Lucene search
K

3726 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.11 views

Malicious code in @cloudplatform-single-spa/advanced (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.14 views

Malicious code in @cloudplatform-single-spa/aifactory-notebooks (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.14 views

MAL-2026-4894 Malicious code in @cloudplatform-single-spa/certificate-manager (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.19 views

Malicious code in @cloudplatform-single-spa/timescale-db (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.10 views

MAL-2026-4959 Malicious code in @cloudplatform-single-spa/pangolin (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.10 views

MAL-2026-4950 Malicious code in @cloudplatform-single-spa/mlspace-access-request (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.12 views

MAL-2026-4886 Malicious code in @cloudplatform-single-spa/airflow (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.13 views

MAL-2026-4983 Malicious code in @cloudplatform-single-spa/svp-images (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.7 views

MAL-2026-4919 Malicious code in @cloudplatform-single-spa/event-bus (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.9 views

MAL-2026-4921 Malicious code in @cloudplatform-single-spa/evolution (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.10 views

MAL-2026-4956 Malicious code in @cloudplatform-single-spa/opensearch (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.10 views

MAL-2026-4952 Malicious code in @cloudplatform-single-spa/monitoring (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/28 12:0 a.m.10 views

MAL-2026-4899 Malicious code in @cloudplatform-single-spa/container-registry (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.9 views

MAL-2026-4914 Malicious code in @cloudplatform-single-spa/dns (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.8 views

MAL-2026-5001 Malicious code in @cloudplatform-single-spa/vpc (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.10 views

MAL-2026-5014 Malicious code in @mlspace/dtransfer-history (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.11 views

MAL-2026-4980 Malicious code in @cloudplatform-single-spa/svp-draas (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.11 views

MAL-2026-4937 Malicious code in @cloudplatform-single-spa/ml-ai-agents-marketplace (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.27 views

Malicious code in @cloudplatform-single-spa/dataplatform-metastore (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
CVE
CVE
added 2026/05/27 12:56 p.m.30 views

CVE-2026-46014

CVE-2026-46014 is a Linux kernel vulnerability affecting KVM/SVM where save/restore of LBR and DEBUGCTL MSRs was incomplete. The issue arose because MSR_IA32_DEBUGCTLMSR and LBR MSRs were not included in the msrs_to_save_base list and could not be set/restored properly, breaking save/restore acro...

5.5CVSS5.8AI score0.00093EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder