CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 2026/06/09 12:0 a.m.•7 views

TIFF/DNG Metadata Scanner for Structural Validation and Suspicious Tag Detection

This C program implements a lightweight metadata scanner for TIFF-based DNG files that performs basic structural validation and heuristic analysis of Image File Directory IFD entries. The tool reads TIFF headers, enumerates metadata tags, and evaluates entries against simple consistency rules to...

5.5AI score

Packet Storm News•added 2026/06/02 12:0 a.m.•13 views

Windows BITS Jobs Persistence Scanner

This is a Windows BITS Job auditing tool that scans all Background Intelligent Transfer Service BITS tasks using bitsadmin, then analyzes them for suspicious behavior such as executable downloads, command execution cmd.exe, powershell, and remote URLs. It classifies jobs as normal or suspicious a...

6AI score

Packet Storm News•added 2026/06/01 12:0 a.m.•27 views

Espanso 2.3.0 Configuration Security Auditor

This Python script implements a security auditing tool for Espanso configuration files. The EspansoSecurityAuditor class scans Espanso match configurations for potentially dangerous shell commands, insecure permissions, and suspicious execution patterns that could indicate malicious automation or...

OSV•added 2026/05/28 12:0 a.m.•8 views

MAL-2026-4908 Malicious code in @cloudplatform-single-spa/dataplatform-flink (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

OSSF Malicious Packages•added 2026/05/20 8:31 a.m.•8 views

Malicious code in @semacode/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28a3662b8e26593b7bfec35d4d4f02595144885ee738891c4c9e6a89f9e50fbb The bundled CLI dist/index.js contains a hardcoded outbound POST to https://sema.otimitare.online combined with reads of process.env and...

OSV•added 2026/05/20 8:31 a.m.•13 views

MAL-2026-4434 Malicious code in @semacode/cli (npm)

Packet Storm News•added 2026/05/20 12:0 a.m.•10 views

FuzzingBrain V2: A Multi-Agent LLM System for Automated Vulnerability Discovery and Reproduction

Software vulnerabilities pose critical security threats, with nearly 50,000 CVEs reported in 2025. While Large Language Models LLMs show promise for automated vulnerability detection, three key challenges remain. First, LLM-generated vulnerability reports suffer from high false positive rates and...

Imperva Blog•added 2026/05/06 6:28 p.m.•8 views

Your Redis Server Looks Fine. That’s the Problem.

Introduction There’s an automated attack circulating right now that breaks into unprotected Redis servers, takes over the underlying machine, and then carefully puts everything back the way it found it. It restores the database filename. It deletes the tools it used. It detaches from the...

10CVSS7.5AI score0.9967EPSS

Exploits8

Snyk•added 2026/05/04 1:43 a.m.•3 views

Malicious Package

Overview temhe-dev is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: DSA: Avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one that supports UC filtering and MC filtering as a DSA master for a randomly selected DSA switch, the following...

5.3AI score0.00166EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the cleanup flow for mlx5eprivinit. When mlx5eprivinit fails, the cleanup flow calls mlx5eselqcleanup, which in turn calls mlx5eselqapply. This ensures that priv-statelock is held using lockdepisheld. The statelo...

5.5CVSS5.8AI score0.00253EPSS

Exploits0References2

OSSF Malicious Packages•added 2026/04/06 9:11 a.m.•7 views

Malicious code in commerce-utils (npm)

Malicious package due to data exfiltration to a suspicious host, combined with arbitrary code execution during preinstall. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bb3d6d3a8a8898abe7e371e54753d5902a5062151888ccff6c656f5edac6ba6 The package commerce-utils...

6.5AI score

OSV•added 2026/04/06 9:11 a.m.•5 views

MAL-2026-2497 Malicious code in commerce-utils (npm)

6.3AI score

OSSF Malicious Packages•added 2026/03/24 9:8 a.m.•5 views

Malicious code in @wame/ngx-frf-utilities (npm)

Malicious package due to JS obfuscation, dynamic code execution, OS/DNS access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfa63e93a0b5a6ead3de9d3680bb75a023c43b59c6db80e0072b6a239cb7d5da The package...

OSSF Malicious Packages•added 2026/03/24 9:8 a.m.•5 views

Malicious code in @wame/ngx-adfs (npm)

Malicious package due to hex obfuscation, dynamic module loading, process access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee67ae68f066d11c3e0625e260c588df3d43384ae91fe74292977ea5304684d9 The package...

OSV•added 2026/03/24 9:8 a.m.•3 views

MAL-2026-2411 Malicious code in @wame/ngx-adfs (npm)