CVE-2026-3001

The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

Security Bulletin: IBM Maximo Application suite Visual Inspection Component uses pytorch v2.8.0 which is vulnerable to multiple CVEs CVE-2025-55552, CVE-2025-55551, CVE-2025-3001.

Summary IBM Maximo Application suite Visual Inspection Component uses pytorch v2.8.0 which is vulnerable to multiple CVEs CVE-2025-55552, CVE-2025-55551, CVE-2025-3001.This Bulletine contains information of the vulerable product version and it's remediation. Vulnerability Details...

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

EUVD-2026-6101

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

CVE-2026-2577 Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

CVE-2026-2577 Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

CVE-2026-2577

The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to...

CVE-2026-2577

The CVE concerns Nanobot’s WhatsApp bridge component, where the WebSocket server binds to all interfaces (0.0.0.0) on port 3001 by default and requires no authentication. An unauthenticated remote attacker with network access to the bridge can connect to the WebSocket server to hijack the WhatsAp...

PT-2026-8330

Name of the Vulnerable Software and Affected Versions Nanobot versions prior to v0.1.3.post7 Description The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces 0.0.0.0 on port 3001 by default and does not require authentication for incoming connections. An...

EUVD-2026-3001

EUVD-2026-3001...

CVE-2025-3001 affecting package pytorch for versions less than 2.2.2-10

CVE-2025-3001 affecting package pytorch for versions less than 2.2.2-10. A patched version of the package is available...

EUVD-2017-6696

Malware in sbrugna...

EUVD-2018-3001

Malware in sbrugna...

CVE-2019-3001

Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of Oracle PeopleSoft component: eProcurement. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

CVE-2017-14705

DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...

CVE-2025-3001

creationtimestamp| type| source ---|---|--- 2025-03-31 19:12:16+00:00| seen| https://t.me/cvedetector/21611 2025-03-31 19:31:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9749...

CVE-2025-3001

A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...