104 matches found
PT-2026-23497
Incorrect Authorization vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.API.OAuthController' module allows Privilege Escalation. An API key created with read-only permissions domain: "api", resource: "read" can be escalated to full write access under specific conditions. When exchanging a...
This startup aims to solve crypto’s broken key management problem
Crypto security firm Sodot launches Exchange API Vault to stop API key theft, securing billions in assets while supporting low latency, high frequency trading...
CVE-2019-18933
In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication e.g., GitHub or Google SSO in an organization that also allows password authentication could have their personal API key stolen by an...
Malicious code in testingpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 577f9c1cdb7d3ef0e010cc9e292142a11f3a84a9f1ed42f238a920e7e9617b35 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...
CVE-2025-64122
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...
EUVD-2025-206224
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...
CVE-2025-64122
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...
CVE-2025-64122
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...
CVE-2025-64122 Nuvation Energy Multi-Stack Controller Private Key Stored on Device
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...
CVE-2025-64122 Nuvation Energy Multi-Stack Controller Private Key Stored on Device
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...
CVE-2025-64122
CVE-2025-64122 describes an Insufficiently Protected Credentials vulnerability in the Nuvation Energy Multi-Stack Controller (MSC) that enables Signature Spoofing via Key Theft. Affected product: MSC versions up to and including 2.5.1. Root cause and impact are limited to credentials protection a...
PT-2026-1137
Name of the Vulnerable Software and Affected Versions Nuvation Energy Multi-Stack Controller MSC versions through 2.5.1 Description A weakness exists in the Nuvation Energy Multi-Stack Controller MSC that allows Signature Spoofing by Key Theft due to insufficiently protected credentials. This cou...
Cline Bot AI Agent Vulnerable to Data Theft and Code Execution
Mindgard reveals 4 critical security flaws in the popular Cline Bot AI coding agent. Learn how prompt injection can hijack the tool for API key theft and remote code execution...
EUVD-2019-8606
Malware in sbrugna...
EUVD-2024-0123
Malicious code in bioql PyPI...
EUVD-2024-2115
Malicious code in bioql PyPI...
EUVD-2025-6993
Malicious code in bioql PyPI...
EUVD-2024-3112
Malicious code in bioql PyPI...
EUVD-2024-25271
Malicious code in bioql PyPI...
EUVD-2022-2195
Malicious code in bioql PyPI...