Security update for keybase-client (important)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2026:0117-1 Rating: important References: 1253563 1253864 1254023 Cross-References: CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVSS scores: CVE-2025-47913 SUSE: 8.7...

CVE-2026-1072

The Keybase.io Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.5. This is due to missing nonce validation when updating plugin settings. This makes it possible for unauthenticated attackers to update the Keybase verification...

CVE-2026-1072

The Keybase.io Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.5. This is due to missing nonce validation when updating plugin settings. This makes it possible for unauthenticated attackers to update the Keybase verification...

CVE-2026-1072 Keybase.io Verification <= 1.4.5 - Cross-Site Request Forgery to Settings Update

The Keybase.io Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.5. This is due to missing nonce validation when updating plugin settings. This makes it possible for unauthenticated attackers to update the Keybase verification...

CVE-2026-1072

The Keybase.io Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.5. This is due to missing nonce validation when updating plugin settings. This makes it possible for unauthenticated attackers to update the Keybase verification...

CVE-2026-1072 Keybase.io Verification <= 1.4.5 - Cross-Site Request Forgery to Settings Update

The Keybase.io Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.5. This is due to missing nonce validation when updating plugin settings. This makes it possible for unauthenticated attackers to update the Keybase verification...

CVE-2026-1072

CVE-2026-1072 concerns the WordPress Keybase.io Verification plugin (versions

PT-2026-20272

The Keybase.io Verification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.5. This is due to missing nonce validation when updating plugin settings. This makes it possible for unauthenticated attackers to update the Keybase verification...

WordPress Keybase.io Verification plugin <= 1.4.5 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Keybase.io Verification versions = 1.4.5...

EUVD-2021-10755

Malware in sbrugna...

EUVD-2021-21084

Malware in sbrugna...

EUVD-2021-21079

Malware in sbrugna...

EUVD-2019-7469

Malware in sbrugna...

EUVD-2019-16793

Malware in sbrugna...

EUVD-2018-10345

Malware in sbrugna...

EUVD-2021-21080

Malware in sbrugna...

EUVD-2022-27922

Malicious code in bioql PyPI...

CVE-2021-23827

Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media such as private pictures in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodolog...

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

MAL-2025-3069 Malicious code in keybase-live-feed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04e37d8ed67c047350e5767575fe330037e3df4a1d2bc9a1159801b02c54a375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...