GHSA-6VHH-4XW6-H2H2 Element Call reports full URLs of visited pages to analytics server

Impact Element Call versions 0.5.17 through 0.19.3 report analytics data to a PostHog server, when configured to by a posthog key in config.json or by the posthogApiHost and posthogApiKey URL parameters. Several fields of this data $initialpersoninfo, $sessionentryurl, and $currenturl were found ...

CVE-2026-46517

LMDeploy has a hardcoded trust_remote_code=True path in multiple code locations (e.g., get_model_arch and related calls) that is invoked for every model load. This creates an implicit unsafe remote-code load path when loading HuggingFace models from a repository, with no user opt-out or CLI flag ...

CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

GHSA-M6VC-F87M-CC2H Doorkeeper Openid Connect: Dynamic Client Registration feature creates public clients with client_secret

Impact The DynamicClientRegistrationControllerregister action hard-codes confidential: false when creating applications dynamicclientregistrationcontroller.rb:18-25, yet the response includes a clientsecret and advertises tokenendpointauthmethodssupported: "clientsecretbasic", "clientsecretpost"...

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

MAL-2026-4504 Malicious code in cami-design (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57ccc787b2437085a18ed05c52fc473d8c28162cbe3cbbaa04adaefa73389da1 On install, scripts/install.js invokes autoUpdate.install, which writes a launchd agent to...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2026-41096 - Crash PoC Heap overflow in DnsRawTruncateMe...

Malicious code in xy-ai-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f9025a3fddb0d31a5cd9114850b0ca859acf96e54649d4d2a9fe286b7ca015c xy-ai-chat ships a Lit web component whose bundled main entry hardcodes two plain-HTTP endpoints on a bare IPv4 address:...

Malicious code in @hanssoft/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3f83fb38a98b69c322df069a26c495101aa35682df8f83641b00e2ce40a99bd This package is a fork of the WhatsApp library Baileys whose metadata homepage, repository, author points at the upstream @whiskeysockets/baileys,...

Malicious code in naileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53307e8df479525765ddef8cf9a54dcf0aa368b8ef57a088b624a5e80f72c999 naileys is a fork/lookalike of the WhatsApp library baileys single-character edit; internal references still mention 'wileys', and...

Data Brokers’ and AI Firms’ Opt-Out Forms Are Built to Fail, Report Finds

A new study finds AI companies, defense firms, and dating apps are among 38 data collectors allegedly using manipulative design to confuse users while collecting their data...

Astra Linux - уязвимость в docker.io-app

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is vulnerable to cache poisoning if the image is built FROM scratch. Additionally, changes to certain instructions—especially HEALTHCHECK and ONBUILD—do not trigger cache...

Malicious code in eplang (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d53e4571f8ccfc385a265dfd47cbea9793946762a794aff432e98614ee10b21 The package ships epl/.aiconfig.json containing a hardcoded Groq API key with provider set to 'groq'. On any AI-related CLI invocation epl ai, epl ge...

MAL-2026-4748 Malicious code in eplang (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d53e4571f8ccfc385a265dfd47cbea9793946762a794aff432e98614ee10b21 The package ships epl/.aiconfig.json containing a hardcoded Groq API key with provider set to 'groq'. On any AI-related CLI invocation epl ai, epl ge...

PT-2026-41970

Summary When Algernon is invoked with a single file path instead of a directory — the documented "quick demo" workflow algernon foo.lua, algernon page.po2, algernon index.html, algernon mywebsite.alg — singleFileMode is set to true and debugMode is forcibly enabled with no opt-out: go //...

iskorotkov/avro: Denial-of-Service Vulnerability in Decoder

Memory Exhaustion via Unbounded Map Allocations in Avro Decoder Summary The Avro map decoder accepted attacker-controlled block-element counts from the wire format and grew the destination map without enforcing an upper bound. The slice decoder already had Config.MaxSliceAllocSize for the...

GHSA-JJ54-R8GM-2FCF dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serializes the complete arguments dictionary of every MCP tool call and transmits it verbatim to...

dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serializes the complete arguments dictionary of every MCP tool call and transmits it verbatim to...

PT-2026-41150

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DefaultUsageTracker.emit tool called event in src/dbt mcp/tracking/tracking.py serializes the complete arguments dictionary of every MCP tool call and transmits it verbati...