219457 matches found
WordPress GamiPress plugin <= 7.6.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by bosz in WordPress Plugin GamiPress versions = 7.6.3...
EUVD-2026-31725
In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...
CVE-2026-48846
In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...
CVE-2026-48846
In Roundcube Webmail, versions 1.6.x before 1.6.16 and 1.7.x before 1.7.1 have a vulnerability where the remote image blocking feature can be bypassed by a crafted CSS var() value in an e-mail message. This may lead to information disclosure or an access-control bypass. Affected software: Roundcu...
CVE-2026-48846
In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var value in an e-mail message, which may lead to information disclosure or access-control bypass...
MAL-2026-4707 Malicious code in vue-compiler-sfc-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c320320435358c109567ef3776ced079a2196b831b583b66c87323ddf402bae9 Package name and README impersonate the official @vue/compiler-sfc package; index.js merely re-exports it. The npm postinstall hook runs...
Malicious code in vue-compiler-sfc-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c320320435358c109567ef3776ced079a2196b831b583b66c87323ddf402bae9 Package name and README impersonate the official @vue/compiler-sfc package; index.js merely re-exports it. The npm postinstall hook runs...
MAL-2026-4350 Malicious code in clobprice.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
MAL-2026-4349 Malicious code in clob.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in @devcarron/clob (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in atel-mcp-openclaw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1e4255e19fdb4f0352f184f35599be81651badab879e4f39d0f3bb4fda4a58e The package contains multiple structural fingerprints of an active credential-stealer / C2 implant. bin/install.js performs lifecycle-time HTTP POSTs...
MAL-2026-4485 Malicious code in atel-mcp-openclaw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1e4255e19fdb4f0352f184f35599be81651badab879e4f39d0f3bb4fda4a58e The package contains multiple structural fingerprints of an active credential-stealer / C2 implant. bin/install.js performs lifecycle-time HTTP POSTs...
CVE-2026-40127
OutSystems Lifetime is vulnerable to Authorization Bypass Through User-Controlled Key vulnerability in ApplicationID parameter. Any authenticated user, can read the Change Log containing actions performed by other users as well as application name of any application. This issue was fixed in...
MAL-2026-4823 Malicious code in msc-terminal (npm)
Part of a multi-package malicious campaign, msc-terminal npm author nhpkevte1576 carries the same payload as eo-terminal and logger-draft — a fully-featured infostealer and remote access trojan RAT deployed via a postinstall hook. All three packages share the same C2 infrastructure and attack...
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations. RemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain...
MAL-2026-4511 Malicious code in chai-as-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b This package is a typosquat of chai-as-promised that delivers remote code execution to any installer that requires it and invokes the exported...
MAL-2026-4316 Malicious code in internallib_v95 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 446fa224122b28950a2a22289bd7a9bf4a29861cde218c495651e1e58da37176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4306 Malicious code in auth0-sample-dus-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11085e4f685d863ed2e5196febd3ade6b5b64e18d19bb57d779d04e27a360df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4321 Malicious code in motion-ui-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21ddce58f1bde22bf0563aee5f71aefe48c82ad61076557935bf8fff16eb9df3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-28380
A flaw was found in Grafana. An authenticated user with editor privileges could exploit a Broken Access Control BAC vulnerability in the Snapshot API. This flaw allows an editor to delete any dashboard snapshot, even those they do not have explicit read or write access to, leading to unauthorized...