CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/15 9:52 p.m.•4 views

MAL-2026-5841 Malicious code in twrap-toolkit (PyPI)

6.6AI score

OSV•added 2026/06/08 10:22 p.m.•7 views

MAL-2026-5338 Malicious code in solana-web3-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af1a2f1a7c7e3bddb9c8d2fcb8a4c86a6755763c94b95b1eddb81f382318c432 Malicious typosquat impersonating the legitimate Solana Python SDK solana / solana-py and the JS @solana/web3.js. The package ships no SDK...

OSSF Malicious Packages•added 2026/06/08 10:22 p.m.•8 views

Malicious code in solana-web3-py (PyPI)

OSSF Malicious Packages•added 2026/06/08 10:21 p.m.•10 views

Malicious code in solana-cli-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80ee640ddeeacc31a125ec0fcc11dcb5f9a23e18f5ed003ce2dfcb1de8bbe1dd On import solanaclipy, the package's top-level init.py unconditionally invokes report, which harvests standard developer-side secret material and POS...

OSV•added 2026/06/08 10:21 p.m.•10 views

MAL-2026-5336 Malicious code in solana-cli-py (PyPI)

OSSF Malicious Packages•added 2026/06/08 10:20 p.m.•7 views

Malicious code in solana-web3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4967ebad2d1f4f5802ef50f1d399c05c4dfab94a208079695570b15ffef0fdd2 On import, solana-web3/init.py executes a credential-stealer payload. After a sandbox-evasion gate checks for 12-hex Docker hostname, /.dockerenv, an...

OSSF Malicious Packages•added 2026/06/08 10:19 p.m.•9 views

Malicious code in spl-token-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e05ba3043dc87365ee0b1dc44cc58243b34b6cdccdf258c5bb9218a06a65d336 On import spltokenpy, the package's init.py collects sensitive files from the installer's machine — /.config/solana/id.json Solana wallet key,...

OSSF Malicious Packages•added 2026/06/04 10:27 p.m.•8 views

Malicious code in arjson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00290c05e0c41a8f51d38c629ade5b3fe76f2a89302db8daac669b0c80d13197 package.json declares "preinstall": "./.github/scripts/precheck", which on npm install executes a 976KB UPX-packed Linux ELF binary shipped under...

OSSF Malicious Packages•added 2026/06/04 10:27 p.m.•11 views

Malicious code in weavedb-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...

OSV•added 2026/06/04 10:27 p.m.•8 views

MAL-2026-5191 Malicious code in wdb-core (npm)

OSV•added 2026/06/04 10:27 p.m.•9 views

MAL-2026-5193 Malicious code in javascript-yaml (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security d83c3b506a10b770a8c1f98d280262478cccc65708bb1066a72e0708dccaaf75 This malicious package is part the IronWorm campaign. This campaign executes a malicious binary payload during installation via a preinsta...

OSSF Malicious Packages•added 2026/05/21 12:0 a.m.•11 views

Malicious code in crypto-credential-scanner (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

5.9AI score

Exploits0References16

OSSF Malicious Packages•added 2026/05/21 12:0 a.m.•9 views

Malicious code in polymarket-trader (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

OSSF Malicious Packages•added 2026/05/21 12:0 a.m.•7 views

Exploits0References1

Malicious code in polymarket-copy-trading (npm)

OSSF Malicious Packages•added 2026/05/20 2:34 a.m.•8 views

Malicious code in cb-wallet-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d076ee3d487c7c10f785494c4391e39eb327b696224d5653746144fa5ac8d37 Package name 'cb-wallet-data' targets a presumed Coinbase-internal namespace and is published by an unaffiliated party. Both postinstall.js npm insta...

OSV•added 2026/05/20 2:34 a.m.•6 views

Exploits0References1

MAL-2026-4506 Malicious code in cb-wallet-data (npm)

OSSF Malicious Packages•added 2026/05/14 7:25 p.m.•8 views

Exploits0References1

Malicious code in exxpress-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 378e423b00c08a371fbae1c77360685d2277e502e9875caa53fb20f58a39f396 The package name exxpress-tool is a one-character edit of the widely-used express package. On npm install, the declared scripts.postinstall runs...

5.9AI score

OSV•added 2026/05/14 7:25 p.m.•9 views

MAL-2026-3762 Malicious code in exxpress-tool (npm)

5.9AI score

OSSF Malicious Packages•added 2026/05/14 7:25 p.m.•7 views

Malicious code in joi-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ca38e3574ffcb0fabb105616e28108137c8256e2c70aeede59623bca5df496a The package declares a postinstall hook "postinstall": "node postinstall.js" in package.json that runs unconditionally on npm install. The script's o...