CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/12 12:20 a.m.•4 views

Malicious code in @squawk/flight-math (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0595c498e25ed96bb0a13cf8ce777df0977f4c1580aadfddfcb0eaf1ae3d7915 The package @squawk/flight-math was found to contain malicious code. Source: ghsa-malware...

5.8AI score

Exploits0References6

OSV•added 2026/03/17 3:9 a.m.•0 views

MAL-2026-1489 Malicious code in asset-delivery (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff566136dd4e76e6bc8da12a23345712a57b375d3d0586ee36922cc0ffbbf880 The package asset-delivery was found to contain malicious code. Source: ghsa-malware ce9daf86327543018f44899bd8967bf2b927d6f1d9267b6726281b5ea0765868...

5.7AI score

OSSF Malicious Packages•added 2026/03/03 4:8 a.m.•5 views

Malicious code in ethglobal-finale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08bdc506129e3fb599d1bb0f5c3a369199b3f58ecda5d8c869d47f25847da6ad The package ethglobal-finale was found to contain malicious code. Source: ghsa-malware 051d643dd2d78f5cfda5a7945e560297dae2d0d8abe72d2b1725846b34951f...

5.7AI score

OSV•added 2026/02/03 1:59 a.m.•4 views

MAL-2026-656 Malicious code in jshint-groups (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cf7ad9a58a15b025d84def4a32761ec77338fbcda7ef3ae459602eacfaf4595 The package jshint-groups was found to contain malicious code. Source: ghsa-malware fe1d6fde4a749fdb784071c856d26761b12fdceffae0020f2492a4a845eb04f4...

5.5AI score

OSV•added 2026/01/06 1:43 p.m.•2 views

MAL-2026-88 Malicious code in evm-gateway-contracts-private (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d7fcec6a0025a21ed0b14bdd643dc22965e7c3ccd6dee0bfa6bf3285b97aac The package evm-gateway-contracts-private was found to contain malicious code. Source: ghsa-malware...

6.8AI score

OSV•added 2025/12/22 9:0 a.m.•1 views

MAL-2026-169 Malicious code in secguest-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae83c0c9ae4ffab006e7b6d1833b54dfb5386dedf3e94dedf500b3af1dc82d1c The package secguest-lib was found to contain malicious code. Source: ghsa-malware 62ef36b4b0912fdc42b94702acf5c8e48b06cb2d3370113c3c875479aacd5e9f A...

7AI score

OSSF Malicious Packages•added 2025/11/24 10:44 p.m.•3 views

Malicious code in bidirectional-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9232b33b143ce14e500ddb0d725a5b646a180ad4bd7dbf1fc8890baefdd22f95 The package bidirectional-adapter was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2025/10/29 11:0 p.m.•2 views

Exploits0References10

Malicious code in eslint-disable-next-line (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c260c70270e5f716b6e8197913327633d64aa0ee2e18ebde88c8f53f06893c62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score

Exploits0References4

OSV•added 2025/10/28 2:1 a.m.•0 views

MAL-2025-48939 Malicious code in types-lodash.es (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ad198ed6efdd1d7367a198d4b5c761b7ecf5421158cf8cce424a4f693598f1f The package types-lodash.es was found to contain malicious code. Source: ghsa-malware cd47d05a7a2bdd9fbd2f267aaeb6664d79583714a396f493858e926e1cc25f0...

OSSF Malicious Packages•added 2025/10/27 4:18 p.m.•2 views

Malicious code in sreadmin-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b2b51756599b7bbc43536b940ffec7c6c41643e17ababeb1e976c191e166a0b The package sreadmin-base was found to contain malicious code. Source: ghsa-malware 14efd7a15525321ad3633779f0074512b8ca809312a5093e4d1be2e33a5219bb...

7AI score

OSSF Malicious Packages•added 2025/10/20 3:52 a.m.•3 views

Malicious code in tailwind-setting (npm)

The package tailwind-setting was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 850a3c165ca8ecb1060d82506ab99a36786c8a41575310ee91507065a46d313d Any computer that has this package installed or running should be considered fully...

OSSF Malicious Packages•added 2025/10/07 12:24 a.m.•2 views

Malicious code in mcp-server-fixthis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4109cd9a0c196b277a25ff70ae8b8a81ee61aaac82c1d77bbb4e743496508e03 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/09/15 10:26 p.m.•2 views

Malicious code in @nstudio/web-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19e2b2f064a728f3b2e6564cef5f7c00fc9a166f8a2e97291041de79f3b572c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/09/15 2:27 a.m.•3 views

Exploits0References6

MAL-2025-47193 Malicious code in newrelic-infra-operator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d13f7915d1227dc54cc2f1481a151b94b159d4ec2941d00db71133b636b5ed1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/09/11 5:54 a.m.•1 views

MAL-2025-47089 Malicious code in sos-models (npm)

The package sos-models was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7171745aec44dc0f96e3426f39966e6f22281703919bc10a7a161efef9b928cf Any computer that has this package installed or running should be considered fully compromise...

OSSF Malicious Packages•added 2025/07/28 2:19 a.m.•2 views

Malicious code in uidraftism (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57170f8a04ef1c34750c5fb4781b9af9071ce8936e4a5fc61225e5919acecf36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/07/17 11:54 p.m.•2 views

Malicious code in sol-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f54238c3d0c543a0c99cd8dbe4ffee1a2ffe0ca8230dbd0c7a8f521259f38339 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/06/10 2:59 a.m.•4 views

Malicious code in iceberg-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80881b9c9051ea4744eeccd8038c44bb7bf6fd18b1535d8319cdf556cca76282 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/06/04 12:15 a.m.•3 views

Malicious code in plugin-svg-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 824299b29c64a19455bcdc235b9c2726b1ae00b364f8a549bb972a1be842eb43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...