Lucene search
K

850 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/geo-coord (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.7 views

MAL-2026-3999 Malicious code in @antv/geo-coord (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.4 views

@antv/l7-editor (>=1.1.0 <=1.1.13), @antv/li-aiearth-assets (>=0.0.1 <=0.4.7) +2 more potentially affected by unknown CVE via @antv/sam (>=0.0.1 <=0.1.0)

@antv/sam NPM version =0.0.1, =1.1.0, =0.0.1, =0.1.1, =0.1.3 - @tommy2gis/geo-editor =1.1.9 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVSAM-16754425...

5.5AI score
Exploits0
Patchstack
Patchstack
added 2026/05/14 11:5 a.m.10 views

WordPress MapGeo – Interactive Geo Maps plugin <= 1.6.27 - Interactive Geo Maps <= 1.6.27 - Reflected Cross-Site Scripting vulnerability

Interactive Geo Maps plugin = 1.6.27 - Interactive Geo Maps = 1.6.27 - Reflected Cross-Site Scripting vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Interactive Geo Maps versions = 1.6.27...

6.1CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/05/14 2:10 a.m.80 views

Exploit for CVE-2026-4060

CVE-2026-4060 — Geo Mashup ≤ 1.13.18 Unauthenticated SQL Injec...

7.5CVSS6AI score0.00304EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/05/12 2:21 p.m.8 views

CVE-2025-43992

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS5.8AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 12:25 a.m.13 views

MAL-2026-3445 Malicious code in @squawk/geo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b40cdbd9c6b1d4f4cfb2769aa09dc2a6c1375426de1eaa166de681740f556cd4 The package @squawk/geo was found to contain malicious code. Source: ghsa-malware ff0e460885b141aab0b22a38b446936439b76287160c78aaad30d7ad4ab22ed9 An...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:25 a.m.11 views

Malicious code in @squawk/geo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b40cdbd9c6b1d4f4cfb2769aa09dc2a6c1375426de1eaa166de681740f556cd4 The package @squawk/geo was found to contain malicious code. Source: ghsa-malware ff0e460885b141aab0b22a38b446936439b76287160c78aaad30d7ad4ab22ed9 An...

5.8AI score
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.10 views

@squawk/airports (>=0.3.1 <=0.6.1), @squawk/airspace (>=0.2.3 <=0.8.0) +4 more potentially affected by unknown CVE via @squawk/geo (>=0.2.1 <=0.4.3)

@squawk/geo NPM version =0.2.1, =0.3.1, =0.2.3, =0.1.3, =0.3.1, =0.2.0, =0.2.3, =0.4.1 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKGEO-16640893...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.9 views

@squawk/airport-data (>=0.2.0 <=0.7.9), @squawk/airports (>=0.2.0 <=0.6.1) +16 more potentially affected by unknown CVE via @squawk/types (>=0.3.1 <=0.8.0)

@squawk/types NPM version =0.3.1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.3.5 and more Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKTYPES-16640890...

5.5AI score
Exploits0
EUVD
EUVD
added 2026/05/11 12:32 p.m.12 views

EUVD-2025-209757

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS5.8AI score0.00235EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 10:16 a.m.15 views

CVE-2025-43992

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS0.00235EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 9:27 a.m.7 views

CVE-2025-43992

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS5.8AI score0.00235EPSS
Exploits0References2
CVE
CVE
added 2026/05/11 9:27 a.m.22 views

CVE-2025-43992

CVE-2025-43992 affects Dell EMC: Dell ECS versions 3.8.1.0–3.8.1.7 and Dell ObjectScale versions before 4.3.0.0. The issue is an authentication bypass via assumed-immutable data in Geo replication, allowing an unauthenticated attacker with remote access to potentially access data in transit. The ...

5.6CVSS5.8AI score0.00235EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/05/11 9:27 a.m.8 views

CVE-2025-43992

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS5.8AI score0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 9:27 a.m.38 views

CVE-2025-43992

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.8 views

Dell ECS 安全漏洞

Dell ECS is an enterprise-level object storage solution from the American company Dell. Versions 3.8.1.0 to 3.8.1.7 of Dell ECS, as well as versions prior to 4.3.0.0 of Dell ObjectScale, have security vulnerabilities. These vulnerabilities stem from a certification bypass in Geo replication, whic...

5.6CVSS5.9AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.13 views

PT-2026-39582

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS5.8AI score0.00235EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/05 11:59 a.m.8 views

WordPress Geo Mashup plugin <= 1.13.19 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin Geo Mashup versions = 1.13.19...

6.5CVSS5.9AI score0.00367EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/05 10:33 a.m.13 views

WordPress Geo Mashup plugin <= 1.13.18 - Unauthenticated Time-Based SQL Injection vulnerability

Unauthenticated Time-Based SQL Injection vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Geo Mashup versions = 1.13.18...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder