Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/22 12:13 a.m.8 views

Malicious code in ignite-market-contractstest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9babd9b088785649368dbf885050b6a15b218a6b38d2dcd058f0c9eda5109da package.json declares a preinstall lifecycle hook that runs wget --quiet...

5.8AI score
Exploits0References2
OSV
OSVadded 2026/05/22 12:13 a.m.5 views

MAL-2026-4583 Malicious code in ignite-market-contractstest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9babd9b088785649368dbf885050b6a15b218a6b38d2dcd058f0c9eda5109da package.json declares a preinstall lifecycle hook that runs wget --quiet...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/21 9:6 a.m.8 views

Malicious code in http-uploader-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 936024fb65d6ab06a1f01fcd765b534812efb873f076e81303d87c0b141bba2b package.json declares "preinstall": "bun run index.js", which on npm install invokes Bun to run index.js. index.js detects the host OS and shells out...

6.2AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/12 7:44 a.m.9 views

Malicious code in 01-0redi7qgbz0uv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ceb633970757ab5d5ee0b64512c18d46be8402ac2169769101655a697ee5d6d the analysis found that this package has a garbage randomized name '01-0redi7qgbz0uv', empty description, placeholder test script, and an index.js th...

5.9AI score
Exploits0References1
OSV
OSVadded 2026/05/12 7:44 a.m.3 views

MAL-2026-3666 Malicious code in 01-0redi7qgbz0uv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ceb633970757ab5d5ee0b64512c18d46be8402ac2169769101655a697ee5d6d the analysis found that this package has a garbage randomized name '01-0redi7qgbz0uv', empty description, placeholder test script, and an index.js th...

5.9AI score
Exploits0References1
Rows per page
Query Builder