12939 matches found
Malicious Package
Overview babel-6-compatibility-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-3783 Malicious code in babel-6-compatibility (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8087b9d84c49b5f44fe119e347d1fe658395eb8af859209bcf8884716692229d The package babel-6-compatibility was found to contain malicious code. Source: ghsa-malware...
CVE-2026-41636 affecting package thrift for versions less than 0.15.0-6
CVE-2026-41636 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...
CVE-2026-41603 affecting package thrift for versions less than 0.15.0-6
CVE-2026-41603 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...
CVE-2026-41602 affecting package thrift for versions less than 0.15.0-6
CVE-2026-41602 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...
CVE-2025-48431 affecting package thrift for versions less than 0.15.0-6
CVE-2025-48431 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...
CVE-2026-41604 affecting package thrift for versions less than 0.15.0-6
CVE-2026-41604 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...
CVE-2026-41605 affecting package thrift for versions less than 0.15.0-6
CVE-2026-41605 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...
SUSE-SU-2026:21717-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager WHM that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 CVSS score: 4.3 - An insufficient input...
hubzoid (>=0.2.2 <=0.6.0), openwebui-token-tracking (>=0.1.7 <=0.1.10) +1 more potentially affected by CVE-2026-44562 via open-webui (>=0.6.0 <=0.8.8)
open-webui PYPI version =0.6.0, =0.2.2, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2026-44562 Source advisory: SNYK:PYTHON-OPENWEBUI-16599157...
Oracle Linux 6 : python (ELSA-2026-10102)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10102 advisory. 2.6.6-68.0.6 - Fix CVE-2026-4519 Orabug: 39253111 Tenable has extracted the preceding description block directly from the Oracle Linux security...
CVE-2026-7917
creationtimestamp| type| source ---|---|--- 2026-05-06 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260507 2026-05-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260508...
SUSE-SU-2026:21468-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI...
Oracle Linux 10 : freeipmi (ELSA-2026-13515)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13515 advisory. 1.6.17-1 - Update to 1.6.17 1.6.14-6 - .fmf/version: Add fmf metadtata root 1.6.14-5 - gating: RHEL-10: Add OSCI testing Tenable has extracted the preceding...
CVE-2026-6530
DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2025-63652 affecting package fluent-bit for versions less than 3.1.10-6
CVE-2025-63652 affecting package fluent-bit for versions less than 3.1.10-6. A patched version of the package is available...
RUSTSEC-2026-0113 `unpack_in` can chmod arbitrary directories by following symlinks
In versions 0.6.0 and earlier of astral-tokio-tar, the unpackin API could inadvertently modify the permissions of external i.e. non-archive directories outside of the archive. An attacker could use this to contrite a tar archive that maliciously changes directory permissions outside of its intend...
com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2026-41044 via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)
org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2026-41044 Source advisory: OSV:GHSA-MR6M-XJ7V-3CV3...
CVE-2026-5121 affecting package libarchive for versions less than 3.7.7-6
CVE-2026-5121 affecting package libarchive for versions less than 3.7.7-6. A patched version of the package is available...