Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

OSV
OSVadded 2026/04/07 6:14 p.m.2 views

GHSA-M34Q-H93W-VG5X OpenClaw: OpenShell mirror mode could delete arbitrary remote directories when roots were mis-scoped

Summary Before OpenClaw 2026.4.2, the OpenShell mirror backend accepted arbitrary absolute remoteWorkspaceDir and remoteAgentWorkspaceDir values. In mirror mode, those paths were then used as the target of remote cleanup and overwrite operations. Impact If an attacker could influence those...

6.9CVSS6AI score0.00058EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/04/07 6:14 p.m.4 views

OpenClaw: OpenShell mirror mode could delete arbitrary remote directories when roots were mis-scoped

Summary Before OpenClaw 2026.4.2, the OpenShell mirror backend accepted arbitrary absolute remoteWorkspaceDir and remoteAgentWorkspaceDir values. In mirror mode, those paths were then used as the target of remote cleanup and overwrite operations. Impact If an attacker could influence those...

8.1CVSS6.1AI score0.00058EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2025/10/09 9:8 p.m.3 views

MAL-2025-48181 Malicious code in redirect-kz5pf4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bc86fafc96a4a904d66dff816670e4e6fab529a6f1cc9b9179bcd6137f12f2f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2025/09/25 2:41 p.m.3 views

MAL-2025-47551 Malicious code in data-transaction-generates (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 007c6f3c1b4528d72b7c0ea38288fa1c87cecad48705e88597388b3b7353ef14 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/04 9:29 a.m.3 views

Malicious code in bsc-web3-bundler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2d03484f0d23a8270e14878fbc772aa9463ff4c69612a411ca078c52e1b19b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/11/08 12:6 a.m.3 views

Malicious code in ethens-name (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2587aaeff09cedb01639d066a033a97d01f1137b14788e741c56f5801b6f38b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/08/29 9:17 a.m.3 views

Malicious code in jest-preset-halo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dfc2dc8d28922810c8762769169e159199afd36350a743770e0088d5c54efbd7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/08/21 3:23 a.m.3 views

Malicious code in urs-remote (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32d0470f35ccd55fb33289039a2265e1aae264f539cc0358f9f21b3557d5ec5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/04/03 6:1 a.m.4 views

Malicious code in kemnasa-sp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11e53e1596af827447edef4919e4a6f003dcb35cfd0e674d6062c2a626982249 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/08/19 3:55 a.m.3 views

Malicious code in slughifvy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7ca842916d67596bdff521eb955f87ea1e9a8a0d4f6ba45527f8e2bb1e32515 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:24 p.m.4 views

Malicious code in arkane-network (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd4bdf74d453ff55a2e1f5eaa766aea9e2a9e375c08c3a4bc4f95b3248c1c3e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
The Hacker News
The Hacker Newsadded 2019/08/28 10:17 a.m.2 views

French Police Remotely Removed RETADUP Malware from 850,000 Infected PCs

The French law enforcement agency, National Gendarmerie, today announced the successful takedown of one of the largest wide-spread RETADUP botnet malware and how it remotely disinfected more than 850,000 computers worldwide with the help of researchers. Earlier this year, security researchers at...

7.4AI score
Exploits0
Rows per page
Query Builder