Exploit for Out-of-bounds Read in Microsoft

CVE-2025-24055 — Unauthenticated Slack OAuth Install in Langfu...

Exploit for Improper Access Control in Langfuse

CVE-2026-24055 — Unauthenticated Slack OAuth Install in Langfu...

Medium: docker

Issue Overview: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may...

VulnCheck KEV: CVE-2026-28515

openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this...

Malicious code in math-array-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1b6411ce9c35210436bef6dadb284e5d89ec85c2cc17f970509aa4b5f30c2440 During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

MAL-2026-3705 Malicious code in math-array-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1b6411ce9c35210436bef6dadb284e5d89ec85c2cc17f970509aa4b5f30c2440 During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

MAL-2026-3701 Malicious code in api-request-helpers (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c8e8b70ac4deca30691d583ac6891034222b7458bf5ba9e7b86cf5e6627d8abb During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

Malicious code in vue-template-compiler-plugin (npm)

Full C2 implant disguised as vue-template-compiler fork. postinstall-run.cjs loads tooling-bootstrap.cjs which contains base64-encoded C2 agent. Decoded payload: registers victim hostname, username, OS to Cloudflare tunnel C2 at maiden-apply-looks-education.trycloudflare.com, beacons for tasks,...

Claude Code 后置链接漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 1.3834.0 contained a post-installation vulnerability. This vulnerability stemmed from the CoworkVMService component running with SYSTEM privileges and without verifying wheth...

Malicious code in always-updates (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dee16a964c16035579f7be2f965a801f87876080603f389e1e75ec3073bd5c2c The package's sole advertised CLI aupd, registered as a consolescripts entry point to alwaysupdates.main:main executes...

EUVD-2026-29556

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

GHSA-R6HF-G5X6-7PV9 Guardrails AI contains a code injection vulnerability in its Hub package installation mechanism

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

Arbitrary Code Injection

Overview guardrails-ai is an Adding guardrails to large language models. Affected versions of this package are vulnerable to Arbitrary Code Injection via the subprocess.checkoutput function. An attacker can execute arbitrary code by publishing a malicious package to the Hub, which is then install...

CVE-2026-31233

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

The vulnerability was exploited in Microsoft SQL Server

Microsoft has identified a vulnerability in SQL Server. A malicious individual with authorized access can exploit this vulnerability to execute arbitrary code under the control of the SQL Server. Microsoft has provided updates that address the described vulnerabilities. We recommend that you...

EUVD-2026-29468

Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and...

MAL-2026-3693 Malicious code in kaggle-runner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...

CVE-2025-40947

CVE-2025-40947 affects ruggedized Siemens/RUGGEDCOM ROX lines: MX5000, MX5000RE, RX1400, RX1500/1501/1510/1511/1512/1524/1536, RX5000, all versions below V2.17.1. The root cause is improper sanitization of user-supplied input during the feature key installation process, enabling an authenticated ...

MAL-2026-3676 Malicious code in 88q (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb830829cae1605ff7626653a2470db03cd5a5aab98b3f0a7f5912eaf244561b The main entrypoint index.js runs an IIFE at require time that monkey-patches the global console.warn and console.error methods. After the override,...

Malicious code in crazehub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53d37c0e75f63e9da7adcc1f71f8b67a665d080342df6857a15dadc297e4f075 crazehub/init.py performs multiple user-hostile actions at import time. Lines 2-3 unconditionally run os.system"pip install phonenumbers" and...