Lucene search
K

37568 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-53653

Grav is a file-based Web platform. Prior to 1.7.53 and 2.0.0-rc.8, Grav allows an unauthenticated visitor to exhaust server memory and CPU by requesting image derivatives with oversized dimensions through URL query image actions such as forceResize in Grav::fallbackUrl, which passes request...

8.7CVSS0.00301EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42943

Grav is a file-based Web platform. Prior to 1.7.53 and 2.0.0-rc.8, Grav allows an unauthenticated visitor to exhaust server memory and CPU by requesting image derivatives with oversized dimensions through URL query image actions such as forceResize in Grav::fallbackUrl, which passes request...

8.7CVSS6.1AI score0.00301EPSS
Exploits0References5
CVE
CVE
added 4 days ago6 views

CVE-2026-53653

Grav (file-based web platform) contains CVE-2026-53653: unauthenticated denial of service by requesting image derivatives with oversized dimensions via URL actions like forceResize in Grav::fallbackUrl. The root cause is that request parameters are passed to ImageMedium magic actions without a di...

8.7CVSS6.1AI score0.00301EPSS
Exploits0References5
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-53653 Grav: Unauthenticated denial of service via unbounded image derivative dimensions

Grav is a file-based Web platform. Prior to 1.7.53 and 2.0.0-rc.8, Grav allows an unauthenticated visitor to exhaust server memory and CPU by requesting image derivatives with oversized dimensions through URL query image actions such as forceResize in Grav::fallbackUrl, which passes request...

8.7CVSS0.00301EPSS
Exploits0References5
HackRead
HackRead
added 2026/04/28 8:53 p.m.8 views

Decoding Q1 2026’s $152.9 Billion Crypto Custody Concentration

Crypto Custody Concentration hits $152.9B as institutions shift to derivatives, consolidating capital on top exchanges amid Q1 market slowdown...

5.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/02/02 6:56 p.m.5 views

CVE-2026-24471

continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...

9.3CVSS5.7AI score0.00312EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in beta-try-omicron-orchestrate-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b40241994a51d236f94131d470823d6b7102b40d2be0b6ee91870c93a7ef67ad This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in got-lynx-greatfilter-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb1e5ae3602ba1d907e123d07c8bb75e62724ff1d8078775eb901682291c03f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in execute-java-short-cluster-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0078f37af1918262289019391ff05bf9d93d02c69489efe7d3c4cd18bc998f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.3 views

Malicious code in soap-wasat-frontend-astroinformatics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 035f9ef7998b394d382afc13f9209220a634c21114f0432767956685d56e9cf2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in aether-start-lepton-mdx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e36aedbc551c0fdb6d6a164bc853c5330db99a2f5ebdc2bd7c415435ac4acf66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in zeta-cold-notify-fire-easy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77229f2590e999b50f84151be215aed98544f5d472493de435539a1fb1794260 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in cluster-steganography-slides-entanglement (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796ab19af8288ef87fc08c84b75032e9a955512cf76daaf4f031d635f7ec9e99 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in cordelia-zenith-ganymede-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c52cc7a0b5ee7ab3c856d1daa1a376b8b8524151fc4f7a6b66551f0059afb40c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in planetology-deneb-betelgeuse-ini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d9e76fd68dea4a218da7554c4a828cd8f512e9399f2f98a6ba89184f1e1ac45 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in server-filament-framework-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 358fa0dd87122948b061c1340cb9ff978517012369a5031ba9ed47b043345bc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in vuepress-centauri-transhumanism-astrobiology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdb05993db85d17c64f179ee15f5d3d4425016c0f6dd71699c1b011dd854db6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.9 views

Malicious code in mensa-spectron-webdriver-prettier-stylelint-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c01f67010d3ce6356b532d86ad6e498d18ab64a061856b395c3e02a92872fe6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in analyze-abstract-hash-code-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94747fbea6244359c0e5f32c8af9461dfd765fc51d10bca1d94dd3e3f0cef6b8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in child-process-stratigraphy-subduction-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e7c49dd3945225b658c5a51f33c18f72ccbb43fd246685797fce72947468f0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder