CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/10/24 2:13 a.m.•3 views

Malicious code in useradm-enterprise (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce2bcbfbdffbf03bd25822f3d63f902505a6edc5efb3ef610fce41007b8620b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD•added 2025/10/24 2:13 a.m.•1 views

EUVD-2025-35753

Malicious code in useradm-enterprise npm...

6.6AI score

OSSF Malicious Packages•added 2025/10/24 2:13 a.m.•2 views

Malicious code in useradm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24e5e47f716e1c63744a02d8c2704930bd59cb6b296800dc847bd394dc381cf6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/10/24 2:13 a.m.•1 views

MAL-2025-48588 Malicious code in useradm-enterprise (npm)

OSV•added 2025/10/24 2:13 a.m.•1 views

MAL-2025-48587 Malicious code in useradm (npm)

Snyk•added 2025/10/24 2:13 a.m.•1 views

Malicious Package

Overview useradm-enterprise is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-21985

Malware in sbrugna...

7.5CVSS7.5AI score0.00208EPSS

Exploits0References3

OSV•added 2021/08/27 10:15 a.m.•12 views

CVE-2021-35342

The useradm service 1.14.0 in Northern.tech Mender Enterprise 2.7.x before 2.7.1 and 1.13.0 in Northern.tech Mender Enterprise 2.6.x before 2.6.1 allows users to access the system with their JWT token after logout, because of missing invalidation if the JWT verification cache is enabled...

7.5CVSS6.8AI score0.00208EPSS

NVD•added 2021/08/27 10:15 a.m.•7 views

CVE-2021-35342

7.5CVSS0.00208EPSS

Prion•added 2021/08/27 10:15 a.m.•14 views

Code injection

4.3CVSS7.5AI score0.00208EPSS

Exploits0References2Affected Software1

CVE•added 2021/08/27 9:52 a.m.•38 views

CVE-2021-35342

The CVE-2021-35342 issue affects the useradm service in Northern.tech Mender Enterprise: version 1.14.0 (2.7.x line before 2.7.1) and 1.13.0 (2.6.x before 2.6.1) allow an authenticated user to continue accessing the system after logout when the JWT verification cache is enabled, due to missing in...

7.5CVSS7.4AI score0.00208EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/08/27 9:52 a.m.•11 views

CVE-2021-35342

7.7AI score0.00208EPSS

CNNVD•added 2021/08/27 12:0 a.m.•2 views

useradm 代码问题漏洞

useradm is a microservice used to manage user data and authentication in the Mender ecosystem. A security vulnerability exists in useradm that stems from service credentials not being invalidated, allowing users to access the system with their JWT token after logging out. The following products a...

7.5CVSS7.3AI score0.00208EPSS