869 matches found
MAL-2026-2482 Malicious code in strapi-plugin-seed (npm)
strapi-plugin-seed is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology. I...
MAL-2026-2469 Malicious code in strapi-plugin-logger (npm)
strapi-plugin-logger is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology...
Malicious code in strapi-plugin-logger (npm)
strapi-plugin-logger is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology...
MAL-2026-2467 Malicious code in strapi-plugin-hooks (npm)
strapi-plugin-hooks is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology. ...
BIT-APPSMITH-2026-34411 Appsmith < 1.98 Unauthenticated Instance Configuration Disclosure via Management APIs
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/tenants/current to retrieve configuration metadata, license information, and unsalted SHA-256...
CVE-2026-0397
When the internal webserver is enabled default is disabled, an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard. The root cause of the issue is a misconfiguration o...
EUVD-2026-17277
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4. This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permissioncallback that unconditionally returns true, allowing any...
PT-2026-29181
Name of the Vulnerable Software and Affected Versions Gravity SMTP versions prior to 2.1.5 Description A sensitive information exposure issue exists in the Gravity SMTP plugin for WordPress, affecting approximately 100,000 sites. The flaw is caused by a REST API endpoint registered at...
Exposure of Data Element to Wrong Session
Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...
Exposure of Data Element to Wrong Session
Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...
CVE-2026-34391 Fleet Vulnerable to Windows MDM cross-device command disclosure
Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secrets...
CVE-2026-34391 Fleet Vulnerable to Windows MDM cross-device command disclosure
Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secrets...
CVE-2026-34411 Appsmith < 1.98 Unauthenticated Instance Configuration Disclosure via Management APIs
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/tenants/current to retrieve configuration metadata, license information, and unsalted SHA-256...
CVE-2026-34411
Affected product: Appsmith prior to version 1.98. Root cause: unauthenticated access to instance management API endpoints (/api/v1/consolidated-api/view, /api/v1/tenants/current) that exposes configuration metadata, license information, and unsalted SHA-256 hashes of admin email domains. Impact: ...
PT-2026-28632
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/tenants/current to retrieve configuration metadata, license information, and unsalted SHA-256...
EUVD-2021-34771
Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attackers can exploit this vulnerability to access sensitive...
CVE-2026-0231
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...
CVE-2025-15605
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the...
Frigate 安全漏洞
Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 0.17.0 of Frigate contains a security vulnerability caused by improper access control, which may lead to the exposure of sensitive configuration information...
CVE-2026-20115
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulnerability is due to a device configuration upload being performed over an insecure tunnel. An attacker could exploit this vulnerability by...