@aidps/canvas-flow (>=1.0.0 <=1.0.1), @antv/xflow (>=2.0.1 <=2.2.4) +82 more potentially affected by unknown CVE via @antv/x6-plugin-keyboard (>=2.2.1 <=2.2.3)

@antv/x6-plugin-keyboard NPM version =2.2.1, =1.0.0, =2.0.1, =0.0.1, =0.0.2, =1.0.0-beta.46, =0.0.4, =0.7.0, =0.0.3, =2.0.4, =0.0.27, =3.0.0, =4.0.0-600 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4105...

ROOT-OS-DEBIAN-12-CVE-2026-4105 CVE-2026-4105 in rootio-systemd - Patched by Root

Root has patched CVE-2026-4105 in the rootio-systemd package for Root:Debian:12. Multiple fixed versions available...

libsystemd0-259.5-1.3 on GA media (moderate)

libsystemd0-259.5-1.3 on GA media Announcement ID: openSUSE-SU-2026:10624-1 Rating: moderate Cross-References: CVE-2026-29111 CVE-2026-4105 CVSS scores: CVE-2026-29111 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-29111 SUSE : 6.8...

OESA-2026-1913 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine...

OESA-2026-1912 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine...

[SECURITY] [DLA 4533-1] systemd security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4533-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout April 15, 2026 https://wiki.debian.org/LTS -...

CLSA-2026-1776099155 systemd: Fix of 2 CVEs

CVE-2026-29111: validate input cgroup path in GetUnitByControlGroup to prevent PID 1 assert/freeze on spurious IPC API calls - CVE-2026-4105: reject invalid class types when registering machines in systemd-machined to prevent privilege escalation...

Fedora: Security Advisory (FEDORA-2026-0e8eeb6a8a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : systemd (2026-0e8eeb6a8a)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0e8eeb6a8a advisory. - A bunch of bugfixes - More sanitization for invalid values received from hardware and firmware Tenable has extracted the preceding description block direct...

CVE-2026-4105

creationtimestamp| type| source ---|---|--- 2026-03-13 21:02:36+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116223885615451666 2026-04-15 20:19:16+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mjkpqxzl6k2d...

DEBIAN-CVE-2026-4105

A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus Desktop Bus method. A local unprivileged user can exploit this by attempting to register a machine with a...

CVE-2023-4105

Mattermost fails to delete the attachments when deleting a message in a thread allowing a simple user to still be able to access and download the attachment of a deleted message...

EUVD-2006-0536

Malware in sbrugna...

CVE-2007-4105

creationtimestamp| type| source ---|---|--- 2025-09-09 21:02:28+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lygmjfpvlo2g...

CVE-2010-4105

Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass intended access restrictions, and obtain sensitive information or modify data, via unknown vectors...

CVE-2025-4105

creationtimestamp| type| source ---|---|--- 2025-05-21 09:52:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17105...

CVE-2025-4105 Splitit <= 4.2.8 - Missing Authorization to Multiple Administrative Actions

The Splitit plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several functions in the 'splitIt-flexfields-payment-gateway.php' file in all versions up to, and including, 4.2.8. This makes it possible for authenticated attackers, with...

WordPress Splitit plugin <= 4.2.8 - Missing Authorization to Multiple Administrative Actions vulnerability

Missing Authorization to Multiple Administrative Actions vulnerability discovered by Sushi Com Abacate in WordPress Plugin Splitit versions = 4.2.8...

CVE-2013-4105

creationtimestamp| type| source ---|---|--- 2024-02-04 08:06:52+00:00| seen| https://t.me/ctinow/178709...

Malicious code in wlwz-2312-4105 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5df8a61ecfa70b03c81acb1519b85e08cc0597829a3611ca23a7090bc6bc2b29 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...