Lucene search
K

44 matches found

OSV
OSV
added 2026/04/29 12:0 p.m.6 views

MAL-2026-3181 Malicious code in period-newline (npm)

Malicious npm package published by threat actor "ryanmccollum1" impersonating a benign text-formatting utility. Part of the same supply chain attack campaign as redeem-onchain-sdk, which collects SSH keys, AWS credentials, .npmrc tokens, Docker auth, Chrome saved logins, .env files, and git...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/04/29 8:0 a.m.5 views

MAL-2026-3151 Malicious code in apple-cloud-infrastructure-monitor (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/02/09 8:35 p.m.5 views

GHSA-96PQ-HXPW-RGH8 Craft CMS: save_images_Asset graphql mutation can be abused to exfiltrate AWS credentials of underlying host

Summary - The saveimagesAsset graphql mutation allows a user to give a url of an image to download. Url must use a domain, not a raw IP. - Attacker sets up domain attacker.domain with an A record of something like 169.254.169.254 special AWS metadata IP - Attacker invokes saveimagesAsset with url...

5.3CVSS5.7AI score0.00419EPSS
Exploits1References6
CVE
CVE
added 2026/02/09 7:33 p.m.15 views

CVE-2026-25492

Craft CMS versions 3.5.0–4.16.17 and 5.0.0-RC1–5.8.21 are affected. The save_images_Asset GraphQL mutation can be abused to fetch internal URLs by supplying a domain resolving to an internal IP, bypassing hostname validation. If a non-image file extension (e.g., .txt) is allowed, downstream image...

6.5CVSS5.5AI score0.00419EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/11/13 7:42 p.m.10 views

CVE-2025-64709 Typebot May Expose AWS EKS Credentials via Server Side Request Forgery in Webhook Block

Typebot is an open-source chatbot builder. In versions prior to 3.13.1, a Server-Side Request Forgery SSRF vulnerability in the Typebot webhook block HTTP Request component functionality allows authenticated users to make arbitrary HTTP requests from the server, including access to AWS Instance...

9.6CVSS0.00336EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.8 views

PT-2025-46903

Name of the Vulnerable Software and Affected Versions Typebot versions prior to 3.13.1 Description Typebot is an open-source chatbot builder. A Server-Side Request Forgery SSRF issue exists in the Typebot webhook block HTTP Request component functionality. This allows authenticated users to make...

9.9CVSS6.5AI score0.00336EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

Typebot 代码问题漏洞

Typebot is an open source chatbot builder by the individual developer Baptiste Arnaud. A code issue vulnerability exists in versions prior to Typebot 3.13.1 that stems from a server-side request forgery in the Typebot webhook block functionality, which could lead to the extraction of AWS IAM...

9.9CVSS6.8AI score0.00336EPSS
Exploits1References2
OSV
OSV
added 2025/09/22 7:39 p.m.6 views

CVE-2025-59434 Critical Multi-Tenant Variable Disclosure in Flowise Cloud via Custom JavaScript Function

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to August 2025 Cloud-Hosted Flowise, an authenticated vulnerability in Flowise Cloud allows any user on the free tier to access sensitive environment variables from other tenants via the Custom JavaScri...

9.6CVSS6.7AI score0.03146EPSS
Exploits0References3
CVE
CVE
added 2025/09/22 7:39 p.m.27 views

CVE-2025-59434

Flowise Cloud prior to August 2025 was vulnerable to a cross-tenant data exposure through the Custom JavaScript Function node, allowing authenticated users on the free tier to access environment variables from other tenants (e.g., OpenAI keys, cloud credentials, and tokens). The issue has been pa...

9.6CVSS6.3AI score0.03146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.8 views

PT-2025-39070

Name of the Vulnerable Software and Affected Versions Flowise versions prior to August 2025 Cloud-Hosted Flowise Description Flowise is a drag & drop user interface used to build customized large language model flows. A vulnerability in Flowise Cloud, prior to the August 2025 release, allows...

9.6CVSS6.3AI score0.03146EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.13 views

PT-2025-34035 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07.1 Description: TeamCity was affected by an issue where AWS credentials were exposed in Docker script files. Recommendations: Update to TeamCity version 2025.07.1 or later...

6.5CVSS6.4AI score0.00734EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/04 6:16 p.m.2 views

Malicious code in bh-25-req-ase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ddd759ada90b89401904e23b4e8cbe6a3021baf3c34495150b4a713ca7063be0 If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSV
OSV
added 2025/08/02 6:41 p.m.3 views

MAL-2025-191692 Malicious code in bh-usa-req-ase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c83e1a14cfb125b4cfcb3e1ca52afd31fb170b78ade2aa3fd31cc846b8ac7da If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/02 6:40 p.m.4 views

Malicious code in bh-usa-automate-req-ase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b0340aadb507418f2d21cfa7d568f133db23a6392a2ec64411540ec4ce5456d7 If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/02 7:21 a.m.5 views

Malicious code in req-pre-automate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6ce39a0e7a45f8d70e0e7e0d0e597b5029dcfcdd422ec0fec324921c5021a9ca If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/24 11:4 p.m.3 views

MAL-2025-191853 Malicious code in req-ase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6058bfefce274f953708b9c8ba745b15525a3f573da10dac8597285eac526fd4 If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/07 8:38 a.m.6 views

Malicious code in ase-jreq (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 53d3ded73c297df3a6a010b08188ed7b3fab13570e8d72492803ae3903a49939 If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/07 8:38 a.m.3 views

Malicious code in jsonreq-ase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b2470d0f1bf1493c176d8622368f7f975be80c5f8a2acfa1dcae8199bc54e7ed If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/07 8:38 a.m.4 views

MAL-2025-191768 Malicious code in jsonreq-ase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b2470d0f1bf1493c176d8622368f7f975be80c5f8a2acfa1dcae8199bc54e7ed If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

7AI score
Exploits0References1
OSV
OSV
added 2025/06/26 9:15 p.m.3 views

DEBIAN-CVE-2014-6274

git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored in the git repository in effectively plaintext, not encrypted as they were supposed to be. This issue affects...

7.5CVSS5.5AI score0.00153EPSS
Exploits0References1
Rows per page
Query Builder