Lucene search
K

531 matches found

vulnersOsv
vulnersOsv
added 2026/04/04 6:38 a.m.6 views

aark-sdk (>=0.1.2 <=0.1.9), abi-maker (=0.1.2) +404 more potentially affected by CVE-2026-40072 via web3 (>=6.0.0b3 <=7.14.1)

web3 PYPI version =6.0.0b3, =0.1.2, =0.1.7, =2.6.0, =1.1.0, =1.0.0, =0.2.1, =0.1.0, =0.7.2, =0.3.0, =0.4.0a1, =0.1.0b1, =0.1.22, =0.4.0, =0.7.0, =0.7.1 and more Source cves: CVE-2026-40072 Source advisory: SNYK:PYTHON-WEB3-15907867...

7.2CVSS5.4AI score0.00228EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/04/04 6:38 a.m.4 views

aark-sdk (>=0.1.2 <=0.1.9), abi-maker (=0.1.2) +404 more potentially affected by CVE-2026-40072 via web3 (>=6.0.0b3 <=7.14.1)

web3 PYPI version =6.0.0b3, =0.1.2, =0.1.7, =2.6.0, =1.1.0, =1.0.0, =0.2.1, =0.1.0, =0.7.2, =0.3.0, =0.4.0a1, =0.1.0b1, =0.1.22, =0.4.0, =0.7.0, =0.7.1 and more Source cves: CVE-2026-40072 Source advisory: OSV:GHSA-5HR4-253G-CPX2...

7.2CVSS5.4AI score0.00228EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.14 views

PT-2026-31674

Name of the Vulnerable Software and Affected Versions web3.py versions 6.0.0b3 through 7.15.0 web3.py versions 6.0.0b3 through 8.0.0b2 Description web3.py implements CCIP Read / OffchainLookup EIP-3668 by performing HTTP requests to URLs supplied by smart contracts in the offchain lookup...

7.2CVSS6AI score0.00228EPSS
Exploits2References6
vulnersOsv
vulnersOsv
added 2026/03/31 3:15 a.m.4 views

0lever-utils (>=0.0.2 <=0.0.7), 0x-web3 (=5.0.0a5) +6223 more potentially affected by CVE-2026-34073 via cryptography (>=0.6.1 <=46.0.5)

cryptography PYPI version =0.6.1, =0.0.2, =2.3.0, =0.1.0, =0.5.0rc5, =0.9.2, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =1.0.0, =1.0.3 and more Source cves: CVE-2026-34073 Source advisory: OSV:PYSEC-2026-35...

6.3CVSS6AI score0.00154EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 7:56 p.m.6 views

0lever-utils (>=0.0.2 <=0.0.7), 0x-web3 (=5.0.0a5) +6223 more potentially affected by CVE-2026-34073 via cryptography (>=0.6.1 <=46.0.5)

cryptography PYPI version =0.6.1, =0.0.2, =2.3.0, =0.1.0, =0.5.0rc5, =0.9.2, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =1.0.0, =1.0.3 and more Source cves: CVE-2026-34073 Source advisory: OSV:GHSA-M959-CC7F-WV43...

6.3CVSS6AI score0.00154EPSS
Exploits0
Snyk
Snyk
added 2026/03/06 7:14 a.m.11 views

Malicious Package

Overview web3-docs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
OSV
OSV
added 2026/02/24 2:30 p.m.4 views

MAL-2026-1005 Malicious code in argon-web3-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 608cea5b2c28269fa6aa53d4dcd211b83843a935732729e7ec08a2a2130d9209 The package argon-web3-chain was found to contain malicious code. Source: ghsa-malware 6680014069f64072ffb4e22ed7e3779a0b88e7c503644cb0a491d67605078c...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/24 2:30 p.m.11 views

Malicious code in argon-web3-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 608cea5b2c28269fa6aa53d4dcd211b83843a935732729e7ec08a2a2130d9209 The package argon-web3-chain was found to contain malicious code. Source: ghsa-malware 6680014069f64072ffb4e22ed7e3779a0b88e7c503644cb0a491d67605078c...

5.9AI score
Exploits0References1
Snyk
Snyk
added 2026/02/24 2:30 p.m.3 views

Malicious Package

Overview argon-web3-chain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/13 5:36 p.m.3 views

Malicious Package

Overview sinon-web3-chain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/13 5:36 p.m.13 views

Malicious code in sinon-web3-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0984c139608f25fa3bdb0532d380ee76d21328bb17bb2d72f996112391a4e239 The package sinon-web3-chain was found to contain malicious code. Source: ghsa-malware 19e2ec9a6d3e1d35b0423ee04424704fd978ba989624faa1485f07c6de16b3...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/13 5:36 p.m.4 views

MAL-2026-896 Malicious code in sinon-web3-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0984c139608f25fa3bdb0532d380ee76d21328bb17bb2d72f996112391a4e239 The package sinon-web3-chain was found to contain malicious code. Source: ghsa-malware 19e2ec9a6d3e1d35b0423ee04424704fd978ba989624faa1485f07c6de16b3...

5.6AI score
Exploits0References1
Snyk
Snyk
added 2026/02/06 2:44 p.m.2 views

Malicious Package

Overview web3-sinon is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/06 2:44 p.m.10 views

Malicious code in web3-sinon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6990443632c3224a5e897d1747fcd76f782eda8d020447076d59cf305b03c82 The package web3-sinon was found to contain malicious code. Source: ghsa-malware 7d195e4b1eda9212f69e313de4107deae82670a9615ec25b86c8aaaf3df0e1f9 Any...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/02/06 2:44 p.m.5 views

MAL-2026-806 Malicious code in web3-chain-sinon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d656a8031870a05e2b7fa8dec1f3f9b9b48c3d8de3d93df42c787c139b0693a5 The package web3-chain-sinon was found to contain malicious code. Source: ghsa-malware f522ddb6d36708e509e4e4074bed2658a3a1e4101d4a45bb588e08c611cc33...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/06 2:44 p.m.10 views

Malicious code in web3-chain-sinon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d656a8031870a05e2b7fa8dec1f3f9b9b48c3d8de3d93df42c787c139b0693a5 The package web3-chain-sinon was found to contain malicious code. Source: ghsa-malware f522ddb6d36708e509e4e4074bed2658a3a1e4101d4a45bb588e08c611cc33...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/02/06 2:44 p.m.6 views

MAL-2026-807 Malicious code in web3-sinon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6990443632c3224a5e897d1747fcd76f782eda8d020447076d59cf305b03c82 The package web3-sinon was found to contain malicious code. Source: ghsa-malware 7d195e4b1eda9212f69e313de4107deae82670a9615ec25b86c8aaaf3df0e1f9 Any...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 2:33 p.m.6 views

Malicious code in web3-meme-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62aebca1848d232cb70d5bacf954626ca7d0fd1d5680bb8ab45777aa9347f5ed Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/02/05 2:33 p.m.6 views

MAL-2026-763 Malicious code in web3-meme-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62aebca1848d232cb70d5bacf954626ca7d0fd1d5680bb8ab45777aa9347f5ed Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

5.5AI score
Exploits0References1
Snyk
Snyk
added 2026/02/04 11:44 p.m.3 views

Malicious Package

Overview web3-chain-sync is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Rows per page
Query Builder