CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

184 matches found

ATTACKERKB•added 2026/04/23 12:14 a.m.•3 views

CVE-2026-41182

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redaction controls hideOutputs in JS, hideoutputs in Python do not apply to streaming token events. When ...

5.3CVSS5.8AI score0.00039EPSS

Exploits0References2Affected Software1

OSSF Malicious Packages•added 2026/03/20 4:32 a.m.•3 views

Malicious code in clob-client-sdks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d71cb09660dc0e81eb08d723da80d7cbe9f2390137596cfead83820db53f0674 The package clob-client-sdks was found to contain malicious code. Source: ghsa-malware 2ff610e554b6569926182810264eb97b765d9c2fde7e3a53fc3c8e16388b79...

5.7AI score

Exploits0References1

OSV•added 2026/03/20 4:32 a.m.•1 views

MAL-2026-1942 Malicious code in clob-client-sdks (npm)

5.7AI score

Exploits0References1

Snyk•added 2026/03/20 4:30 a.m.•2 views

Malicious Package

Overview clob-utils-sdks is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

Exploits0References2

OSSF Malicious Packages•added 2026/03/20 4:30 a.m.•2 views

Malicious code in clob-utils-sdks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f20ec3dfbb49223ad3bda64fdd9d0af3f65ea9e3c972fc04ad497f4ff39f30b9 The package clob-utils-sdks was found to contain malicious code. Source: ghsa-malware fea942e1b67d99fb05dcee5e06429f58255c03be72abcfd2d022c7c458f4dd8...

5.7AI score

Exploits0References1

OSV•added 2026/03/20 4:30 a.m.•0 views

MAL-2026-1943 Malicious code in clob-utils-sdks (npm)

5.7AI score

Exploits0References1

Packet Storm News•added 2026/03/02 12:0 a.m.•2 views

Exploiting PendingIntent Provenance Confusion to Spoof Android SDK Authentication

A single authentication bypass in a partner SDK grants attackers the identity of every partner in the ecosystem -- and millions of apps use SDKs with exactly this vulnerability. OWASP's 2024 Mobile Top 10 ranks Inadequate Supply Chain Security as the second most critical mobile risk, explicitly...

6AI score

Exploits0

CNNVD•added 2026/02/09 12:0 a.m.•2 views

LangSmith Client SDKs 代码问题漏洞

LangSmith Client SDKs are a developer toolkit open-sourced by LangChain. Versions of LangSmith Client SDKs prior to 0.6.3 and 0.4.6 contained code vulnerabilities. These vulnerabilities stemmed from the distributed tracking feature not verifying HTTP headers, which could lead to server-side reque...

5.8CVSS7.4AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:9 a.m.•7 views

CVE-2019-11554

The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service...

5.9CVSS6.8AI score0.00206EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-3225

Malware in sbrugna...

5.9CVSS6AI score0.00206EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-39623