1shot (>=0.0.3 <=0.0.9), @4xian/ccapi (=1.0.6) +208 more potentially affected by CVE-2025-59828 via @anthropic-ai/claude-code (>=1.0.108 <=1.0.24)

@anthropic-ai/claude-code NPM version =1.0.108, =0.0.3, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.6.0-rc34, =1.0.0, =1.3.2-canary.5af7e49 - @chittycorp/chittychat =3.0.0 and more Source cves: CVE-2025-59828 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-13109605...

Ensembling Large Language Models for Code Vulnerability Detection: an Empirical Evaluation

Code vulnerability detection is crucial for ensuring the security and reliability of modern software systems. Recently, Large Language Models LLMs have shown promising capabilities in this domain. However, notable discrepancies in detection results often arise when analyzing identical code segmen...

ZKEACMS 代码问题漏洞

ZKEACMS is a visually designed, WYSIWYG content management system from ZKEASOFT open source. A code issue vulnerability exists in ZKEACMS version 4.3, which stems from the incorrect manipulation of the parameter url of the function Proxy in the file src/ZKEACMS/Controllers/MediaController.cs, whi...

CVE-2025-56448

The Positron PX360BT SW REV 8 car alarm system is vulnerable to a replay attack due to a failure in implementing rolling code security. The alarm system does not properly rotate or invalidate used codes, allowing repeated reuse of captured transmissions. This exposes users to significant security...

GHSA-QXFV-FCPC-W36X Claude Code rg vulnerability does not protect against approval prompt bypass

Due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update will...

UPDF 代码问题漏洞

UPDF is a multi-platform PDF editor from the Chinese company UPDF. A code issue vulnerability exists in UPDF version 1.8.5.0, which stems from DLL search path hijacking and could lead to the execution of arbitrary code...

Grandstream Wave 代码问题漏洞

Grandstream Wave is a voice software from Grandstream Corporation, USA. A code issue vulnerability exists in Grandstream Wave version 1.27.8, which stems from DLL search order hijacking and could lead to the execution of arbitrary code...

SourceCodester Pet Grooming Management Software 代码问题漏洞

SourceCodester Pet Grooming Management Software is a SourceCodester open source pet grooming management system. A code issue vulnerability exists in SourceCodester Pet Grooming Management Software version 1.0, which originates from an arbitrary file upload vulnerability in the /admin/profile.php...

Jinher OA 代码问题漏洞

Jinher OA is a collaborative management software from Jinher, a Chinese company. A code issue vulnerability exists in Jinher OA 1.2 and prior versions, which arises from the presence of XML external entity references in the XML Handler component...

DOS & CO SS1 代码问题漏洞

DOS & CO SS1 is an asset management tool from DOS & CO Japan. A code issue vulnerability exists in DOS & CO SS1 version 16.0.0.10 and earlier, which originates from allowing remote unauthenticated attackers to upload arbitrary files and execute OS commands with SYSTEM privileges...

IBM Edge Application Manager Code Issue Vulnerability

IBM Edge Application Manager is an application from International Business Machines IBM that provides powerful solutions to address the need to deliver enterprise computing power at the edge of the cloud, closer to where the data is being created and at the edge of the enterprise where action nee...

PT-2025-34555 · Unknown · Fnkvision Y215 Cctv Camera

Name of the Vulnerable Software and Affected Versions: FNKvision Y215 CCTV Camera version 10.194.120.40 Description: A weakness has been identified in the FNKvision Y215 CCTV Camera. This vulnerability affects unknown code within the s1 rf test config file of the Telnet Service component,...

CVE-2025-57771

CVE-2025-57771 affects Roo Code prior to 3.25.5. The flaw lies in the command parsing for auto-execute commands, where process substitution and single ampersand handling can be bypassed, allowing an attacker who can submit crafted prompts to cause arbitrary commands to run alongside the intended ...

UnoPim 代码问题漏洞

UnoPim is an open source Product Information Management PIM system based on the Laravel framework by UnoPim Open Source. A code issue vulnerability exists in versions of UnoPim prior to 0.2.1 that stems from insufficient validation of client-side file types, which could lead to the upload of...

INFINITT PACS System Manager 代码问题漏洞

INFINITT PACS System Manager is a medical image archiving and transfer system from INFINITT Corporation. A code issue vulnerability exists in INFINITT PACS System Manager that originates from uploading an arbitrary file, which could lead to a system compromise...

IBM Edge Application Manager 代码问题漏洞

IBM Edge Application Manager is an application from International Business Machines IBM that provides powerful solutions to address the need to deliver enterprise computing power at the edge of the cloud, closer to where the data is being created and at the edge of the enterprise where action nee...

1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +220 more potentially affected by CVE-2025-55284 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.24)

@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2025-55284 Source advisory: OSV:GHSA-X5GV-JW7F-J6XJ...

1shot (>=0.0.3 <=0.0.9), @4xian/ccapi (=1.0.6) +208 more potentially affected by CVE-2025-55284 via @anthropic-ai/claude-code (>=1.0.108 <=1.0.24)

@anthropic-ai/claude-code NPM version =1.0.108, =0.0.3, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.6.0-rc34, =1.0.0, =1.3.2-canary.5af7e49 - @chittycorp/chittychat =3.0.0 and more Source cves: CVE-2025-55284 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-12028699...

F5 BIG-IP 代码问题漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A code issue vulnerability exists in the F5 BIG-IP LTM, which stems from the fact that enabling the ADH encryption suite when configuring the...

Intel PROSet/Wireless WiFi Software 代码问题漏洞

Intel PROSet/Wireless WiFi Software is a wireless network card driver from Intel Corporation USA. A code issue vulnerability exists in Intel PROSet/Wireless WiFi Software for Windows versions prior to 23.110.0.5, which stems from an improperly checked condition that could lead to a denial of...