445 matches found
GHSA-67C5-X5MF-RPPQ MLflow: Improper Origin Validation in MLflow Assistant /ajax-api Endpoints Enables Browser-Mediated Local Command Execution
In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...
CVE-2026-2611
In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...
CVE-2026-2611 Improper Origin Validation in mlflow/mlflow
In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...
offensive-claude
Offensive Security Research Config for Claude Code A comprehe...
MLflow 访问控制错误漏洞
MLFlow is an open-source platform that simplifies machine learning development. It includes features for tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Version 3.9.0 of MLFlow contains a security vulnerability related to access control. This...
Malicious code in claude-code-base-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3000eab5b77e9247ae3dc1125384eaeb03ecdae7ecd17fe30ee6216a6a87c686 The package claude-code-base-action was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3811 Malicious code in claude-code-base-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3000eab5b77e9247ae3dc1125384eaeb03ecdae7ecd17fe30ee6216a6a87c686 The package claude-code-base-action was found to contain malicious code. Source: ossf-package-analysis...
Exploit for Code Injection in Anthropic Claude_Code
CVE-2025-59536 PoC Remote Code Execution via Claude Code Pr...
Using Bedrock with Claude Code? Your AWS Credentials Are Shared With Every Subprocess
Many developers today are using Claude Code, with a growing portion running it through Amazon Bedrock. For enterprise teams, Bedrock offers major advantages: keeping data inside a VPC, leveraging AWS credits, and integrating with existing IAM controls, monitoring, and security policies. Bedrock...
NPM: claude-code-cache-fix vulnerable to local code execution via Python triple-quote injection in tools/quota-statusline.sh
NPM: claude-code-cache-fix vulnerable to local code execution via Python triple-quote injection in tools/quota-statusline.sh vulnerability discovered by ? in WordPress Npm claude-code-cache-fix versions = 3.5.0, 3.5.2...
GHSA-G3XQ-3GMV-QQ8G claude-code-cache-fix vulnerable to local code execution via Python triple-quote injection in tools/quota-statusline.sh
Summary tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user...
claude-code-cache-fix vulnerable to local code execution via Python triple-quote injection in tools/quota-statusline.sh
Summary tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user...
Claude Code 安全漏洞
Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code from 1.2581.0 to 1.4304.0 contained a security vulnerability. This vulnerability stemmed from the SSH remote development feature, which only verified whether the host name exists in t...
MAL-2026-3650 Malicious code in microsoft-applicationinsights-common (npm)
Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...
MAL-2026-3652 Malicious code in supabase-javascript (npm)
Three malicious npm packages published by the superbase account implement a dual-vector supply chain attack. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at .claude/settings and a companion .claude/settings.json that registers the binary as a Claude Code SessionStart hoo...
Claude Code 后置链接漏洞
Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 1.3834.0 contained a post-installation vulnerability. This vulnerability stemmed from the CoworkVMService component running with SYSTEM privileges and without verifying wheth...
Malicious code in auth-javascript (npm)
Three malicious npm packages published by the superbase account implement a dual-vector supply chain attack. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at .claude/settings and a companion .claude/settings.json that registers the binary as a Claude Code SessionStart hoo...
Malicious code in ms-graph-types (npm)
Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...
PT-2026-40724
Name of the Vulnerable Software and Affected Versions claude-code-cache-fix versions 3.5.0 through 3.5.1 Description The tools/quota-statusline.sh script interpolates the Claude Code hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled...
Malicious code in supabase-javascript (npm)
Three malicious npm packages published by the superbase account implement a dual-vector supply chain attack. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at .claude/settings and a companion .claude/settings.json that registers the binary as a Claude Code SessionStart hoo...