CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

140 matches found

The Hacker News•added 2026/05/13 1:0 p.m.•10 views

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its targeting. The activity has been attributed by Bitdefender with moderate-to-hig...

vulnersOsv•added 2026/04/22 6:30 a.m.•5 views

cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)

org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2026-22746 Source advisory: OSV:GHSA-VXF7-QJ7Q-83FH...

3.7CVSS5.8AI score0.00067EPSS

Talos Blog•added 2026/03/05 11:0 a.m.•24 views

UAT-9244 targets South American telecommunication providers with three new malware implants

Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat APT actor closely associated with Famous Sparrow. Since 2024, UAT-9244 has targeted critical telecommunications infrastructure, including Windows and Linux-based endpoints and edge...

vulnersOsv•added 2026/02/27 9:30 a.m.•3 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), cn.sparrowmini:sparrow-keycloak-adapter (>=0.0.1 <=0.0.2) +319 more potentially affected by CVE-2026-0871 via org.keycloak:keycloak-server-spi-private (>=20.0.0 <=26.5.1)

org.keycloak:keycloak-server-spi-private MAVEN version =20.0.0, =0.1.0, =0.0.1, =1.5.1, =1.5.1, =1.6.2, =1.6.2, =1.5.2, =1.5.2, =1.7.2, =1.7.2, =1.0.22, =1.0.22, =1.4.3, =1.4.3, =1.2.9, =1.5.0 and more Source cves: CVE-2026-0871 Source advisory: OSV:GHSA-V4JW-M6RM-399H...

4.9CVSS5.8AI score0.00012EPSS

OSSF Malicious Packages•added 2025/11/11 10:56 p.m.•2 views

Malicious code in distant_sparrow_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c25a0c4960dc7bd1a39eee8c455f8ccd66d6776a94b0a39f363f087c48f8bfed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/11 10:56 p.m.•1 views

MAL-2025-132859 Malicious code in distant_sparrow_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c25a0c4960dc7bd1a39eee8c455f8ccd66d6776a94b0a39f363f087c48f8bfed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 8:46 p.m.•1 views

EUVD-2025-106756

Malicious code in communistsparrowz3n npm...

OSV•added 2025/11/11 8:46 p.m.•0 views

MAL-2025-125570 Malicious code in communist_sparrow_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b75b0dad5b53913fb1de270cd6e978e8f26b95899b430a536f6f6751b07bf7e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 8:11 p.m.•0 views

EUVD-2025-95455

Malicious code in religioussparrowz3n npm...

EUVD•added 2025/11/11 8:11 p.m.•2 views

EUVD-2025-94889

Malicious code in superbsparrowz3n npm...

EUVD•added 2025/11/11 3:19 p.m.•1 views

EUVD-2025-93374

Malicious code in absolutesparrowz3n npm...

EUVD•added 2025/11/11 7:47 a.m.•2 views

EUVD-2025-74092

Malicious code in wastefulsparrowsilver-100 npm...

OSV•added 2025/11/11 7:47 a.m.•1 views

MAL-2025-112460 Malicious code in wasteful_sparrow_silver-100 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bff70a908a569cf7421f04e615098827279c8631d80bab9a60b56de5e6fc3918 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 7:44 a.m.•2 views

EUVD-2025-76989

Malicious code in eligiblesparrow-appteadev npm...

EUVD•added 2025/11/11 7:44 a.m.•2 views

EUVD-2025-77343

Malicious code in christiansparrow-silentdev npm...

EUVD•added 2025/11/11 7:44 a.m.•1 views

EUVD-2025-77399

Malicious code in broadsparrow-smiletea npm...

EUVD•added 2025/11/11 7:44 a.m.•1 views

EUVD-2025-74935

Malicious code in bigsparrow-apptea npm...

OSSF Malicious Packages•added 2025/11/11 7:44 a.m.•2 views

Malicious code in glad_sparrow-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5af3c7cb6fe510034762662a82e74a6593fd27ba892c374eb5f8a35b6ddd4aa8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 7:44 a.m.•1 views

EUVD-2025-75955

Malicious code in priorsparrow-appteadev npm...

EUVD•added 2025/11/11 7:44 a.m.•0 views

EUVD-2025-75339

Malicious code in unnecessarysparrow-silentdev npm...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by