19361 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-41855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and...
MAL-2026-5338 Malicious code in solana-web3-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af1a2f1a7c7e3bddb9c8d2fcb8a4c86a6755763c94b95b1eddb81f382318c432 Malicious typosquat impersonating the legitimate Solana Python SDK solana / solana-py and the JS @solana/web3.js. The package ships no SDK...
Malicious code in spl-token-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e05ba3043dc87365ee0b1dc44cc58243b34b6cdccdf258c5bb9218a06a65d336 On import spltokenpy, the package's init.py collects sensitive files from the installer's machine — /.config/solana/id.json Solana wallet key,...
GHSA-8X6R-G9MW-2R78 vulnerabilities
Vulnerabilities for packages: vitess...
MAL-2026-5333 Malicious code in nerfstudio-gs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 523b928ceb73227e96f02eb85783222da17d0e716c9c7012b4cbcafd1e787f58 During installation or Python setup via PTH file, the code exfiltrated all kinds of sensitive data, including env variables, browser's data, SSH keys, data fro...
Exploit for Argument Injection in Gnu Inetutils
CVE-2026–24061 : GNU InetUtils telnetd Authentication Bypass...
CVE-2026-40290
A flaw was found in OP-TEE Trusted Execution Environment. A local attacker could exploit a user-after-free UAF race condition in the shared memory teardown logic when OP-TEE is configured as a Secure Partition Management Controller SPMC for Secure EL0 S-EL0 Secure Partitions. This vulnerability...
Exploit for Improper Authentication in Wordpress
CVE-2008-1930 Exploitation Documentation Guide Document In...
MAL-2026-5305 Malicious code in tlask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2b3ae446f7b8d808b84c157ec455883e0bc45e4f4180e51c5cd42ff9852712a2 Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...
Malicious code in rsquests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b32959e10bc6b1df57d105a5e5d74cbe7b69660cb7a1e78185d3f5e0e0f07e10 Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...
Malicious code in nhmpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b2d6b794431c52ef6b905eb676d70274a792cbca1b266a3405734a7a900860b Typosquatting package published from a compromised account with an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed usi...
Windows 11 Hardening Auditor for WinRE and BitLocker
This Python-based Windows security utility performs defensive auditing and mitigation tasks focused on Windows Recovery Environment WinRE and CVE-2026-45585, BitLocker protection policies, Secure Boot, TPM configuration, and boot-time execution integrity on Windows 11 systems...
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
TrendAI™ integrates Anthropic's Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: one keeps all data inside the environment, while the other feeds TrendAI Vision One™ for deeper correlation and compliance...
AI Assurance in UK Defence: Challenges in Operationalising JSP 936
This report examines practical challenges in operationalising JSP 936 Part 1 for AI assurance in UK Defence. Using a structured interpretive review of the directive's requirements, the analysis identifies eight thematic challenge areas adequacy of evidence and argument, management of human...
AutoSUT: The Environment Semantics Gap in Structured CTI for Adversary Emulation
Structured Cyber Threat Intelligence CTI is increasingly used for adversary emulation, detection evaluation, and cyber range design. However, these workflows still require a target System Under Test SUT whose environment is not fully described by public CTI. We measure how much of that environmen...
Malicious code in instructor-mcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db8a103a73261cd6de8f763fa639d1bd148124ca661893e9d3ab73cd76ab50b instructor-mcp 1.15.2 is a typosquat of the legitimate instructor PyPI library it copies the same author names, README, and repository URL...
Malicious code in magique-ai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6806267ad399a4b51411f5176e26470cccb7803dff5f0f6f1e3dca6e6c82170c Versions 0.4.4, 0.4.5 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5317 Malicious code in instructor-mcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db8a103a73261cd6de8f763fa639d1bd148124ca661893e9d3ab73cd76ab50b instructor-mcp 1.15.2 is a typosquat of the legitimate instructor PyPI library it copies the same author names, README, and repository URL...
MAL-2026-5280 Malicious code in bramin (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fb2ac40fcb4626c5e7dea5e26951bc0965b39a1eb721c1a8f23846f421a5827 bramin ships a bramin-setup.pth file that Python auto-executes at every interpreter startup system-wide, not only when bramin is imported. The.pth...
MAL-2026-5284 Malicious code in synago (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3e1bae7957cb735edd8424c1d2efe54b597c3a484ba77c9239e9ff8ec06327f The package installs synago-setup.pth, which Python auto-executes on every interpreter startup not only on import synago. The.pth contains an...