Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/06/01 7:4 a.m.5 views

MAL-2026-5163 Malicious code in @emcd-vue/auth (npm)

Part of a coordinated multi-package supply-chain attack impersonating EMCD emcd.io, a legitimate Russian cryptocurrency exchange and mining pool. The attacker registered the @emcd-vue npm scope to pose as an internal Vue.js front-end tooling package from "EMCD Platform Engineering." The package...

6AI score
Exploits0References2
OSV
OSVadded 2026/05/26 8:6 a.m.16 views

MAL-2026-4788 Malicious code in @godscene/web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1bd83a63f0426cc7c4e1a68886c36ff47de093d9b7edc6b410d16c928be50c1 Package @godscene/[email protected] is a re-bundled copy of the legitimate @midscene/web at the same version, preserving the original description, README,...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/25 6:8 p.m.10 views

Malicious code in @service-suppliers/set_selected_supplier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eba319282947a6dfb83a31cec6127e62594cc16160bd9c74cee3feee349c4b07 The postinstall hook in scripts/postinstall.js performs two independently-blocking actions on every npm install. First, it scrapes installer-side...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/20 3:22 a.m.6 views

Malicious code in @tailwind-core/oxide-win32-x64-msvc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d93cb69a6f12f5739ab03d78641f2a79179750b6182f65ba5b8fb8ec4a1399bc The package name @tailwind-core/oxide-win32-x64-msvc impersonates the legitimate Tailwind CSS scope @tailwindcss published by tailwindlabs. The READM...

6AI score
Exploits0References1
OSV
OSVadded 2026/05/20 3:22 a.m.5 views

MAL-2026-4449 Malicious code in @tailwind-core/oxide-win32-x64-msvc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d93cb69a6f12f5739ab03d78641f2a79179750b6182f65ba5b8fb8ec4a1399bc The package name @tailwind-core/oxide-win32-x64-msvc impersonates the legitimate Tailwind CSS scope @tailwindcss published by tailwindlabs. The READM...

6AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/07/11 12:0 a.m.2 views

PT-2024-40300 · Surrealdb · Surrealdb

Name of the Vulnerable Software and Affected Versions: SurrealDB versions prior to 1.5.4 SurrealDB versions prior to 2.0.0-alpha.6 Description: The issue arises when an authenticated scope user switches working databases in a session using the use method or USE clause. If a user record with an...

5.3CVSS7.3AI score
Exploits0References5
Rows per page
Query Builder