42265 matches found
CVE-2026-15028
creationtimestamp| type| source ---|---|--- 2026-07-10 12:03:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqc453ekyq2x 2026-07-10 12:36:29+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mqc5ypgytn26 2026-07-10 13:20:44+00:00| seen|...
Malicious code in nodemon-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15ac606888cb1a54710bafa78dc76d760bef1088bb5e2cc0f0323614341345e5 The package is named nodemon-patch but its package.json metadata homepage https://nodemon.io, author Remy Sharp / github.com/remy, repository, fundin...
CVE-2026-15311
creationtimestamp| type| source ---|---|--- 2026-07-10 00:57:22+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mqawwlemrj2q 2026-07-10 19:55:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcwjoofi22a...
CVE-2026-15317
creationtimestamp| type| source ---|---|--- 2026-07-10 00:55:49+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mqawtt3ljg2o...
WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.89 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by dutafi in WordPress Plugin Anti-Malware Security and Brute-Force Firewall versions = 4.23.89...
Malicious code in n8n-nodes-mcputils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa6d921f2167545e1c8e1a4dfa9981a2b9ce2878b1406608d4673aadd00a761b The package poses as an n8n community node for MCP utility helpers but performs unrelated binary-dropper actions. The postinstall lifecycle script ru...
Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became public. The vulnerability, tracked as CVE-2026-50656 CVSS score: 7.8, is a privilege escalation issue in the Microsoft Malware Protection Engine "mpengine.dll...
Malicious code in clavuepro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97a9e3cf794eb2bc8d9ebb4bab007a52bf9fc1ed9dbc3db19695542503ec253e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
CVE-2026-35210
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any authenticated user with KNOWLEDGEKNUPDATE permission to bypass Confidence Level validation and Object Marking...
CVE-2026-35210 OpenCTI: Authorization Bypass via `synchronized-upsert` HTTP Header Injection
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any authenticated user with KNOWLEDGEKNUPDATE permission to bypass Confidence Level validation and Object Marking...
CVE-2026-35210
Summary: OpenCTI prior to version 7.260326.0 contains an authorization bypass via the synchronized-upsert: true HTTP header, exploitable by any authenticated user with KNOWLEDGE_KNUPDATE permission. This allows bypassing Confidence Level validation and Object Marking restrictions, enabling attack...
GHSA-W54J-7WPM-CRHJ
creationtimestamp| type| source ---|---|--- 2026-07-08 14:44:37+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mq5e7yeusk2s...
GHSA-HWMJ-QG4V-CVG9
creationtimestamp| type| source ---|---|--- 2026-07-08 14:41:40+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mq5e2piu2p26...
MAL-2026-6962 Malicious code in gas-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36241e999d92bad738082bf420fc144391735f9f3707bc4baa0153b4cb0eec8a gas-log impersonates the legitimate eth-gas-reporter package: it reuses that project's README, keywords, badges, and CHANGELOG, and the README even...
Malicious code in pyqt6darktheme (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8cd6d16792d681b160ae1e11b3f698d8fd3004cd6019704008ad1c649fbe6f67 Package downloads and runs a remote executable, which was found to downloads further exes and starting coine mining --- Category: MALICIOUS - The campaign has...
PT-2026-56601
Name of the Vulnerable Software and Affected Versions OpenCTI versions prior to 7.260326.0 Description An authorization bypass allows authenticated users with KNOWLEDGE KNUPDATE permission to circumvent Confidence Level validation and Object Marking restrictions. This is achieved by injecting the...
Malicious code in whs4_nmp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53a1fc3c42fcd64070dd50db1ed23a9f238bd10fea9bba087cb605f7419af28c The package's postinstall script runs node index.js on install, which invokes reportLoadedFrom to POST installer-side data to a hardcoded Discord...
Malicious code in whs4_npm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47695d571fe82fbb4402e8cc7f56c05e1cb21d0bc8089ccbd8fca32f8cf5a57c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6950 Malicious code in whs4_nmp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53a1fc3c42fcd64070dd50db1ed23a9f238bd10fea9bba087cb605f7419af28c The package's postinstall script runs node index.js on install, which invokes reportLoadedFrom to POST installer-side data to a hardcoded Discord...
MAL-2026-6953 Malicious code in whs4_pnm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47d72187d8b59a9a40cb8397d064bc7319b20e19ee7d48b870432bd96952b089 The package declares a postinstall script node index.js that runs unconditionally on npm install. The script POSTs the absolute filename path which...