Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/24 7:40 p.m.9 views

Malicious code in @stockrepublic/republic-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 300b309644b646817c47a283d8b9aaa018e8ae0f59986207f55fd0c39dca872a The package masquerades as an internal @stockrepublic component version 99.0.0, description 'Runs git diff and saves the output to git.log on install...

5.8AI score
Exploits0References2
OSV
OSVadded 2026/04/11 5:55 p.m.2 views

MAL-2026-2560 Malicious code in @b2b-portal/uch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89eb419e1f7beb102007973e2d226cb2cb5f534096cbc2be8dc538324f3f19db The package @b2b-portal/uch was found to contain malicious code. Source: ghsa-malware e559f0d2d934ad98bda8c11ca6613644ecf3f2584bee7e75c7edf59ecda35d3...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/27 1:38 p.m.4 views

Malicious code in monolith-twirp-codingagentintegrations-codingagentintegrations (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 24ecd94ab40a4a1b574b48137b92d60ad65d610301ee07661c928706bd54c81b The OpenSSF Package Analysis project identified 'monolith-twirp-codingagentintegrations-codingagentintegrations' @ 1.0.2 rubygems as malicious. ...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/01/24 4:40 a.m.4 views

Malicious code in dropbox-tests (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6b91e399de2020315c4cb5a23b17d10a7d6a0e882e45bb2bb92a92ce4d9b59b3 The OpenSSF Package Analysis project identified 'dropbox-tests' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/11/07 10:35 p.m.4 views

Malicious code in uuid-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 67e9eea857d57488a09639cf7c62b2507c6f72aa291543d524e2dd9a86532a73 The OpenSSF Package Analysis project identified 'uuid-utils' @ 10.10.11 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/12/02 2:38 p.m.7 views

Malicious code in astar-e2e-tests (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9c7d3b2f90649e2315bacb152ef9917066857fd46b3240dca8dfa09ae075df60 The OpenSSF Package Analysis project identified 'astar-e2e-tests' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/10/24 2:22 p.m.3 views

Malicious code in i18next-ext (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4e71c3a73449651c3bbbef4cc540bb5df6e12736e304e95a5a64f2c0c9f55189 The OpenSSF Package Analysis project identified 'i18next-ext' @ 1.6.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
Rows per page
Query Builder