Lucene search
K

1385 matches found

OSV
OSV
added 2026/04/12 9:36 p.m.3 views

MAL-2026-2568 Malicious code in pt-sc-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 925a5c001d049ecefbe72bc5ba4090904c882bf13b6f97493387fe3ed04a661f The package pt-sc-logger was found to contain malicious code. Source: ghsa-malware deaf63bd8a081fcc49f46fdb9b4300abef500b33eba7034bbd8de142a60db3cd A...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/12 9:36 p.m.7 views

Malicious code in pt-sc-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 925a5c001d049ecefbe72bc5ba4090904c882bf13b6f97493387fe3ed04a661f The package pt-sc-logger was found to contain malicious code. Source: ghsa-malware deaf63bd8a081fcc49f46fdb9b4300abef500b33eba7034bbd8de142a60db3cd A...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/04/10 5:8 p.m.5 views

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres via the ForwardToWall process. An attacker can inject ANSI escape sequences into user terminals by executing a logger -p emerg command when the relevant configuration is enabled. This is only...

3.3CVSS5.8AI score0.00173EPSS
Exploits1References2
OSV
OSV
added 2026/04/10 4:16 p.m.5 views

DEBIAN-CVE-2026-40228

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set...

3.3CVSS5.5AI score0.00173EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/10 3:48 p.m.4 views

CVE-2026-40228

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set...

2.9CVSS5.9AI score0.00173EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/10 3:48 p.m.25 views

CVE-2026-40228

In systemd 259, the vulnerability affects the systemd-journald component. When a user executes a command like logger -p emerg and ForwardToWall=yes is set, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users. This is triggered by the ForwardToWall setting and does ...

3.3CVSS5.9AI score0.00173EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/04/10 3:48 p.m.60 views

CVE-2026-40228

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set...

2.9CVSS0.00173EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-31987

Name of the Vulnerable Software and Affected Versions systemd version 259 Description In systemd 259, the systemd-journald component can transmit ANSI escape sequences to the terminals of arbitrary users when a 'logger -p emerg' command is executed, provided that ForwardToWall=yes is configured...

3.3CVSS5.8AI score0.00173EPSS
Exploits1References11
RustSec
RustSec
added 2026/04/09 12:0 p.m.27 views

Rand is unsound with a custom logger using `rand::rng()`

It has been reported by @lopopolo that the rand library is unsound i.e. that safe code using the public API can cause Undefined Behaviour when all the following conditions are met: - The log and threadrng features are enabled - A custom logger is defined - The custom logger accesses rand::rng...

5.7AI score
Exploits0Affected Software1
OSV
OSV
added 2026/04/09 12:0 p.m.13 views

RUSTSEC-2026-0097 Rand is unsound with a custom logger using `rand::rng()`

It has been reported by @lopopolo that the rand library is unsound i.e. that safe code using the public API can cause Undefined Behaviour when all the following conditions are met: - The log and threadrng features are enabled - A custom logger is defined - The custom logger accesses rand::rng...

5.7AI score
Exploits0References3
GithubExploit
GithubExploit
added 2026/04/08 7:1 a.m.93 views

reverse_proxy_logger_xss

No d...

5.9AI score
Exploits0
Snyk
Snyk
added 2026/04/02 9:0 p.m.6 views

Malicious Package

Overview strapi-plugin-logger is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren't...

9.8CVSS6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/02 8:28 p.m.7 views

Malicious code in nwin64tls (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 72555231efbf126e61cb3aa59d3482bc7967af46898e46eb2b9b7f81af8cd40e Importing the module starts a loop that listens to key strokes and on every capslock press exfiltrates screenshot to a hardcoded location. --- Category:...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/02 11:28 a.m.9 views

Malicious code in @mgcrae/pino-pretty-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c31dc9253706aebd955016075e321d19d7dfc9b231882d7b24a6c932fa3dfa80 The package @mgcrae/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/04/02 11:28 a.m.4 views

Malicious Package

Overview @mgcrae/pino-pretty-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/04/01 9:10 a.m.1 views

Malicious Package

Overview jellyfi-pino-pretty-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/04/01 9:10 a.m.3 views

Malicious Package

Overview jonas-prettier-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/04/01 9:10 a.m.4 views

Malicious Package

Overview @logcore/pino-pretty-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/04/01 9:10 a.m.6 views

MAL-2026-2325 Malicious code in jonas-prettier-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28f4e8e2d6e083733be2f7a98647f2a7267b3be203837f3081b4884ef3b926a0 The package jonas-prettier-logger was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/01 9:10 a.m.8 views

Malicious code in jellyfi-pino-pretty-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d1230eb2336763c228ba6ac98d349f8cc64a1ae28755d8da374f336e77aa928 The package jellyfi-pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Rows per page
Query Builder