Trending Vulnerabilities
Real-time threat radar – CVEs ranked by multi-signal trending score
1
Trending CVEs
19
Advisories
0
Critical
0
High
1
KEV
1
POC Available
How trending scores work
Each CVE is scored by accumulating heat signals within 48h of publication. Score decays 20%/day after 3 days.
+5 CISA KEV
+4 EPSS > 0.5
+4 POC < 48h
+3 CISA/CERT-EU advisory
+3 SSVC active exploitation
+2 Multi-vendor patches
+2 User stacks affected
+2 ZDI advisory
+1–3 News mentions
8
Score
MAL
MAL-2026-2683
CRITICAL
On March 31, 2026, an unknown threat actor compromised the npm account of an Axios maintainer and published two malicious versions (v1.14.1 and v0.30.4) that injected a hidden dependency on a trojanized package called plain-crypto-js, which executed automatically during installation without user interaction. The malicious versions remained available for approximately three hours but affected a massive user base, as Axios is downloaded roughly 100 million times per week and present in approximately 80% of cloud and code environments, with observed execution in 3% of affected environments. The injected code functioned as a dropper that contacted external infrastructure at 142.11.206.73 and sfrclak.com:8000 to deliver platform-specific remote access trojans (RATs) for Linux, macOS, and Windows before self-cleaning to remove evidence. Organizations must immediately roll back to safe versions (v1.14.0 or v0.30.3), audit systems for execution of the malicious versions (tracked as GHSA-fw8c-xr5c-95f9 and MAL-2026-2306), block command-and-control traffic from the identified infrastructure, and investigate any systems that downloaded these packages for follow-on malicious payloads. Security researchers have attributed this attack to DPRK state actors based on the sophistication of the social engineering campaign targeting the maintainer.
News Buzz
Cvss 9plus
Supply Chain
11 news
11
News
8
Score
MAL
MAL-2026-2587
CRITICAL
The npm package @kucoin-gbiz-next/tools was identified as containing malicious code designed to provide attackers with full system compromise capabilities. Any system with this package installed should be considered fully compromised, as the malware grants outside entities complete control of the affected computer and can execute arbitrary commands. Organizations using this package must immediately remove it, rotate all secrets, keys, and credentials from a different, clean computer, and conduct a thorough forensic investigation, as simple package removal may not eliminate all malicious artifacts left by the attack. The advisory received coverage from at least six independent security news sources, indicating widespread awareness within the security community. Users should check their supply chain dependencies for any references to @kucoin-gbiz-next/tools and conduct incident response procedures including endpoint isolation, credential revocation, and system reimaging if the package was present in production environments.
News Buzz
Cvss 9plus
Supply Chain
9 news
9
News
8
Score
MAL
MAL-2026-2582
CRITICAL
The @guards-lib/auth npm package has been compromised with malicious code that provides attackers with full system access and control. Any system with this package installed should be considered completely compromised, as the malware allows unauthorized external entities to potentially execute arbitrary commands and steal sensitive information. Users must immediately remove the package from all systems and rotate all secrets, keys, and credentials from a different, uncompromised computer, as uninstalling the package alone may not remove all malicious artifacts left by the attacker. This advisory received significant coverage across six independent security news sources indicating widespread concern about the threat. Organizations using @guards-lib/auth should treat this as a critical incident requiring immediate incident response procedures, including system forensics, credential rotation across all platforms, and a full audit of systems that had access to this package to identify any unauthorized access or data exfiltration that may have occurred.
News Buzz
Cvss 9plus
Supply Chain
8 news
8
News
8
Score
MAL
MAL-2026-2583
CRITICAL
The npm package @hmm-app/api contains malicious code that grants attackers full control over any system where it is installed or running. According to malware intelligence sources, the compromise is complete and pervasive, meaning any computer executing this package should be considered fully compromised with all access and secrets exposed to external entities. Organizations using @hmm-app/api should immediately remove the package, though complete removal of malicious artifacts cannot be guaranteed once the package has been executed. All cryptographic credentials, API keys, database passwords, and authentication tokens stored on affected systems must be rotated immediately from a separate, uncompromised machine. Users should check npm registry records and their own dependency logs for installation dates and scope of exposure, then conduct forensic analysis to identify what data may have been exfiltrated during the compromise window.
