CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/20 2:32 a.m.•8 views

Malicious code in vestibulect (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82da0f0bb40f42e69defbea694db093f2ad880c8c094508f61e2d7fe58550e2e package.json declares a postinstall hook "postinstall": "node install.js" which executes install.js automatically on npm install. install.js imports ...

5.8AI score

OSV•added 2026/05/20 2:32 a.m.•4 views

MAL-2026-4702 Malicious code in vestibulect (npm)

5.8AI score

OSV•added 2026/05/20 2:7 a.m.•3 views

MAL-2026-4517 Malicious code in chalk-tempalte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3e82f6fa2867575be5e57fd3b03dada6a93761c97b240f77f98f4b221bde7a7 Package name chalk-tempalte is a single-character transposition of the popular chalk-template package a top-tier npm utility, consistent with...

5.9AI score

Exploits0References6

ATTACKERKB•added 2026/05/19 9:23 a.m.•5 views

CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

5.9CVSS5.8AI score0.00054EPSS

OSV•added 2026/01/29 5:16 a.m.•3 views

CVE-2026-25067

SmarterTools SmarterMail versions prior to build 9518 contain an unauthenticated path coercion vulnerability in the background-of-the-day preview endpoint. The application base64-decodes attacker-supplied input and uses it as a filesystem path without validation. On Windows systems, this allows U...

5.3CVSS5.7AI score

RedhatCVE•added 2026/01/09 12:38 p.m.•5 views

CVE-2023-50441

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...

5.5CVSS7AI score0.00143EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-7692

Malware in sbrugna...

5.8CVSS5.8AI score0.00546EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 4:29 a.m.•3 views

CVE-2023-50443

Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 ANSSI qualification submission or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are open...

4.6CVSS7AI score0.00182EPSS

Exploits0

RedhatCVE•added 2025/05/23 12:57 a.m.•4 views

CVE-2022-43900

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827...

6.5CVSS6.2AI score0.00088EPSS

Prion•added 2023/12/13 9:15 p.m.•15 views

Design/Logic Flaw

2.1CVSS7.3AI score0.00182EPSS

NVD•added 2023/12/13 8:15 p.m.•15 views

CVE-2023-50441

5.5CVSS0.00143EPSS

Prion•added 2023/12/13 8:15 p.m.•11 views

Design/Logic Flaw

1.9CVSS7.3AI score0.00143EPSS

Vulnrichment•added 2023/12/13 12:0 a.m.•8 views

CVE-2023-50441

7.2AI score0.00143EPSS

Cvelist•added 2023/12/13 12:0 a.m.•13 views

CVE-2023-50443

5.1AI score0.00182EPSS

Cvelist•added 2023/12/13 12:0 a.m.•13 views

CVE-2023-50441

5.8AI score0.00143EPSS

CVE•added 2023/12/13 12:0 a.m.•21 views

CVE-2023-50441

CVE-2023-50441 affects PRIMX ZONECENTRAL for Windows: encrypted folders created before Q.2021.2 or before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference, potentially triggering outbound network traffic when folders are opened. The entry indicates a low attack com...

5.5CVSS5.5AI score0.00143EPSS