@amqp-contract/asyncapi (>=0.2.0 <=0.21.0), @bgd-labs/indexer-client (>=1.23.1 <=1.42.1) +37 more potentially affected by CVE-2026-28794 via @orpc/client (>=1.0.0-beta.1 <=1.13.5)

@orpc/client NPM version =1.0.0-beta.1, =0.2.0, =1.23.1, =1.8.6, =0.1.0-beta.20, =0.1.1, =0.1.0, =0.0.0, =1.0.0-beta.2, =1.0.0-beta.1, =1.10.0, =1.13.14 and more Source cves: CVE-2026-28794 Source advisory: SNYK:JS-ORPCCLIENT-15426550...

CVE-2026-28794

creationtimestamp| type| source ---|---|--- 2026-03-02 02:33:00+00:00| published-proof-of-concept| https://github.com/middleapi/orpc/security/advisories/GHSA-m272-9rp6-32mc 2026-03-06 06:00:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116180702140239593 2026-03-06 06:00:29+00:00...

CVE-2022-28794

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information...

CVE-2023-28794

Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6...

CVE-2023-28794 PAC Files Exposed to Internet Websites

Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6...

CVE-2023-28794

CVE-2023-28794 concerns an Origin Validation Error in Zscaler Client Connector for Linux prior to version 1.3.1.6 . Multiple connected sources (e.g., PT-2023-21970, RH, NVD, Red Hat, CNNVD mirrors) describe a vulnerability that could permit privilege abuse due to faulty origin validation. Affecte...

CVE-2023-28794 PAC Files Exposed to Internet Websites

Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6...

CVE-2022-28794

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information...

CVE-2022-28794

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information...

CVE-2022-28794

CVE-2022-28794 describes a sensitive information exposure in Samsung mobile devices. The issue concerns the low-battery dumpstate log, which can reveal SIM card information to a local attacker. The root cause is exposure of stored log data prior to SMR Jun-2022 Release 1, enabling local access to...

CVE-2021-28794

creationtimestamp| type| source ---|---|--- 2021-03-18 19:32:29+00:00| seen| https://t.me/cibsecurity/25129...

CVE-2021-28794

The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath...

CVE-2021-28794

CVE-2021-28794 affects the unofficial vscode-shellcheck extension for Visual Studio Code prior to 0.13.4. The root cause is mishandling of shellcheck.executablePath within the extension, as described in multiple sources. Public references indicate potential arbitrary code execution on affected sy...