JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...

Identity Exposure Management: Why It Matters

Millions of corporate credentials leak onto the public internet every single week. These exposed credentials act as open doors for threat actors looking to breach hybrid networks. When security teams rely only on legacy tools, they remain blind to these silent entry points. Book a HivePro demo to...

Security update for curl

This update for curl fixes the following issues: Security issues fixed: CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. CVE-2026-6276:...

OpenClaw 信息泄露漏洞

OpenClaw is an intelligent artificial assistant developed under the OpenClaw open source project. OpenClaw has a vulnerability related to information leakage, which stems from the exposure of sensitive data through authorized URL query strings, potentially leading to credential leaks...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained security vulnerabilities. These vulnerabilities stemmed from the MCP integration, which inherited complete environment variables when executing commands provid...

trino 安全漏洞

Trino is a distributed SQL query engine developed by Trino in open source. There were security vulnerabilities in versions 439 to 480 of Trino. These vulnerabilities stemmed from static or temporary credentials in the Iceberg connector’s REST directory, which could be accessed by users with...

Grafana 安全漏洞

Grafana is a set of open-source monitoring tools developed by Grafana Open Source, which provide a visual monitoring interface. This tool is primarily used for monitoring and analyzing Graphite, InfluxDB, and Prometheus. Grafana has security vulnerabilities; these vulnerabilities arise from...

Aqua Security多款产品 安全漏洞

Aqua Security Trivy and Trivy Action are both products of Aqua Security. Trivy is a comprehensive and multifunctional security scanner. Trivy Action is a container vulnerability scanning software. Several products from Aqua Security have security vulnerabilities, which stem from supply chain...

Jenkins LoadNinja Plugin 安全漏洞

The Jenkins LoadNinja Plugin is an open-source plugin developed by Jenkins. The Jenkins LoadNinja Plugin versions 2.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the API keys not being shielded in the configuration form, which may lead to credential leaks...

Jenkins LoadNinja Plugin 安全漏洞

The Jenkins LoadNinja Plugin is an open-source plugin developed by Jenkins. The Jenkins LoadNinja Plugin versions 2.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the insecure storage of API keys, which may lead to credential leaks...

SUSE-SU-2026:0796-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. - CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects bsc1257441. -...

Before the Breach: When digital footprints become a strategic cyber risk

Overview For years, organizations have prioritized strengthening technical defenses, including hardening networks, accelerating patch management, and expanding endpoint detection and response capabilities. Defensive systems have become more adaptive, identity has moved to the center of security...

Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

ButtF - Backend Misconfiguration & Logic Flaw Exploitation Too...

n8n 安全漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.18 and 2.5.0 contained security vulnerabilities. These vulnerabilities were due to improper file access control, which could lead to the reading of sensitive files, credential leaks, and...

Tenda AC7 安全漏洞

The Tenda AC7 is a wireless router produced by the Chinese company Tenda. The Tenda AC7 V03.03.03.01cn and earlier versions have security vulnerabilities. These vulnerabilities stem from the exposure of sensitive information during web management responses, which may lead to credential leaks...

CLSA-2026-1768839607 ruby: Fix of 2 CVEs

CVE-2025-61594: fix incomplete fix for CVE-2025-27221 which allowed credential leaks to persist in URI+ - fully redact x-oauth-basic tokens from tests - update URI specs to reflect that modifying user or host clears credentials...

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed...

EUVD-2020-30761

Malware in sbrugna...

EUVD-2019-5964

Malware in sbrugna...

EUVD-2019-1761

Malware in sbrugna...