CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/06/15 10:21 a.m.•8 views

CVE-2026-12057 DoS + Remote Code Execution via PDF JavaScript in Foxit AI

8.6CVSS5.7AI score0.00129EPSS

OSV•added 2026/05/26 4:36 a.m.•8 views

MAL-2026-4357 Malicious code in helu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15a97c1f0e23d838c86d69a3ceae306071a9b4b8c17162a1f563aefe489ffbe4 During import, the hidden code downloads and executes the second-stage code. After performing anti-analysis checks, it downloads a malicious executable and...

5.9AI score

OSV•added 2026/03/11 12:41 p.m.•3 views

MAL-2026-1342 Malicious code in collectables (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e007c43e26edb912325f1478ec6cd5cd838b5d7e5ae62beedd3baa02638b3dc4 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6.1AI score

OSV•added 2026/03/11 10:17 a.m.•3 views

MAL-2026-1341 Malicious code in collects (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fc7f98d0c4c092f4eb4a73240f8c7a5df90717853ee408fefa9eeb09a41d2cae Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6.1AI score

OSSF Malicious Packages•added 2026/02/20 6:59 a.m.•11 views

Malicious code in printrables (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 062cd723b198a3d0af641a78b343642653fb80f4cbf527be765bb4e520cbd3ed Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.9AI score

OSV•added 2026/01/22 9:34 p.m.•4 views

MAL-2026-470 Malicious code in urlsssser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 242b446cd6cce908f668bfc1b199aa8f54a9ee1138b399ea6012f3b2bd2624e8 Package does not contain malicious code, but was published as a part of the malicious campaign and is used during further infection stages --- Category:...

5.6AI score

OSSF Malicious Packages•added 2025/12/09 8:1 a.m.•6 views

Malicious code in graphsync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dbb10327d6553750848c2b849abba1ed717438928a6cfdc148b73de73db8e9db This is a malicious copy of the networkx package. It contains an obfuscated script that downloads and runs further scripts from one of multiple locations, and...

7.3AI score

OSSF Malicious Packages•added 2025/12/08 2:14 p.m.•6 views

Malicious code in graphnode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 981903800087e4528bba3ec6bb841e810feaedfa490e7f078fcac9c9d663e4ce This is a malicious copy of the networkx package. It contains an obfuscated script that downloads and runs further scripts from one of multiple locations, and...

7.3AI score

OSV•added 2025/12/08 2:14 p.m.•5 views

MAL-2025-192376 Malicious code in graphnode (PyPI)

7.2AI score

OSSF Malicious Packages•added 2025/11/24 6:30 p.m.•5 views

Malicious code in jsonschemex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21f678f82847db32c68ab5a95a827f755d13b5d4cd371667eb584f25ed28ed01 Malicious clone of a legitimate package with hidden code that downloads the next stage scripts. Analysed payloads had just exfiltrated basic infos --- Category...

7.3AI score

OSV•added 2025/11/24 6:30 p.m.•3 views

MAL-2025-191769 Malicious code in jsonschemex (PyPI)

7.2AI score

RedHat Linux•added 2025/11/12 2:34 a.m.•4 views

squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling

A Information Disclosure vulnerability has been identified in the Squid web caching proxy. This flaw occurs when the application fails to properly redact sensitive Hypertext Transfer Protocol HTTP authentication credentials from an error response. A remote client can exploit this by triggering an...

10CVSS5.8AI score0.6332EPSS

Exploits1References6

CNNVD•added 2025/10/08 12:0 a.m.•3 views

Web Developer for Chrome 安全漏洞

Web Developer for Chrome is a browser developer extension by Chris Pederick Personal Developer. A security vulnerability exists in Web Developer for Chrome version 0.4.9, which stems from malicious code that generates a domain name and obtains remote scripts via DGA, which could lead to user-leve...

9.3CVSS6.9AI score0.00488EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2009-0264

Malware in sbrugna...

4.3CVSS6.1AI score0.01562EPSS

Exploits0References11

Cvelist•added 2025/01/07 2:52 a.m.•17 views

CVE-2025-22395

Dell Update Package Framework, versions prior to 22.01.02, contains a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of...

8.2CVSS0.00194EPSS

Vulnrichment•added 2025/01/07 2:52 a.m.•13 views

CVE-2025-22395

8.2CVSS7.2AI score0.00194EPSS

CNNVD•added 2025/01/07 12:0 a.m.•4 views

Dell Update Package Framework 安全漏洞

Dell Update Package Framework is a framework for updating system components from Dell USA. The product focuses on providing installers for drivers, applications, BIOS, and firmware. The Dell Update Package Framework suffers from a local elevation of privilege vulnerability that originates from a...

8.2CVSS7.3AI score0.00194EPSS

CNNVD•added 2024/08/28 12:0 a.m.•3 views

HyperView Geoportal Toolkit 安全漏洞

HyperView Geoportal Toolkit is a Map application in a Web browser from HyperView, Inc. A security vulnerability exists in HyperView Geoportal Toolkit version 8.2.4 and prior versions, which arises from an unrestricted cross-domain request for remote content pointed to by a GET request parameter,...

6.5CVSS6.7AI score0.0035EPSS