CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2026/03/18 12:14 a.m.•2 views

Malicious Package

Overview test-pkg-x5 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score

OSSF Malicious Packages•added 2026/03/06 2:26 p.m.•7 views

Malicious code in test-mal-npm-pkg-not-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 803f42bec3cf0ba231262e882d9fb5def7e78c005b10e0c32edf60aecad5d9bf The package test-mal-npm-pkg-not-local was found to contain malicious code. Source: ghsa-malware...

5.7AI score

Snyk•added 2026/03/06 2:26 p.m.•1 views

Malicious Package

Overview test-mal-npm-pkg-not-local is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score

Snyk•added 2026/03/06 2:26 p.m.•4 views

Malicious Package

Overview test-mal-npm-pkg-local is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS5.8AI score

Snyk•added 2026/03/06 2:26 p.m.•3 views

Malicious Package

Overview test-mal-npm-pkg-2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

Fedora•added 2026/03/04 12:56 a.m.•5 views

[SECURITY] Fedora 43 Update: apt-3.1.15-2.fc43

This package provides commandline tools for searching and managing as well as querying information about packages as a low-level access to all features of the libapt-pkg library. These include: apt-get for retrieval of packages and information about them from authenticated sources and for...

6.9CVSS5.9AI score0.0004EPSS

Exploits1

OSV•added 2026/02/26 10:11 a.m.•2 views

MAL-2026-1044 Malicious code in awareness-demo-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 73d2724a4dc0c9e8d1439a29324b142a46c456e7d078ba90127777a59bf906d8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Oracle linux•added 2026/02/17 12:0 a.m.•5 views

edk2 security update

20241117-4.0.1.el97.3 - Replace upstream references Orabug:36569119 20241117-4.el97.3 - edk2-OvmfPkg-MemEncryptSevLib-Evict-cache-lines-during-SN.patch RHEL-125104 - edk2-MdePkg-Add-the-COHERENCYSFWNO-CPUID-bit-field.patch RHEL-125104 -...

7.5CVSS5.5AI score0.00041EPSS

Exploits0

OSV•added 2026/02/16 7:9 a.m.•5 views

MAL-2026-913 Malicious code in groq-ppe-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 517d20a09a1e53ce02484aa25ab2483ef75022e96f76d72fe3125bc1e16a359d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

OSSF Malicious Packages•added 2026/02/10 8:38 a.m.•5 views

Malicious code in testppe-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 49f139a3af58a80c706b3bc4b6c38676411528f34be00c79351705767f39eaa4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

OSV•added 2026/02/10 8:38 a.m.•3 views

MAL-2026-826 Malicious code in testppe-pkg (PyPI)

RedhatCVE•added 2026/02/04 6:9 p.m.•4 views

CVE-2025-61731

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

8.6CVSS5.3AI score0.00012EPSS

Exploits0References7

OSV•added 2026/01/31 8:43 a.m.•4 views

BIT-GOLANG-2025-61731 Arbitrary file write using cgo pkg-config directive in cmd/go

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...

7.8CVSS7.3AI score0.00012EPSS

Exploits0References5

Positive Technologies•added 2026/01/29 12:0 a.m.•5 views

PT-2026-5258

Name of the Vulnerable Software and Affected Versions TeamViewer DEX former 1E DEX versions prior to 24.5 Description A command injection issue exists in TeamViewer DEX formerly 1E DEX related to the 1E-Nomad-RunPkgStatusRequest instruction. Insufficient input validation allows attackers with...

6.8CVSS5.9AI score0.00087EPSS

Exploits0References5

OSV•added 2026/01/28 8:16 p.m.•2 views

CVE-2025-61731

7.8CVSS8.1AI score

Exploits0References4

OSV•added 2026/01/28 8:16 p.m.•2 views

AZL-78935 CVE-2025-61731 affecting package golang 1.25.7-1

7.8CVSS5.7AI score0.00012EPSS