CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5a2fff48804ddfb5297954a2040eb8f90fd5ca36c31568a46d56d860ecf47148 The OpenSSF Package Analysis project identified 'react-media-template-ts' @ 10.0.1 npm as malicious. It is considered malicious because: - The...

7AI score

Exploits0

OSSF Malicious Packages•added 2025/08/29 2:40 p.m.•3 views

Malicious code in react-media-template-ts (npm)

6.9AI score

Exploits0

Veracode•added 2025/08/29 4:6 a.m.•5 views

Sensitive Information Exposure

@workos-inc/authkit-react-router is vulnerable to Sensitive Information Exposure. The vulnerability is due to authentication artifacts such as sealedSession and accessToken being returned from the authkitLoader and rendered into browser HTML, which allows an attacker to obtain sensitive session...

7.1CVSS7AI score0.00181EPSS

Exploits0References3Affected Software1

CNNVD•added 2025/08/29 12:0 a.m.•2 views

Payload 授权问题漏洞

Payload is a Headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Payload suffers from an authorization issue vulnerability that stems from SQLite adapters reusing identifiers during account creation, which could lead to a session fixation attack...

5.3CVSS6.4AI score0.00088EPSS

Exploits0References4

CNNVD•added 2025/08/29 12:0 a.m.•3 views

Payload 代码问题漏洞

Payload is a Headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Payload has a code issue vulnerability that stems from JWT not being invalidated after logout, which could lead to token reuse...

6.3CVSS6.7AI score0.0006EPSS

Exploits0References4

OSV•added 2025/08/28 11:32 a.m.•1 views

MAL-2025-42129 Malicious code in pp-react-grid (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71193da54e6cdc258489d02db5987830a3bc147cbf9b43236f5757cab04f9c73 The OpenSSF Package Analysis project identified 'pp-react-grid' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/28 11:32 a.m.•3 views

Malicious code in pp-react-grid (npm)

7.2AI score

Exploits0

OSV•added 2025/08/28 11:25 a.m.•2 views

MAL-2025-42130 Malicious code in pp-react-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb754d012bc21065e6e4e5d42668a8b226bb1c18d2f8ef04c9ce6a2a8b9f1c47 The OpenSSF Package Analysis project identified 'pp-react-icons' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/28 11:25 a.m.•4 views

Malicious code in pp-react-icons (npm)

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/28 7:35 a.m.•4 views

Malicious code in onnxruntime-reactnative-example (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

OSV•added 2025/08/28 7:35 a.m.•2 views

MAL-2025-41587 Malicious code in onnxruntime-reactnative-example (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

OSV•added 2025/08/23 2:28 p.m.•3 views

MAL-2025-41295 Malicious code in heft-storybook-react-tutorial (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9aaa15f8740a436b59266355d59bb470dfd605d6260dc307a40ef50e20f65939 The OpenSSF Package Analysis project identified 'heft-storybook-react-tutorial' @ 99.0.9 npm as malicious. It is considered malicious because: -...

7.3AI score

Exploits0

OSSF Malicious Packages•added 2025/08/23 2:28 p.m.•3 views

Malicious code in heft-storybook-react-tutorial (npm)

7.1AI score

Exploits0

OSV•added 2025/08/22 5:37 p.m.•1 views

MAL-2025-41405 Malicious code in react-event-tracker1 (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score

Exploits0

OSSF Malicious Packages•added 2025/08/22 5:37 p.m.•2 views