CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

MAL-2026-5449 Malicious code in morningstar-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18591ac1a5cb5ca3d11e07bde38f230dccc530bb4614d45f9be1f547677a2c9e On npm install, the package's preinstall lifecycle script runs wget against a hardcoded bare-IP HTTP endpoint, passing the output of id, pwd, hostnam...

5.6AI score

Exploits0References3

Positive Technologies•added 2026/04/21 12:0 a.m.•3 views

PT-2026-34227

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions 29.0 and earlier Description The CloneSite plugin contains a flaw where the 'cloneServer.json.php' endpoint constructs shell commands using the url parameter without proper sanitization. This input is directly concatenated...

9.8CVSS6.1AI score0.00649EPSS

Exploits1References5

GithubExploit•added 2026/02/12 2:36 p.m.•115 views

Exploit for CVE-2025-6019

...

7CVSS5.4AI score0.00031EPSS

Exploits18

OSSF Malicious Packages•added 2025/07/13 11:12 a.m.•2 views

Malicious code in target_user_list (npm)

The package communicates with a domain associated with malicious activity. It exfiltrates user data via wget in preinstall and test scripts. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ccbd7ef3804411c704a4a194010ead12c2e4f14bb09c560be7a4a4c5269e9dbb Any computer...

7AI score

Exploits0References2

GithubExploit•added 2024/01/13 12:17 a.m.•64 views

Exploit for Path Traversal in Cisco Sd-Wan_Vbond_Orchestrator

CVE-2022-20818: Local Privilege Escalation via Partial File Re...

7.8CVSS7.9AI score0.00517EPSS

Exploits1

Rows per page