News Buzz
Cvss 9plus
Supply Chain
7 news
7
News
7
Score
GHSA
GHSA-68qg-g8mg-6pr7
CRITICAL
An unauthenticated remote code execution vulnerability in paperclipai and @paperclipai/server npm packages below version 2026.410.0 allows attackers to achieve full RCE on any network-accessible Paperclip instance running in authenticated mode with default configuration. The attack chains four independent flaws together: unrestricted account creation without email verification, sign-in capability, authorization bypass, and code execution, requiring only six API calls and no user interaction or credentials. The vulnerability affects default deployments because sign-up is enabled by default and email verification is hardcoded off, creating a critical exposure that security operators may not be aware of since the mitigation environment variable is undocumented in deployment guides. Organizations running paperclipai or @paperclipai/server must immediately upgrade to version 2026.410.0 or later and should consider disabling unauthenticated sign-up by setting the PAPERCLIP_AUTH_DISABLE_SIGN_UP environment variable to true if upgrading is not immediately possible. The vulnerability has received coverage from eight independent security news sources, indicating widespread awareness in the security community and likelihood of active exploitation attempts.
News Buzz
Cvss 9plus
13 news
13
News
7
Score
GHSA
GHSA-3xx2-mqjm-hg9x
CRITICAL
A critical insecure direct object reference (IDOR) vulnerability in the Paperclip control-plane API (@paperclipai/server npm package versions prior to 2026.416.0) allows board-type users to bypass tenant isolation checks and access agent API keys belonging to other companies. An attacker from Company A can enumerate, create, or revoke API keys for agents in Company B by manipulating the agent UUID in requests to the /agents/:id/keys endpoints, with the POST handler returning plaintext tokens that grant full agent-level access within the victim tenant, resulting in complete cross-tenant compromise. The three vulnerable routes in server/src/routes/agents.ts call only assertBoard(req) to verify session type without validating that the caller has authorization to access the target agent's company, enabling full victim-company takeover once a valid agent API key is obtained. Organizations must immediately upgrade @paperclipai/server to version 2026.416.0 or later, and any accounts using this package should invalidate all existing agent API keys and perform a security audit to identify unauthorized key creation or agent access during the vulnerability window. This advisory has received coverage from nine independent security news sources, indicating significant industry attention to the risk.
News Buzz
Cvss 9plus
12 news
12
News
7
Score
GHSA
GHSA-vr7g-88fq-vhq3
CRITICAL
Paperclip AI versions prior to 2026.416.0 contain a critical OS command injection vulnerability in the execution workspace lifecycle that allows attackers to inject arbitrary shell commands through the cleanupCommand field via the PATCH /api/execution-workspaces/:id endpoint. The vulnerability is particularly severe because it requires zero authentication in local_trusted deployment mode (the default for desktop installations) and affects all platforms including Linux, macOS, and Windows, with demonstrated proof-of-concept exploits showing arbitrary file writes, system information exfiltration, and GUI application launches. The @paperclipai/server npm package affects all users running versions below 2026.416.0, and the vulnerability was disclosed on April 13, 2026, with coverage across nine independent security news sources. Organizations must immediately upgrade to version 2026.416.0 or later, and in the interim should restrict access to the PATCH /api/execution-workspaces/:id endpoint and review workspace cleanup command configurations for suspicious content. Administrators should audit execution workspace activity logs for any suspicious cleanupCommand modifications, particularly in local_trusted mode deployments.
News Buzz
Cvss 9plus
12 news
12
News
7
Score
GHSA
GHSA-jp74-mfrx-3qvh
CRITICAL
Saltcorn's mobile-sync endpoints in the @saltcorn/server npm package contain critical SQL injection vulnerabilities in the `POST /sync/load_changes` and `POST /sync/deletes` routes, where user-controlled values like maxLoadedId and syncTimestamp are directly interpolated into SQL queries without parameterization or sanitization. Any authenticated user with default "user" role permissions (role_id ≥ 80) who has read access to at least one table can exploit this flaw to inject arbitrary SQL commands, exfiltrate the entire database including admin password hashes, enumerate all table schemas, and on PostgreSQL instances execute write or DDL operations. The vulnerability affects @saltcorn/server versions prior to 1.4.6, versions 1.5.0-beta.0 through 1.5.5, and versions 1.6.0-alpha.0 through 1.6.0-beta.4, with significant news coverage indicating widespread awareness. Organizations must immediately upgrade to patched versions 1.4.6, 1.5.6, or 1.6.0-beta.5 or later, and should audit sync endpoint access logs for suspicious SQL patterns or unexpected data access to detect potential exploitation.
