PT-2026-48751

Unauthenticated Cross Site Scripting XSS in WP Google Review Slider = 18.0 versions...

PT-2026-46369

Unauthenticated Local File Inclusion in Choreo = 1.6 versions...

PT-2026-46353

Unauthenticated Local File Inclusion in Preservation = 1.10 versions...

PT-2026-46333

Unauthenticated Local File Inclusion in Iona = 1.0.8 versions...

PT-2026-46320

Unauthenticated Local File Inclusion in Geya = 1.15 versions...

PT-2026-46351

Unauthenticated Local File Inclusion in Abelle = 1.22 versions...

PT-2026-46360

Unauthenticated Cross Site Scripting XSS in Grand Car Rental = 3.7 versions...

PT-2026-46365

Unauthenticated Local File Inclusion in Snowy = 1.13 versions...

EUVD-2023-40390

Malicious code in bioql PyPI...

MAL-2025-6220 Malicious code in svelte-intl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4125174a3a5dd31d226347f4233e451beb406573ff2e254d5b9b6289f52ff3af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6137 Malicious code in yarn-test-git-repo (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware edc9cafea25a24afd9f19a9a4ba2af18e06bd436e07baa0c8cb4250ab522228c Any computer that has this package installed or running should be considered...

CVE-2025-53025

The CVE-2025-53025 entry refers to Oracle VM VirtualBox (Core) with affected version 7.1.10. The vulnerability permits a high-privileges attacker who can log on to the infrastructure running VirtualBox to compromise the product, with potential impact including unauthorized access to critical data...

CVE-2025-50102

...

CVE-2025-50078

...

CVE-2025-50060

...

MAL-2025-5979 Malicious code in wrb3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08d88ef4850c22d9aecb5ddb11ae54339766a852526d80394aea04b92d91aaf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5933 Malicious code in lezer-promql-tree-viz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75c995399e97f574eb4cc3e4484bfabc69554ee170fa58d38740ba5d058568d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5487 Malicious code in @verrylinh/discord (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4318dae373846eedd4a261b1261f3bd9b820a4a0ce74f9e3adac51d403204428 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5479 Malicious code in webengage (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b526ee0b000536b84421cac42f7eaa62010d08785c0d61238fe4c3afe8a445d Any computer that has this package installed or running should be considered...

MAL-2025-5177 Malicious code in api-mojang (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c546cb9cfb37fc5b4a75a68896eb8c7cbd4d9be14ddfd39d74f9c47d42e86419 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...