CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/06/09 9:42 p.m.•10 views

Malicious code in bittensor-emission-tracker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca5db94f9840938f43eca692c1176b72bbd94a2f86a694c3293853f39b886a2f The package advertises Bittensor subnet burn-rate monitoring but ships a Cython-compiled darwin.so core.cpython-310-darwin.so containing an...

OSV•added 2026/06/09 9:42 p.m.•8 views

MAL-2026-5489 Malicious code in bittensor-emission-tracker (PyPI)

OSV•added 2026/06/09 4:55 p.m.•10 views

MAL-2026-5457 Malicious code in tao-subnet-metrics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e068049248bc5c0b4fc56cb68f5453aedf6d6cb494df9d8bba82ccc2da3eb3ad Package advertises itself as a Bittensor TAO subnet burn-rate Telegram alert tool, but the compiled extension...

5.5AI score

OSSF Malicious Packages•added 2026/06/09 4:55 p.m.•11 views

Malicious code in tao-subnet-metrics (PyPI)

5.5AI score

OSSF Malicious Packages•added 2026/06/08 6:25 p.m.•8 views

Malicious code in bittensor-burn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99f546bfd362dae8aed49775bf13961c3540c29ef6fa54f484bf57e978d775be The package markets itself as a Bittensor burn-rate monitor but ships a compiled native module bittensorburnwatch/core.cpython-.so that reads the...

OSV•added 2026/06/08 6:25 p.m.•7 views

MAL-2026-5331 Malicious code in bittensor-burn (PyPI)

OSV•added 2026/06/08 3:33 p.m.•12 views

MAL-2026-5330 Malicious code in bittensor-burn-alert (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e89dc9ff0a5d334b67a01c572c036b0740adf6d8669d2fa25c241a0c098116 The package advertises itself as a Bittensor subnet burn-rate monitor but bundles a covert clipboard surveillance daemon in its compiled core module...

OSSF Malicious Packages•added 2026/06/08 10:41 a.m.•7 views

Exploits0References3

Malicious code in bt-burn-watch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94719a61950dd5cacc26b288c1fe8ef0d12f0e93720b4f1aa98cdf84ff148f0d Package advertises Bittensor subnet burn-rate monitoring but the compiled core module's own docstring describes itself as a 'clipboard logger +...

5.5AI score

OSV•added 2026/06/07 10:42 a.m.•12 views

MAL-2026-5292 Malicious code in bittensor-burn-watch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16180f1609731d35398f11dbfcb328826d2e39a7acf42fc256b563512645e6e5 Package advertises itself as a Bittensor subnet burn-rate monitor but bundles a live TELEGRAMBOTTOKEN and TELEGRAMCHATID in...

OSSF Malicious Packages•added 2026/06/07 10:34 a.m.•13 views

Exploits0References4

Malicious code in clip-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ee6244e4630a085f305c933f50283a232dda9e0d8e0ba3bab2bb880e53a736d The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard a...

5.6AI score

OSV•added 2026/06/07 10:34 a.m.•10 views

MAL-2026-5293 Malicious code in clip-logger (PyPI)

5.6AI score

OSSF Malicious Packages•added 2026/05/24 2:14 a.m.•6 views

Malicious code in solidity-coverage-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44e5a7775aa2bbde61d35a548198d976f9bdc6e9b11de33a2e28f6a6a9929de6 Package name impersonates the well-known solidity-coverage Hardhat plugin sc-forks and ships a verbatim copy of the upstream README. On...

HackRead•added 2026/05/17 11:55 a.m.•11 views

Exploits0References3

Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases

Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases...

OSV•added 2026/05/14 7:25 p.m.•5 views

Exploits0

MAL-2026-3772 Malicious code in rimraf-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a59d88d733415216903578b3c3806d76405a23a7cca56ee355eb6725e4e930d4 [email protected] impersonates the widely-installed rimraf package index.js is a dummy stub that internally identifies itself as 'lodash-js — Just a...

OSV•added 2026/05/14 7:24 p.m.•6 views

Exploits0References3

MAL-2026-3758 Malicious code in dotenvv-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79fd33c6e511ab11f10b1dae91e2f083f486dd020bbf2dca5256eabc904f61b7 Package name dotenvv-tool impersonates the popular dotenv package; index.js is an admitted dummy stub "The real payload is in postinstall.js". The...

CNNVD•added 2026/05/12 12:0 a.m.•6 views

Exploits0References5

JunoClaw 信息泄露漏洞

JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions prior to JunoClaw 0.x.y-security-1 contained an information leakage vulnerability. This vulnerability stemmed from the fact that each MCP write tool accepted mnemonic phrases as explicit tool invocation parameters,...

9.8CVSS5.8AI score0.00225EPSS

OSSF Malicious Packages•added 2026/05/08 9:4 a.m.•8 views

Malicious code in eth-wallet-kit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b0cce18986ec63fd689844cfc29b4023837d71b35b173a9cb08476c7575fcf2 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score

OSV•added 2026/05/08 9:4 a.m.•5 views

MAL-2026-3389 Malicious code in eth-wallet-kit (PyPI)

5.9AI score

OSSF Malicious Packages•added 2026/05/08 9:3 a.m.•7 views

Malicious code in wallet-scanner-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c24dfc47c3ee1d37f4d7ec65a43d1f861422d7fb3ee6f8e8b6e6a85fe2b5120 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score