Lucene search
K

35400 matches found

Securelist
Securelist
added 4 days ago8 views

Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects

The following analysis presents the key findings from Kaspersky Compromise Assessment engagements performed in 2025. A compromise assessment is an independent, expert-driven service that examines whether a target network has been compromised. The service combines threat intelligence analysis...

6.6AI score
Exploits0
Circl
Circl
added 4 days ago8 views

CVE-2026-13830

creationtimestamp| type| source ---|---|--- 2026-07-02 01:11:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmtxpml3s2d 2026-07-02 07:20:09+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:16:03+00:00| seen|...

8.8CVSS5.7AI score0.00228EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-55260

Name of the Vulnerable Software and Affected Versions Flowmon ADS versions prior to 12.5.6 Flowmon ADS versions prior to 13.0.5 Description An authenticated low-privileged user in the Anomaly Detection System ADS can send specially crafted requests to gain unauthorized access to application data...

8.7CVSS5.9AI score0.00234EPSS
Exploits0References3
Circl
Circl
added 5 days ago6 views

CVE-2026-13816

creationtimestamp| type| source ---|---|--- 2026-07-01 19:23:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmak65jj526 2026-07-02 07:19:39+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702...

6.5CVSS5.7AI score0.00299EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago5 views

EUVD-2025-210392

picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon...

8.1CVSS6.5AI score0.00638EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago6 views

EUVD-2025-210389

picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserializatio...

8.1CVSS6.5AI score0.00585EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago5 views

EUVD-2025-210386

picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collectenv.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

8.1CVSS5.9AI score0.00395EPSS
Exploits0References3
NVD
NVD
added 6 days ago4 views

CVE-2025-71349

picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when...

8.1CVSS0.00562EPSS
Exploits0References2
NVD
NVD
added 6 days ago5 views

CVE-2025-71374

picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon...

8.1CVSS0.00638EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago20 views

CVE-2025-71371 picklescan - Remote Code Execution via code.InteractiveInterpreter Detection Bypass

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS0.00499EPSS
Exploits0References2
CVE
CVE
added 6 days ago6 views

CVE-2025-71371

CVE-2025-71371 affects picklescan

8.1CVSS6.1AI score0.00499EPSS
Exploits0References2
CVE
CVE
added 6 days ago9 views

CVE-2025-71368

Summary: CVE-2025-71368 affects picklescan prior to 0.0.30, which fails to detect the doctest.debug_script function when analyzing pickle files. This allows remote attackers to craft malicious pickle payloads embedding doctest.debug_script that bypass picklescan detection and trigger arbitrary co...

8.1CVSS6.1AI score0.00769EPSS
Exploits0References2
CVE
CVE
added 6 days ago7 views

CVE-2025-71363

CVE-2025-71363 affects the picklescan tool prior to 0.0.30. It fails to detect cProfile.run calls within pickle reduce methods, enabling remote attackers to craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and cause code execution during deserialization.

8.1CVSS6.5AI score0.00585EPSS
Exploits0References2
CVE
CVE
added 6 days ago10 views

CVE-2025-71352

The CVE-2025-71352 entry affects the Python-based tool picklescan (pre-0.0.29). The issue: picklescan fails to detect the built-in Python function trace.Trace.runctx when it is used inside pickle file reduce methods, enabling remote attackers to craft malicious pickle files that bypass detection ...

8.1CVSS6.1AI score0.00637EPSS
Exploits0References2
OSV
OSV
added 6 days ago3 views

MAL-2026-6698 Malicious code in cursed-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b6aab954f9b8edbc759c97eabe39d7a070c4dbe852586422761ad0f8c7ad95 [email protected] executes attacker-controlled code on three separate triggers and operates a bidirectional command channel against a hardcoded...

6AI score
Exploits0References19
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-54010

Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.30 Description The software fails to detect the doctest.debug script function during the analysis of pickle files. This allows remote attackers to create malicious pickle files containing calls to doctest.debug...

8.1CVSS6.2AI score0.00769EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-54011

Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect malicious pickle files that utilize the code.InteractiveInterpreter.runcode function within reduce methods. This allows attackers to craft pickle payloads that bypass...

8.1CVSS6.1AI score0.00499EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-54012

Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect the built-in Python profile.Profile.run function when it is utilized within pickle reduce methods. This allows remote attackers to craft malicious pickle files that...

8.1CVSS6.4AI score0.00638EPSS
Exploits0References4
OSV
OSV
added last week4 views

DEBIAN-CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added last week4 views

kernel: wifi: mac80211: use safe list iteration in radar detect work

A flaw was found in the Linux kernel's mac80211 wireless subsystem. This vulnerability arises from unsafe list iteration during radar detection work, where a channel context can be freed while still being processed. This can lead to a use-after-free memory error. A successful exploit could result...

8.8CVSS7.1AI score0.00203EPSS
Exploits0References5
Rows per page
Query Builder