CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

OSSF Malicious Packages•added 2025/09/16 7:53 a.m.•3 views

Malicious code in ember-velcro (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb2c22cbb7ab559c0ac1e61418ae224e561beacb9571166240b4c5249a098dbb Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score

Exploits0References7

OSV•added 2025/09/16 7:53 a.m.•2 views

MAL-2025-47311 Malicious code in ember-velcro (npm)

7.1AI score

Exploits0References7

vulnersOsv•added 2025/09/15 7:39 a.m.•3 views

@crowdstrike/ember-toucan-core (>=0.3.0 <=0.4.6), @frontile/buttons (=0.18.0-alpha.5) +13 more potentially affected by unknown CVE via ember-velcro (=2.2.0)

ember-velcro NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ember-velcro and may be impacted: - @crowdstrike/ember-toucan-core =0.3.0, =0.17.0-alpha.0, =0.17.0, =0.17.0, =0.17.0, =9.4.0, =8.3.0, =0.1.0, =0.0.4, =0.17.0, =0.0.4, =0.0...

5.5AI score

Exploits0

Snyk•added 2025/09/15 7:39 a.m.•3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score

Exploits0References2

OSSF Malicious Packages•added 2025/09/05 4:38 p.m.•3 views

Malicious code in @ember-velcro/monorepo-root (npm)

The package @ember-velcro/monorepo-root was found to contain malicious code...

7AI score

Exploits0

OSV•added 2025/09/05 4:38 p.m.•1 views

MAL-2025-42485 Malicious code in @ember-velcro/monorepo-root (npm)

The package @ember-velcro/monorepo-root was found to contain malicious code...

7AI score

Exploits0