Lucene search
K

172 matches found

vulnersOsv
vulnersOsv
added 2026/05/13 5:22 p.m.6 views

10minions-engine (>=0.0.1 <=0.0.4), @0xr404/lol404 (>=1.1.0 <=1.1.6) +3276 more potentially affected by CVE-2026-45740 via protobufjs (>=7.0.0 <=7.5.6)

protobufjs NPM version =7.0.0, =0.0.1, =1.1.0, =1.0.1-beta.0, =0.0.2-beta.0, =1.0.0, =1.5.10, =0.10.1, =1.1.0, =6.0.0, =2.0.2, =3.3.2 and more Source cves: CVE-2026-45740 Source advisory: SNYK:JS-PROTOBUFJS-16657755...

7.5CVSS5.7AI score0.00263EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.6 views

PT-2026-34555

Impact The staking contract accepts UpdateValidator transactions that set new voting key=Some... while omitting new proof of knowledge. this skips the proof-of-knowledge requirement that is needed to prevent BLS rogue-key attacks when public keys are aggregated. Because tendermint macro block...

6.8CVSS5.8AI score0.00201EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2026/04/14 10:18 a.m.98 views

starknet-staking_audit1

Markdown https://dev.to/rdin777/starknet-btc-staking-how-to-ext...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/12 11:47 p.m.8 views

Malicious code in bitu-staking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adb12160da2b84d2f9c21c6d5f3a2d803e574fcf593e9d84da3b5e8cbbdef96e The package bitu-staking was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/12 11:47 p.m.7 views

MAL-2026-2915 Malicious code in bitu-staking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adb12160da2b84d2f9c21c6d5f3a2d803e574fcf593e9d84da3b5e8cbbdef96e The package bitu-staking was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
Snyk
Snyk
added 2026/02/03 3:33 a.m.2 views

Malicious Package

Overview hemi-btc-staking-actions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/23 6:12 p.m.10 views

Malicious code in hemi-btc-staking-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19073a10f9ea03f132e59a88b1c0a694120c696aa0be4824281160c7bfffb56 The package hemi-btc-staking-actions was found to contain malicious code. Source: ghsa-malware...

5.4AI score
Exploits0References1
EUVD
EUVD
added 2026/01/23 6:12 p.m.8 views

EUVD-2026-4516

Malicious code in hemi-btc-staking-actions npm...

5.5AI score
Exploits0
OSV
OSV
added 2026/01/23 6:12 p.m.5 views

MAL-2026-496 Malicious code in hemi-btc-staking-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19073a10f9ea03f132e59a88b1c0a694120c696aa0be4824281160c7bfffb56 The package hemi-btc-staking-actions was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2025/11/24 11:49 p.m.4 views

EUVD-2025-199275

Malicious code in quickswap-default-staking-list-address npm...

6.6AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 11:49 p.m.2 views

EUVD-2025-199276

Malicious code in quickswap-default-staking-list npm...

6.6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 11:49 p.m.7 views

Malicious code in quickswap-default-staking-list (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43e55808d092f76fd5927721525051ffdb180520c3f2b7ae26fb3d626931c9f9 The package quickswap-default-staking-list was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 11:34 p.m.2 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper enforcement of the SIGHASH value in the signature verification process. An attacker can submit non-compliant signatures that are incorrectly accepted as valid by providing...

6.9CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/11/24 8:33 p.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 8:33 p.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/10/21 6:4 p.m.0 views

Use of a Cryptographic Primitive with a Risky Implementation

Overview Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation in the handling of precompiles in the BalanceHandler that can cause prevEventsLen to be overwritten. An attacker can compromise the integrity or confidentiality of the system ...

9.3CVSS6.7AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2214

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00618EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/29 6:55 p.m.4 views

Malicious code in eth-liquid-staking-sdk (npm)

The package eth-liquid-staking-sdk was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/29 6:55 p.m.2 views

MAL-2025-41978 Malicious code in eth-liquid-staking-sdk (npm)

The package eth-liquid-staking-sdk was found to contain malicious code...

7AI score
Exploits0
Snyk
Snyk
added 2025/08/25 12:41 p.m.4 views

Malicious Package

Overview bittenso-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a typosquatting campaign targeting the Bittensor ecosystem. The goal of the attackers is to steal cryptocurrency fro...

9.3CVSS6.8AI score
Exploits0References3
Rows per page
Query Builder