Lucene search
K

94731 matches found

The Hacker News
The Hacker News
added 25 minutes ago1 views

148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet

A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog. The packages did not go after the developers who might install them. The operators used the...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 1 hour ago6 views

Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity

Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform. The way in has been the trust the organization had already extended, usually through the OAuth...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 5 hours ago14 views

Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware

CVE-2017-7921 — Hikvision IP Camera / DVR / NVR Improper Au...

9.8CVSS7AI score0.99998EPSS
Exploits12
RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-44024

A flaw was found in Fluentd, a data collector. This vulnerability allows a remote attacker to achieve arbitrary file write and potentially remote code execution by sending untrusted tags containing path traversal characters. The issue arises from insufficient validation of the $tag placeholder in...

9.8CVSS6.5AI score0.01107EPSS
Exploits0References7
PyPA
PyPA
added yesterday3 views

pyLoad: SSRF guard bypass via IPv6 6to4/NAT64 transition wrappers of internal IPs

Summaryisglobaladdress in src/pyload/core/utils/web/check.py is the central guard against SSRF-style outbound connections in pyload-ng. It tests whether a given IP is "globally routable" via Python's ipaddress.ipaddressvalue.isglobal, and callers treat not isglobal as "deny":pythondef...

4.9CVSS6.1AI score
Exploits0References5Affected Software1
OSV
OSV
added yesterday3 views

PYSEC-2026-2995 pyLoad: SSRF guard bypass via IPv6 6to4/NAT64 transition wrappers of internal IPs

Summary isglobaladdress in src/pyload/core/utils/web/check.py is the central guard against SSRF-style outbound connections in pyload-ng. It tests whether a given IP is "globally routable" via Python's ipaddress.ipaddressvalue.isglobal, and callers treat not isglobal as "deny": python def...

4.9CVSS6.1AI score
Exploits0References5
PyPA
PyPA
added yesterday2 views

pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)

SummaryWhen an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs and runs on a network that routes the affected IPv6 transition forms NAT64- or ISATAP-configured networks, the cloud-metadata blocklist could be bypass...

6.8CVSS6.1AI score0.00332EPSS
Exploits0References8Affected Software1
OSV
OSV
added yesterday4 views

PYSEC-2026-2977 pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)

Summary When an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs and runs on a network that routes the affected IPv6 transition forms NAT64- or ISATAP-configured networks, the cloud-metadata blocklist could be...

6.8CVSS6.1AI score0.00332EPSS
Exploits0References8
PyPA
PyPA
added yesterday2 views

pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)

SummaryWhen an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs and runs on a network that routes the affected IPv6 transition forms NAT64- or ISATAP-configured networks, the cloud-metadata blocklist could be bypass...

6.8CVSS6.1AI score0.00332EPSS
Exploits0References8Affected Software1
OSV
OSV
added yesterday5 views

PYSEC-2026-2981 pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)

Summary When an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs and runs on a network that routes the affected IPv6 transition forms NAT64- or ISATAP-configured networks, the cloud-metadata blocklist could be...

6.8CVSS6.1AI score0.00332EPSS
Exploits0References8
PyPA
PyPA
added yesterday2 views

Pipecat: Telephony WebSocket `/ws` Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID

Development Runner Telephony WebSocket /ws Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID SummaryThe pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without any authentication. An unauthenticated remote attacker who c...

7.5CVSS6.1AI score0.00327EPSS
Exploits1References6Affected Software1
OSV
OSV
added yesterday3 views

PYSEC-2026-2878 Pipecat: Telephony WebSocket `/ws` Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID

Development Runner Telephony WebSocket /ws Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID Summary The pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without any authentication. An unauthenticated remote attacker who...

7.5CVSS6.1AI score0.00327EPSS
Exploits1References6
PyPA
PyPA
added yesterday3 views

Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects

SummaryThe SafePlaywrightURLLoader implements a validateurl function to prevent SSRF attacks by checking the IP address of the user-provided URL. However, this validation is performed only on the initial URL.Since Playwright automatically follows HTTP redirects 301/302 by default, an attacker can...

7.7CVSS6.1AI score0.00287EPSS
Exploits1References5Affected Software1
OSV
OSV
added yesterday4 views

PYSEC-2026-2743 Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects

Summary The SafePlaywrightURLLoader implements a validateurl function to prevent SSRF attacks by checking the IP address of the user-provided URL. However, this validation is performed only on the initial URL. Since Playwright automatically follows HTTP redirects 301/302 by default, an attacker c...

7.7CVSS6.1AI score0.00287EPSS
Exploits1References5
OSV
OSV
added yesterday4 views

PYSEC-2026-2554 Kolibri has Unauthenticated Server-Side Request Forgery (SSRF) in RemoteFacilityUserViewset

Summary Several Kolibri API endpoints accept an unvalidated baseurl parameter and fetch attacker-controlled URLs from the Kolibri server, reflecting the response body back to the caller. The original report identified two endpoints on the RemoteFacilityUser viewsets; remediation review found two...

5.8CVSS6.2AI score0.00047EPSS
Exploits0References6
PyPA
PyPA
added yesterday3 views

Kolibri has Unauthenticated Server-Side Request Forgery (SSRF) in RemoteFacilityUserViewset

SummarySeveral Kolibri API endpoints accept an unvalidated baseurl parameter and fetch attacker-controlled URLs from the Kolibri server, reflecting the response body back to the caller. The original report identified two endpoints on the RemoteFacilityUser viewsets; remediation review found two...

5.8CVSS6.2AI score0.00047EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

SummaryWhen an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack and...

8.6CVSS6.6AI score0.00579EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

SummaryWhen an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack and...

6.8CVSS6.1AI score0.00039EPSS
Exploits0References6Affected Software1
OSV
OSV
added yesterday4 views

PYSEC-2026-2978 Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

Summary When an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack an...

6.8CVSS6.1AI score0.00039EPSS
Exploits0References6
OSV
OSV
added yesterday4 views

PYSEC-2026-2982 Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)

Summary When an application using Pydantic AI opts a URL into forcedownload='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack an...

6.8CVSS6.1AI score0.00039EPSS
Exploits0References6
Rows per page
Query Builder