CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2026/06/22 12:0 a.m.•29 views

📄 OpenBSD sppp_pap_input PAP Authentication Bypass

OpenBSD suffers from a PAP authentication bypass vulnerability via a zero-length bcmp. All versions through 7.6 are affected. ------------------------------------------------------------------------ OpenBSD sppppapinput: PAP Authentication Bypass via Zero-Length bcmp...

5.8AI score

Packet Storm•added 2026/06/22 12:0 a.m.•40 views

📄 Worksnaps.net Worksnaps Hardcoded Root Cloud Credentials

Silver Leaf Technologies - Worksnaps.net Worksnaps suffers from a hardcoded credential vulnerability. Several application binaries contained hardcoded credentials, such as AWS access keys and S3 bucket names, which granted access to the production environment. Those hardcoded AWS cloud credential...

9.3CVSS5.9AI score0.00388EPSS

Exploits1

OSSF Malicious Packages•added 2026/06/21 4:21 p.m.•9 views

Malicious code in hyperpure-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47dd43b980c7b5e3230ee57e6974d40804e54997ed88877ced301402dbcdef4c Package impersonates a Zomato internal namespace name hyperpure-core, repository URL pointing to github.com/zomato/hyperpure-core while shipping a...

OSV•added 2026/06/21 4:21 p.m.•10 views

MAL-2026-6250 Malicious code in hyperpure-core (npm)

GithubExploit•added 2026/06/21 4:16 p.m.•64 views

create-poc-template-skills

create-poc-template 中文 A skill for AI coding...

10CVSS5.9AI score0.99766EPSS

Exploits37

OSSF Malicious Packages•added 2026/06/21 4:11 p.m.•8 views

Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

OSV•added 2026/06/21 4:11 p.m.•9 views

MAL-2026-6254 Malicious code in zomato-sushi (npm)

OSV•added 2026/06/21 4:11 p.m.•7 views

MAL-2026-6252 Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

OSSF Malicious Packages•added 2026/06/21 4:11 p.m.•8 views

Malicious code in zomato-logger (npm)

GithubExploit•added 2026/06/21 2:31 p.m.•54 views

Exploit for Infinite Loop in Pypdf_Project Pypdf

CVE-2026-24688 - pypdf - Circular Reference DoS Vulnerability...

5.1CVSS5.9AI score0.00388EPSS

Exploits2

GithubExploit•added 2026/06/21 2:31 p.m.•64 views

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

10CVSS7.9AI score0.97875EPSS

Exploits40

GithubExploit•added 2026/06/21 2:30 p.m.•43 views

Exploit for Eval Injection in Xwiki

CVE-2025-24893 - XWiki Unauthenticated RCE Exploit POC ⚠️ U...

9.8CVSS7.7AI score0.99898EPSS

Exploits50

GithubExploit•added 2026/06/21 2:14 p.m.•40 views

elevate-kit

elevate-kit Local privilege escalation enumeration scripts fo...

5.9AI score

OSSF Malicious Packages•added 2026/06/21 1:38 p.m.•9 views

Malicious code in jsonschema-viewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3692022b4caf5ac51d868aaae58e793520ac3bd36703841eb615942baf85bb87 The package's only function — main in src/jsonschemaviewer/main.py, registered as the jsonschema-viewer console script — invokes os.system to fetch a...

6.2AI score

Exploits0References3

OSV•added 2026/06/21 1:38 p.m.•5 views

MAL-2026-6248 Malicious code in jsonschema-viewer (PyPI)

6.2AI score

Exploits0References3

GithubExploit•added 2026/06/21 1:32 p.m.•53 views

github-trending-xss-vulnerability-scanner

XSS Vulnerability Scanner Plugin Comprehensive cross-site scr...

5.7AI score