Lucene search
K

329 matches found

Snyk
Snyk
added 2026/06/12 3:0 p.m.11 views

Malicious Package

Overview web-dotenv is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/12 2:32 p.m.7 views

Malicious Package

Overview @malwguy/ecto-corsair-whisper-3d2a7c is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization a...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:0 p.m.8 views

Malicious Package

Overview solana-web3-fork is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:35 a.m.8 views

Malicious Package

Overview tailwindcss-merge is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/10 1:34 p.m.4 views

Malicious Package

Overview npmjsethers-common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/09 2:17 p.m.7 views

Malicious Package

Overview @doaction/systeminformation is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.5AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.11 views

CVE-2025-14972

Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. KSU keys using SYMCRYPTO will be impacted by this vulnerability...

4.1CVSS5.4AI score0.00146EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.14 views

Fedora 44 : pie (2026-e5d5fc359d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e5d5fc359d advisory. Version 1.4.5 This release contains vulnerability fixes for the following security advisories: - GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion...

6.4AI score
Exploits0References1
Snyk
Snyk
added 2026/05/29 10:2 p.m.10 views

Malicious Package

Overview erslove is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/28 1:39 p.m.9 views

Malicious Package

Overview @service-suppliers/setsuppliersdata is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization an...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/27 1:17 p.m.16 views

Malicious Package

Overview bulletproof-json is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/26 11:56 a.m.10 views

Malicious Package

Overview pdf-lib-enhanced is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/05/25 8:13 p.m.19 views

CVE-2026-48850

PuTTY 0.72 before 0.84 has a double free in RSA KEX...

5.9CVSS5.8AI score0.0032EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/25 9:5 a.m.10 views

Malicious Package

Overview ts-stream-compose is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/25 8:54 a.m.16 views

Malicious Package

Overview auth0-common-telemetry is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS5.8AI score
Exploits0References2
CVE
CVE
added 2026/05/21 6:53 p.m.19 views

CVE-2026-46473

Summary of CVE-2026-46473 : The issue affects the Perl module Authen::TOTP prior to version 0.1.1, where secrets are generated using Perl’s built‑in rand() function. This makes secret values predictable, undermining security for TOTP-based authentication. The practical impact is limited to implem...

7.5CVSS5.8AI score0.00416EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/15 11:24 a.m.8 views

Malicious Package

Overview thesecretofrunningbyhansvandijkronvanmegen02jsk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/15 10:40 a.m.8 views

Malicious Package

Overview apple-infra-gcp-leak is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/15 10:40 a.m.8 views

Malicious Package

Overview apple-security-internal-scanner-v3 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/12 11:23 a.m.8 views

Malicious Package

Overview jwscube is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder