35400 matches found
Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects
The following analysis presents the key findings from Kaspersky Compromise Assessment engagements performed in 2025. A compromise assessment is an independent, expert-driven service that examines whether a target network has been compromised. The service combines threat intelligence analysis...
CVE-2026-13830
creationtimestamp| type| source ---|---|--- 2026-07-02 01:11:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmtxpml3s2d 2026-07-02 07:20:09+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:16:03+00:00| seen|...
PT-2026-55260
Name of the Vulnerable Software and Affected Versions Flowmon ADS versions prior to 12.5.6 Flowmon ADS versions prior to 13.0.5 Description An authenticated low-privileged user in the Anomaly Detection System ADS can send specially crafted requests to gain unauthorized access to application data...
CVE-2026-13816
creationtimestamp| type| source ---|---|--- 2026-07-01 19:23:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmak65jj526 2026-07-02 07:19:39+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702...
EUVD-2025-210392
picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon...
EUVD-2025-210389
picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserializatio...
EUVD-2025-210386
picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collectenv.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...
CVE-2025-71349
picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when...
CVE-2025-71374
picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon...
CVE-2025-71371 picklescan - Remote Code Execution via code.InteractiveInterpreter Detection Bypass
picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...
CVE-2025-71371
CVE-2025-71371 affects picklescan
CVE-2025-71368
Summary: CVE-2025-71368 affects picklescan prior to 0.0.30, which fails to detect the doctest.debug_script function when analyzing pickle files. This allows remote attackers to craft malicious pickle payloads embedding doctest.debug_script that bypass picklescan detection and trigger arbitrary co...
CVE-2025-71363
CVE-2025-71363 affects the picklescan tool prior to 0.0.30. It fails to detect cProfile.run calls within pickle reduce methods, enabling remote attackers to craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and cause code execution during deserialization.
CVE-2025-71352
The CVE-2025-71352 entry affects the Python-based tool picklescan (pre-0.0.29). The issue: picklescan fails to detect the built-in Python function trace.Trace.runctx when it is used inside pickle file reduce methods, enabling remote attackers to craft malicious pickle files that bypass detection ...
MAL-2026-6698 Malicious code in cursed-modules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b6aab954f9b8edbc759c97eabe39d7a070c4dbe852586422761ad0f8c7ad95 [email protected] executes attacker-controlled code on three separate triggers and operates a bidirectional command channel against a hardcoded...
PT-2026-54010
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.30 Description The software fails to detect the doctest.debug script function during the analysis of pickle files. This allows remote attackers to create malicious pickle files containing calls to doctest.debug...
PT-2026-54011
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect malicious pickle files that utilize the code.InteractiveInterpreter.runcode function within reduce methods. This allows attackers to craft pickle payloads that bypass...
PT-2026-54012
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect the built-in Python profile.Profile.run function when it is utilized within pickle reduce methods. This allows remote attackers to craft malicious pickle files that...
DEBIAN-CVE-2026-53434
Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...
kernel: wifi: mac80211: use safe list iteration in radar detect work
A flaw was found in the Linux kernel's mac80211 wireless subsystem. This vulnerability arises from unsafe list iteration during radar detection work, where a channel context can be freed while still being processed. This can lead to a use-after-free memory error. A successful exploit could result...