Lucene search
+L

888 matches found

OSV
OSV
added 2026/05/22 8:57 a.m.17 views

MAL-2026-4753 Malicious code in gt-tester-exp-profiler-exp-00000017 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1490f970bd52c80c89f33029f9e875f1fb595014621d50e0ce87a167d1cd348 setup.py installs a site-wide.pth file gttesterexpprofilerexp00000017probe.pth into site-packages that imports the package's probe module and calls...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 7:48 a.m.15 views

Malicious code in @euqns/nudge-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b1e494fee8148b95f98e5de04cc4ecd78ed793ff2d019ae672e2b22d2debc3b The package ships dist/setup.js which performs HTTP POST requests at install time to a hardcoded external endpoint at...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/22 7:48 a.m.11 views

MAL-2026-4387 Malicious code in @euqns/nudge-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b1e494fee8148b95f98e5de04cc4ecd78ed793ff2d019ae672e2b22d2debc3b The package ships dist/setup.js which performs HTTP POST requests at install time to a hardcoded external endpoint at...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/21 8:18 p.m.8 views

MAL-2026-4530 Malicious code in cloudsmith-vsc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b49ad4432747f754181e7a8428aff5fd2613f9d86283f05a04c2dd1f9ac2f2f package.json declares a preinstall hook "preinstall": "node index.js" that runs automatically on npm install. index.js reads installer-side system...

5.8AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/05/20 11:46 a.m.34 views

Firefox 151 packs big privacy upgrades into a small update

Mozilla has published release notes for Firefox browser version 151.0, and this update includes several genuinely meaningful privacy and security improvements. Three changes stand out in particular: Stronger anti‑fingerprinting Broader protection for local network access More control over private...

9.6CVSS6AI score0.00532EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

An access issue has been resolved through improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, and watchOS 10.3. A maliciously crafted webpage may be able to obtain user information...

6.5CVSS6.9AI score0.00921EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 2:15 a.m.18 views

Malicious code in @wengine-ai/claude-code-router-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45e362000d036139e02a066a82ec157314a07796e0e855cdce184cc081ca4591 dist/index.js line 14 issues a fetch call to https://pub-0dc3e1677e894f07bbea11b17a29e032.r2.dev, an anonymous Cloudflare R2 bucket, and references...

6AI score
Exploits0References7
OSV
OSV
added 2026/05/20 2:15 a.m.10 views

MAL-2026-4468 Malicious code in @wengine-ai/claude-code-router-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45e362000d036139e02a066a82ec157314a07796e0e855cdce184cc081ca4591 dist/index.js line 14 issues a fetch call to https://pub-0dc3e1677e894f07bbea11b17a29e032.r2.dev, an anonymous Cloudflare R2 bucket, and references...

6AI score
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/19 6:13 p.m.12 views

webkitgtk: A maliciously crafted webpage may be able to fingerprint the user

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.9 views

ALSA-2026:19206 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

8.8CVSS6.7AI score0.00961EPSS
Exploits2References38
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.15 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

8.8CVSS6.7AI score0.00961EPSS
Exploits2References38
GithubExploit
GithubExploit
added 2026/05/17 4:52 p.m.115 views

MillieRCE

MillieRCE Millie is an advanced browser-based remote code exec...

6.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/09 1:43 p.m.100 views

webhunter

🕷️ WebHunter — OWASP Top 10 AI Scanner !Pythonhttps://im...

5.9AI score
Exploits0
SUSE Linux
SUSE Linux
added 2026/05/07 10:49 a.m.8 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected proces...

6.5CVSS5.6AI score0.0072EPSS
Exploits2References32
RedHat Linux
RedHat Linux
added 2026/05/05 6:15 p.m.9 views

webkitgtk: A maliciously crafted webpage may be able to fingerprint the user

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.19 views

PT-2026-36320

Unauthenticated Cross Site Scripting XSS in Contact Form to Any API = 3.0.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/04/30 7:12 a.m.85 views

Agent389

Agent389 Agent389 is a professional, high-fidelity LDAP inje...

5.3AI score
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.17 views

Medium: webkitgtk4

Issue Overview: A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may disclose internal states of the app...

6.5CVSS5.6AI score0.0072EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 p.m.5 views

webkitgtk: A maliciously crafted webpage may be able to fingerprint the user

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user...

4.3CVSS5.1AI score0.00276EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/04/29 12:0 a.m.6 views

PrestaShop Version Hunter

psversionhunter.py fingerprints a PrestaShop installation by comparing the versions of its native modules against the module versions bundled with a known PrestaShop release tag. This is useful when a target does not expose the PrestaShop core version directly but still exposes native module...

5.2AI score
Exploits0
Rows per page
Query Builder