Lucene search
K

202 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 4:4 a.m.16 views

Malicious code in bucket-protocol-sdk-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e19ff8a6cb5a08bd0561658d41dfe3616f1680bc5acac989c97da38f37ee41b4 bucket-protocol-sdk-v2 advertises itself as a 'community maintained drop-in replacement' for the Sui ecosystem's bucket-protocol-sdk, but its src/ tr...

5.9AI score
Exploits0References7
OSV
OSV
added 2026/05/20 4:4 a.m.8 views

MAL-2026-4502 Malicious code in bucket-protocol-sdk-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e19ff8a6cb5a08bd0561658d41dfe3616f1680bc5acac989c97da38f37ee41b4 bucket-protocol-sdk-v2 advertises itself as a 'community maintained drop-in replacement' for the Sui ecosystem's bucket-protocol-sdk, but its src/ tr...

5.9AI score
Exploits0References7
OSV
OSV
added 2026/05/04 9:42 p.m.7 views

GHSA-QPRH-M6P3-HWXC `sui-execution-cut` was removed from crates.io for malicious code

sui-execution-cut included a build script that attempted to exfiltrate data from the build machine. The malicious crate had 1 version published on 2026-04-20 and had no evidence of actual usage. This crate had no dependencies on crates.io...

5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.15 views

PT-2026-37360

sui-execution-cut included a build script that attempted to exfiltrate data from the build machine. The malicious crate had 1 version published on 2026-04-20 and had no evidence of actual usage. This crate had no dependencies on crates.io...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/04/23 12:0 p.m.14 views

RUSTSEC-2026-0108 `sui-execution-cut` was removed from crates.io for malicious code

sui-execution-cut included a build script that attempted to exfiltrate data from the build machine. The malicious crate had 1 version published on 2026-04-20 and had no evidence of actual usage. This crate had no dependencies on crates.io...

5.8AI score
Exploits0References2
RustSec
RustSec
added 2026/04/23 12:0 p.m.23 views

`sui-execution-cut` was removed from crates.io for malicious code

sui-execution-cut included a build script that attempted to exfiltrate data from the build machine. The malicious crate had 1 version published on 2026-04-20 and had no evidence of actual usage. This crate had no dependencies on crates.io...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/03 4:8 a.m.11 views

Malicious code in xpack-sui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6569d492596cfa28e2627bd747ac4bd380bf9ff0e7ce0d931036e5f8de9ed276 The package xpack-sui was found to contain malicious code. Source: ghsa-malware 3fab32aa3396f63ec52f77a3d6ba319776c90390afa1264937a1537dde583443 Any...

5.7AI score
Exploits0References2
Snyk
Snyk
added 2026/03/03 4:8 a.m.5 views

Malicious Package

Overview xpack-sui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/03/03 4:8 a.m.5 views

MAL-2026-1161 Malicious code in xpack-sui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6569d492596cfa28e2627bd747ac4bd380bf9ff0e7ce0d931036e5f8de9ed276 The package xpack-sui was found to contain malicious code. Source: ghsa-malware 3fab32aa3396f63ec52f77a3d6ba319776c90390afa1264937a1537dde583443 Any...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/27 8:1 a.m.9 views

Malicious code in @row-components/pricing-embedded-sui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63928e8cf0861bfa8d3def2e822d818c038315c0a9d5918b6f27aeaab7ec9e3a The package @row-components/pricing-embedded-sui was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/01/27 8:1 a.m.6 views

Malicious Package

Overview @row-components/pricing-embedded-sui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization a...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/01/27 8:1 a.m.5 views

MAL-2026-526 Malicious code in @row-components/pricing-embedded-sui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63928e8cf0861bfa8d3def2e822d818c038315c0a9d5918b6f27aeaab7ec9e3a The package @row-components/pricing-embedded-sui was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.15 views

CVE-2019-2239

Sanity checks are missing in layout which can lead to SUI Corruption or can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

5.5CVSS7.4AI score0.00175EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/12/31 6:30 a.m.6 views

atomkraft (>=0.0.1 <=0.1.2), bitcoin-utils (>=0.6.1 <=0.7.1) +14 more potentially affected by CVE-2025-69277 via hdwallet (>=0.2.0 <=3.4.0)

hdwallet PYPI version =0.2.0, =0.0.1, =0.6.1, =1.3.6, =0.1.5, =0.1.4, =0.1.6, =0.1.0, =0.1.0, =0.0.2, =0.2.3, =0.1.0, =5.1.0, =0.3.0, =0.5.0a1 and more Source cves: CVE-2025-69277 Source advisory: OSV:GHSA-MRFV-M5WM-5W6W...

4.5CVSS5.8AI score0.00166EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/12/25 9:51 a.m.176 views

sui_vulnerable_vault

I will update this project in the future. Now, we have to co...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/26 2:42 a.m.7 views

@0xfutbol/id (>=2.0.0 <=2.0.200), @0xkamal7/sui-agent (>=1.1.2 <=1.1.5) +1689 more potentially affected by CVE-2025-66020 via valibot (>=0.31.0-rc.4 <=1.1.0)

valibot NPM version =0.31.0-rc.4, =2.0.0, =1.1.2, =1.2.0-pre.92, =1.2.0-pre.24, =1.2.0-pre.24, =0.0.1, =0.0.1, =0.0.1, =1.2.0-pre.64, =0.0.1, =0.0.1, =0.5.9, =0.5.18, =0.0.2-beta.0, =0.1.1-beta.1, =0.2.0 and more Source cves: CVE-2025-66020 Source advisory: SNYK:JS-VALIBOT-14122017...

7.5CVSS5.7AI score0.00289EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/11/13 1:4 p.m.6 views

Fake Chrome Extension "Safery" Steals Ethereum Wallet Seed Phrases Using Sui Blockchain

Cybersecurity researchers have uncovered a malicious Chrome extension that poses as a legitimate Ethereum wallet but harbors functionality to exfiltrate users' seed phrases. The name of the extension is "Safery: Ethereum Wallet," with the threat actor describing it as a "secure wallet for managin...

6.7AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.2 views

EUVD-2025-136107

Malicious code in tanura-sui-dafunhai npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.1 views

EUVD-2025-140026

Malicious code in munufafai-sui-cagaffs npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.1 views

EUVD-2025-136102

Malicious code in tanura-sui-daufaa npm...

6.6AI score
Exploits0
Rows per page
Query Builder