8 matches found
CVE-2026-62294
Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...
CVE-2026-62294 Flameshot: OCTOU symlink attack via predictable /tmp path in Flameshot "Open With"
Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...
EUVD-2026-44675
Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...
CVE-2026-62294
Flameshot prior to 14.0.0 is affected by a local TOCTOU race in the Open With feature. The software wrote screenshots to a predictable temporary path and followed symlinks, enabling a local unprivileged user on the same machine to pre-plant a symlink and cause Flameshot to write PNG data through ...
Malicious code in @flameshot/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b8bbca4a9cd0a35a35928860188f38aa877f6edfa6b4eb2b65c110d2d83990bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-275 Malicious code in @flameshot/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b8bbca4a9cd0a35a35928860188f38aa877f6edfa6b4eb2b65c110d2d83990bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @flameshot-org/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dfc208be31b8f932d6175ac98e7ddc5249c25d6e735a9af5a2c8266770cb9a45 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
RedHunt OS v2 - Virtual Machine For Adversary Emulation And Threat Hunting
Virtual Machine for Adversary Emulation and Threat Hunting by RedHunt Labs RedHunt OS aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. Base Machin...