News Buzz
Cvss 9plus
12 news
12
News
7
Score
GHSA
GHSA-47wq-cj9q-wpmp
CRITICAL
An authorization bypass vulnerability in Paperclip's agent API token endpoint (GHSA-47wq-cj9q-wpmp) allows any authenticated user to mint valid API tokens for agents belonging to other companies on the same instance. The affected endpoints in server/src/routes/agents.ts (POST, GET, and DELETE /api/agents/:id/keys) fail to implement the required assertCompanyAccess check, only verifying board-level authorization, which permits cross-tenant token generation and downstream tenant compromise. The npm package @paperclipai/server versions prior to 2026.416.0 are vulnerable, and this represents a critical breach of the multi-tenant isolation boundary separate from the previously disclosed 2026.410.0 patch. All instances using affected versions should immediately upgrade to @paperclipai/server version 2026.416.0 or later, and security teams should audit token creation logs for suspicious agent key generation across company boundaries. This vulnerability received coverage from nine independent security news sources and requires urgent patching given its ability to grant complete tenant takeover access.
News Buzz
Cvss 9plus
12 news
12
News
7
Score
GHSA
GHSA-mq43-24p4-jg9f
CRITICAL
The @kucoin-gbiz-next/tools npm package distributed via all versions (0 and above) contained malicious code that compromises the security of any system where it was installed or executed. This package represents a critical supply chain attack affecting the npm ecosystem with the potential impact spanning all users who downloaded or depend on this malicious package. Organizations and developers must immediately remove @kucoin-gbiz-next/tools from all systems and assume complete system compromise, requiring immediate rotation of all credentials, API keys, secrets, and sensitive data from unaffected machines. Due to the nature of the compromise granting potential full system access to attackers, removing the package alone may not eliminate all malicious artifacts; affected systems should be considered fully compromised and rebuilt from clean sources. This vulnerability received coverage from at least six independent security news sources, underscoring the severity and urgency of the threat across the development community.
News Buzz
Cvss 9plus
9 news
9
News
7
Score
GHSA
GHSA-649h-jv39-hh5v
CRITICAL
The @guards-lib/auth npm package has been compromised with malware affecting all versions from 0 onwards, with this advisory tracked as GHSA-649h-jv39-hh5v at critical severity. Any system with this package installed or running should be considered fully compromised, as the malware provides complete system access to outside entities, allowing attackers to steal all secrets, keys, and sensitive data stored on affected computers. Organizations must immediately rotate all credentials and secrets from a clean, unaffected system, as removing the package alone cannot guarantee removal of all malicious software that may have been installed during the compromise. The vulnerability has received coverage from six independent security news sources, indicating widespread awareness across the security community. While removing the @guards-lib/auth package is necessary, administrators should treat affected systems as potentially fully compromised and consider rebuilding them from clean media if they contained sensitive information or access to critical infrastructure.
News Buzz
Cvss 9plus
8 news
8
News
7
Score
GHSA
GHSA-j8vp-wwjq-48wg
CRITICAL
The @hmm-app/api package on npm contains malicious code that provides attackers with complete control over any system where it is installed or executed. The malware affects all versions from 0 onwards, and the package should be immediately removed from all environments. Any credentials, API keys, secrets, and authentication tokens stored on compromised systems must be rotated immediately from an unaffected computer, as the malware may grant external actors full system access beyond what simple package removal can address. Organizations should audit their dependency trees and CI/CD systems for any historical or current installations of @hmm-app/api and assume complete compromise of affected infrastructure until proven otherwise. There is no patched version of this package; affected users must remove it entirely and replace it with alternative, verified dependencies while simultaneously implementing credential rotation and security investigations on all systems that may have had contact with the compromised package.
News Buzz
Cvss 9plus
7 news
7
News
7
Score
MAL
MAL-2026-2592
CRITICAL
Malicious code in @relxui/react (npm)
News Buzz
Cvss 9plus
Supply Chain
4 news
4
News
7
Score
MAL
MAL-2026-2823
CRITICAL
Malicious code in @genoma-ui/components (npm)
News Buzz
Cvss 9plus
Supply Chain
3 news
3
News
7
Score
MAL
MAL-2026-2703
CRITICAL
Malicious code in @3stripes/components (npm)
News Buzz
Cvss 9plus
Supply Chain
3 news
3
News
7
Score
MAL
MAL-2026-2706
CRITICAL
Malicious code in @3stripes/sdk (npm)
News Buzz
Cvss 9plus
Supply Chain
3 news
3
News
7
Score
MAL
MAL-2026-2591
CRITICAL
Malicious code in @pes-ui/components (npm)
News Buzz
Cvss 9plus
Supply Chain
3 news
3
News
6
Score
GHSA
4
News
6
Score
GHSA
3
News