/split was found to contain malicious code. Source: ghsa-malware...

Exploits0References1

OSV•added 2026/04/23 2:35 p.m.•2 views

MAL-2026-3017 Malicious code in react-spa-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43b35510ff33bc6f887152176f91fb63f2a336c8822c151ac6039ccced83c96b The package react-spa-npm was found to contain malicious code. Source: ghsa-malware c9044f471d6c131db0da2c97994b81cd8d2680486695f42dec152b2b23f5e0be...

Exploits0References1

OSSF Malicious Packages•added 2026/04/19 8:46 a.m.•3 views

Malicious code in sy-editor-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cbd7c2056a09f76b9e73fbd0dae4370df9df455077146ae85b6b985b0394d4f The package sy-editor-v3 was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/04/16 5:35 p.m.•3 views

Malicious code in lightweight-charts-4.1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7a7bcf5678b42c2da20ad8e444066092ac3a9c17a6c8867a034717d1d8c344 The package lightweight-charts-4.1 was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/03/29 11:50 a.m.•4 views

Malicious code in f0-state-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 989b5f62777b6b7fbd236eb28a54b0e42ba48548dc0a49919c5f311c1f1c7072 The package f0-state-manager was found to contain malicious code. Source: ossf-package-analysis...

OSV•added 2026/03/15 5:45 a.m.•1 views

MAL-2026-1427 Malicious code in @3stripes/helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43a7574944c393165544faca6357fd6ce623ef66d2b9b367a3042f34eae4f81b The package @3stripes/helpers was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/03/15 5:45 a.m.•4 views

Malicious code in @3stripes/api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1644f08d12a97a4daeeca3e4195d91585bdbe1a8c2085fa918a92427cf1ee99f The package @3stripes/api-client was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/03/04 2:2 p.m.•3 views

Malicious code in @get-wrecked/overlay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3f69fb73aa68e8345f0c5b8a87578c3eac0a11576be46084e983aa24d911f07 The package @get-wrecked/overlay was found to contain malicious code. Source: ghsa-malware...

Exploits0References1

OSSF Malicious Packages•added 2026/02/28 12:53 p.m.•6 views

Malicious code in bps-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f41e4d6abfba5f03e914140b0b171314ef8a614e3e03ff9685325532260a745 The package bps-design-system was found to contain malicious code. Source: ossf-package-analysis...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by