Malicious code in @devcarron/clob (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

PT-2025-46473

Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description An issue exists that allows for local privilege escalation. The problem stems from improper link resolution before file access 'link following' within the Host Process for Windows...

Exploit for CVE-2025-56799

CVE-2025-56799 OS Command Injection Vulnerability via Cach...

PT-2023-22022 · Ncp · Ncp Secure Enterprise Client

Name of the Vulnerable Software and Affected Versions: NCP Secure Enterprise Client versions prior to 13.10 Description: The issue allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%TempNcpSupport location. This can lead to elevated...

PT-2019-19370 · Sublime Text · Sublime Text

Name of the Vulnerable Software and Affected Versions: Sublime Text 3 version 3.1.1 build 3176 Description: DLL hijacking is possible because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublime text.exe to open a...