CVE-2026-3623 Vulnerabilities exists in IBM Netezza Performance Server Replication Services

IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root user’s password. Successf...

IBM Netezza Performance Server Replication Services 安全漏洞

IBM Netezza Performance Server Replication Services is a data warehouse replication and synchronization service provided by IBM. There are security vulnerabilities in versions 3.0.2.0 to 3.0.5.0 of IBM Netezza Performance Server Replication Services. These vulnerabilities allow low-privilege...

Malicious code in @shadanai/openclaw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0e2f02ab1bb3d99de1787ed7d69f1df97bd3b2d7c18cc8ba4e5f8688f649ce9 On npm install, scripts/postinstall.mjs performs several installer-harm actions. 1 Backdoor: writes /.openclaw/openclaw.json configuring a local...

Malicious code in textwrap-formatter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 18da24e92fd40457ad3df2af568c07d41b35f44e6e07e8fac3bf0eafba9c2154 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new authorized SSH key...

CVE-2026-41517

Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, leading to complete server compromise and persistent backdoor installation. This issue has been patched in version 2.6.11...

CVE-2026-41517 Emlog: Remote Code Execution via Malicious Plugin Upload

Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, leading to complete server compromise and persistent backdoor installation. This issue has been patched in version 2.6.11...

PT-2026-39198

Name of the Vulnerable Software and Affected Versions Emlog versions prior to 2.6.11 Description Insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, which can lead to complete server compromise and the installation of a persistent backdoor...

Exploit for CVE-2026-38360

CVE-2026-38360: Directory Traversal in dash-uploader !CVE...

Malicious code in @emilgroup/partner-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b0abde6a2a005b2c63f18e87169a3b47ddfe6fb943ad82a005e1d3d3a8e5887 The package @emilgroup/partner-sdk was found to contain malicious code. Source: google-open-source-security...

Malicious code in efghr-honeybee-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e77e2d0088390e5dc421f70a65ade331bfbf554afcc9cc42362098d0ed130692 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection in the osctrl-admin environment configuration. An attacker can execute arbitrary shell commands on every endpoint that enrolls using a compromised environment by injecting commands into the hostname parameter, which ar...

CPSD CryptoPro Secure Disk 安全漏洞

CPSD CryptoPro Secure Disk is a transparent disk encryption software developed by CPSD. There is a security vulnerability in CPSD CryptoPro Secure Disk. This vulnerability stems from the fact that configuration files in the Linux operating system’s integrity checks are not verified through the...

MAL-2026-1000 Malicious code in scraper-npm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5705e85e8288aeffbfe964329624dcbb5b2e30cebb0023da5b605ee5fb0aef4e During import, the package exfiltrates files especially .env and JSON and eventually configures a backdoor by adding its own SSH key to the authorizedkeys. ---...

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker's device to a victim's WhatsApp account. The package, named "lotusbail,"...

EUVD-2025-28231

Malicious code in bioql PyPI...

CVE-2025-48469

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload firmware through a public update page, potentially leading to backdoor installation or privilege escalation...

CVE-2025-48469

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload firmware through a public update page, potentially leading to backdoor installation or privilege escalation...

CVE-2025-48469 Unauthenticated Firmware Upload

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload firmware through a public update page, potentially leading to backdoor installation or privilege escalation...

CVE-2025-48469 Unauthenticated Firmware Upload

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload firmware through a public update page, potentially leading to backdoor installation or privilege escalation...

CVE-2025-48469

CVE-2025-48469 is an unauthenticated firmware upload vulnerability widely described across multiple feeds. The initial entry states that a successful exploit could allow an unauthenticated attacker to upload firmware through a public update page, potentially enabling backdoor installation or priv...