6718 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: tpm: Added !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 Kerne...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereferencing of the timing generator Why & How Check whether the assigned timing generator is NULL before accessing its functions, to prevent NULL dereferencing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: hwrng: cavium – fixed the NULL but dereferenced coccicheck error. Fixed the following coccicheck warnings: ./drivers/char/hwrandom/cavium-rng-vf.c:182:17-20: ERROR: pdev is NULL but was dereferenced...
Malicious code in protocol-stub-generator (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8ad6f31dc6bdf35ca55cf2a55e9124e07131de068c8ff945e62716637b6e06d1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-3237 Malicious code in protocol-stub-generator (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8ad6f31dc6bdf35ca55cf2a55e9124e07131de068c8ff945e62716637b6e06d1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2026-7595
A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the function formatplugins of the file .claude/skills/ui-styling/scripts/tailwindconfiggen.py of the component Tailwind Config Generator. This manipulation causes code injection. The attac...
CVE-2026-7596
A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting. The attack may ...
CVE-2026-7596
A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting. The attack may ...
CVE-2026-7596 nextlevelbuilder ui-ux-pro-max-skill Slide Generator generate-slide.py data.get cross site scripting
A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting. The attack may ...
EUVD-2026-26720
A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting. The attack may ...
CVE-2026-7596 nextlevelbuilder ui-ux-pro-max-skill Slide Generator generate-slide.py data.get cross site scripting
A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting. The attack may ...
CVE-2026-7596
CVE-2026-7596 affects the Nextlevelbuilder product family “ui-ux-pro-max-skill” up to version 2.5.0. The issue is in the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py within the Slide Generator component, enabling a cross-site scripting (XSS) vulnerability. ...
CVE-2026-7595 nextlevelbuilder ui-ux-pro-max-skill Tailwind Config Generator tailwind_config_gen.py _format_plugins code injection
A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the function formatplugins of the file .claude/skills/ui-styling/scripts/tailwindconfiggen.py of the component Tailwind Config Generator. This manipulation causes code injection. The attac...
CVE-2026-7595 nextlevelbuilder ui-ux-pro-max-skill Tailwind Config Generator tailwind_config_gen.py _format_plugins code injection
A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the function formatplugins of the file .claude/skills/ui-styling/scripts/tailwindconfiggen.py of the component Tailwind Config Generator. This manipulation causes code injection. The attac...
CVE-2026-7595
A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the function formatplugins of the file .claude/skills/ui-styling/scripts/tailwindconfiggen.py of the component Tailwind Config Generator. This manipulation causes code injection. The attac...
CVE-2026-7595
The CVE-2026-7595 affects the NextLevelBuilder UI package ui-ux-pro-max-skill (up to 2.5.0). Affected component: Tailwind Config Generator; vulnerable code: function _format_plugins in .claude/skills/ui-styling/scripts/tailwind_config_gen.py. The manipulation leads to code injection. Impact inclu...
EUVD-2026-26718
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...
PDFGenerator
No d...
UI UX Pro Max 注入漏洞
UI UX Pro Max is Next Level Builder open source a cross-platform UI/UX intelligent design system generation tool. UI UX Pro Max 2.5.0 and earlier versions of the injection vulnerability , the vulnerability stems from the Tailwind Config Generator component in the...
UI UX Pro Max 跨站脚本漏洞
UI UX Pro Max is Next Level Builder open source a cross-platform UI/UX intelligent design system generation tool. UI UX Pro Max 2.5.0 and earlier versions have a cross-site scripting vulnerability that originates from improper manipulation of the data.get function in the...