CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

OSV•added 2026/04/26 7:6 p.m.•0 views

MAL-2026-3051 Malicious code in shopify-app-extension-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf25a3a07b9adf8865f783819176d646b7c5485aeb1539422555bf596abfeaa7 The package shopify-app-extension-template was found to contain malicious code. Source: ossf-package-analysis...

5.4AI score

Exploits0

OSSF Malicious Packages•added 2026/04/26 7:6 p.m.•3 views

Malicious code in shopify-app-extension-template (npm)

5.3AI score

Exploits0

Snyk•added 2025/12/30 4:12 p.m.•1 views

Malicious Package

Overview shopify-app-react-router is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score

Exploits0References2

OSSF Malicious Packages•added 2025/12/30 4:12 p.m.•5 views

Malicious code in shopify-app-react-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d58b68abe183faeee5b24e4b524d982d1c78881c8d0c48dd847411bf8fc087e6 The package shopify-app-react-router was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References1

OSV•added 2025/12/30 4:12 p.m.•2 views

MAL-2025-192977 Malicious code in shopify-app-react-router (npm)

6.8AI score

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-27145

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.00055EPSS

Exploits1References2

RedhatCVE•added 2025/09/10 12:34 a.m.•8 views

CVE-2025-55998

A cross-site scripting XSS vulnerability in Smart Search & Filter Shopify and BigCommerce apps allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into several filter parameter...

8.1CVSS6.1AI score0.00055EPSS

Exploits1References1

NVD•added 2025/09/08 3:15 p.m.•4 views

CVE-2025-55998

8.1CVSS0.00055EPSS

Exploits1References2

Cvelist•added 2025/09/08 12:0 a.m.•7 views

CVE-2025-55998

0.00055EPSS

Exploits1References2

CVE•added 2025/09/08 12:0 a.m.•14 views

CVE-2025-55998

CVE-2025-55998 is an XSS in Mezereon Smart Search & Filter apps for Shopify and BigCommerce. The vulnerability stems from lack of input sanitization in filter parameters, allowing remote attackers to inject JavaScript (e.g., via mz.color or similar filters) and execute in a user’s browser. Impact...

8.1CVSS5.7AI score0.00055EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2025/09/08 12:0 a.m.•4 views

PT-2025-36477

Name of the Vulnerable Software and Affected Versions: Smart Search & Filter Shopify App version 1.0 Description: A cross-site scripting XSS vulnerability exists in Smart Search & Filter Shopify App. A remote attacker can execute arbitrary JavaScript in a user's web browser by including a malicio...

8.1CVSS5.9AI score0.00055EPSS

Exploits1References5

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in shopify-app-express (npm)

The package shopify-app-express was found to contain malicious code...

7AI score

Exploits0

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in shopify-app-session-storage-memory (npm)

The package shopify-app-session-storage-memory was found to contain malicious code...

7AI score

Exploits0