Lucene search
+L

85886 matches found

Circl
Circl
added 2026/06/19 12:48 p.m.8 views

CVE-2021-34619

creationtimestamp| type| source ---|---|--- 2026-06-19 12:48:06+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/560975b7-612c-4b84-9b6a-36796c7450d9 2026-06-23 14:04:03+00:00| exploited|...

8.8CVSS7.3AI score0.00719EPSS
Exploits2References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 11:38 a.m.11 views

Malicious code in fastercoding (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c302e448868fcff3110a45d20b53d9d887cfb5aa31bb66df90702f2767246b4 The package exposes a single public function run re-exported from init.py which, on Windows, downloads BackgroundSyncService.exe from...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/19 11:38 a.m.21 views

MAL-2026-6208 Malicious code in fastercoding (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c302e448868fcff3110a45d20b53d9d887cfb5aa31bb66df90702f2767246b4 The package exposes a single public function run re-exported from init.py which, on Windows, downloads BackgroundSyncService.exe from...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 10:38 a.m.14 views

Malicious code in fastercode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14de4534d4cf2290f5f54bc5929fa799b73dff2e6a03aa879ade141dfc6ea054 The package advertises itself as a Python performance helper "Make your Python code run faster" and exposes a single public function run. On Windows,...

6AI score
Exploits0References5
OSV
OSV
added 2026/06/19 10:38 a.m.12 views

MAL-2026-6206 Malicious code in fastercode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14de4534d4cf2290f5f54bc5929fa799b73dff2e6a03aa879ade141dfc6ea054 The package advertises itself as a Python performance helper "Make your Python code run faster" and exposes a single public function run. On Windows,...

6AI score
Exploits0References5
OSV
OSV
added 2026/06/19 5:1 a.m.9 views

MAL-2026-6192 Malicious code in nodepathbalance54 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5ade836e7f92049242a01dbc0782900900c4e28eb7e08f9d9ebc611aab80762 nodepathbalance54 exports a single function nodeaxionweb whose implementation is hidden inside a hand-rolled stack-based JavaScript VM in index.js...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:1 a.m.13 views

Malicious code in nodepathbalance54 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5ade836e7f92049242a01dbc0782900900c4e28eb7e08f9d9ebc611aab80762 nodepathbalance54 exports a single function nodeaxionweb whose implementation is hidden inside a hand-rolled stack-based JavaScript VM in index.js...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 9:35 p.m.17 views

Malicious code in dotenv-sync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c91932ecf0decc2b900d3e3cd6effe3c4cb1c4ec5ddfd98cde2460facf9f7ae1 On Windows, src/envsync/init.py lines 39-44 unconditionally calls ctypes.CDLL on a bundled 2.9MB PE file parser.pyd at top-level import, wrapped in...

6.1AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 9:32 p.m.14 views

Malicious code in syncagents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aebf468a6887fb09002d4ae4aceab77e347034b389b02e252844f7d0d81fabd6 The PyPI package 'syncagents' impersonates the legitimate PyPI package 'agentsync' — the README, PKG-INFO, CHANGELOG, and project URLs all point at...

5.9AI score
Exploits0References6
OSV
OSV
added 2026/06/17 9:32 p.m.21 views

MAL-2026-6083 Malicious code in syncagents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aebf468a6887fb09002d4ae4aceab77e347034b389b02e252844f7d0d81fabd6 The PyPI package 'syncagents' impersonates the legitimate PyPI package 'agentsync' — the README, PKG-INFO, CHANGELOG, and project URLs all point at...

5.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 7:9 a.m.16 views

Malicious code in telegram-lite-grabber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aad489fe689e441f3237d052bb24702e3178fca26564e662b060c0a8d01fe5f9 Package is named 'telegram-lite-grabber', a name strongly suggestive of a tool intended to harvest Telegram credentials or session data. No concrete...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/17 7:9 a.m.10 views

MAL-2026-6051 Malicious code in telegram-lite-grabber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aad489fe689e441f3237d052bb24702e3178fca26564e662b060c0a8d01fe5f9 Package is named 'telegram-lite-grabber', a name strongly suggestive of a tool intended to harvest Telegram credentials or session data. No concrete...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 3:1 a.m.14 views

Malicious code in solana-js-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 855cf386497f33e21db48ae8b87c769fd777f52b585f3d8d5f276fd4c9d42628 Package masquerades as a 'Drop-in replacement for @solana/web3.js' and lists its author as 'Solana Labs Maintainers ' to impersonate the legitimate...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/16 3:1 a.m.11 views

MAL-2026-5860 Malicious code in solana-js-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 855cf386497f33e21db48ae8b87c769fd777f52b585f3d8d5f276fd4c9d42628 Package masquerades as a 'Drop-in replacement for @solana/web3.js' and lists its author as 'Solana Labs Maintainers ' to impersonate the legitimate...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/16 3:0 a.m.9 views

MAL-2026-5861 Malicious code in solana-mev-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65516d3e042858742ebfee878ff2de6361994ce0155dcbf53c8e0f24cd5fafb bot.js performs a hardcoded HTTPS GET to api.telegram.org's bot sendMessage endpoint, transmitting host fingerprint data collected via os.hostname,...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 3:0 a.m.14 views

Malicious code in solana-mev-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65516d3e042858742ebfee878ff2de6361994ce0155dcbf53c8e0f24cd5fafb bot.js performs a hardcoded HTTPS GET to api.telegram.org's bot sendMessage endpoint, transmitting host fingerprint data collected via os.hostname,...

5.3AI score
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2026-36972

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-40732

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.30 views

CVE-2026-40732 WordPress Notification for Telegram plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

7.1CVSS0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.24 views

CVE-2026-40732

CVE-2026-40732 affects the WordPress plugin Notification for Telegram (versions ≤ 3.5). The issue is an unauthenticated Cross Site Scripting (XSS) vulnerability, with the root cause not explicitly described in the provided documents. The Patchstack entry assigns a CVSS v3.1 base score of 7.1 (HIG...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Rows per page
Query Builder