4510 matches found
EUVD-2025-177883
Malicious code in meta-grep-stack-serialize-authenticate npm...
EUVD-2025-179373
Malicious code in decrypt-info-meta-table-big npm...
EUVD-2025-177886
Malicious code in meta-boolean-analyze-decode-cloud npm...
EUVD-2025-176234
Malicious code in stack-theta-meta-index-web npm...
EUVD-2025-178203
Malicious code in kernel-visualize-meta-import-transpile npm...
EUVD-2025-175985
Malicious code in test-sudo-notify-meta-orchestrate npm...
MAL-2025-188862 Malicious code in promise-meta-node-orchestrate-proxy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a5d73de94d6841eb4dd5821707f352f8bee1c512dad1e7a52a134db5697862e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186509 Malicious code in decrypt-info-meta-table-big (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be4883bdd1cd22e99353350c8cdb2c98e0bd344ac3801dc0999b5d205d66f663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Information Disclosure
github.com/rancher/rancher is vulnerable to Information Disclosure. The vulnerability is due to improper handling of Impersonate-Extra- headers, which are sent to external entities via the /meta/proxy endpoint, allowing an attacker to access identifiable or sensitive information such as email...
Malicious code in nurul-sambel40-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e1782c5b256bcd0bd35dfcfd9d2666a33791fa5a5612bea58414c7a25e55a89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-12010 Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode
The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...
CVE-2025-64442
HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...
CVE-2025-64442
HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...
CVE-2025-64442
HumHub (Open Source Enterprise Social Network) versions before 1.17.4 are affected by a cross-site scripting (XSS) vulnerability in the Meta-Search feature, allowing malicious input to execute in search previews. The issue is fixed in version 1.17.4. Impact is consistent with XSS (information dis...
CVE-2025-64442 HumHub is vulnerable to XSS through its Meta Search component
HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...
CVE-2025-64442 HumHub is vulnerable to XSS through its Meta Search component
HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...
EUVD-2025-38326
HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...
CVE-2025-64442 HumHub is vulnerable to XSS through its Meta Search component
HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...
HumHub 跨站脚本漏洞
HumHub is the HumHub open source suite of open source social networking software written on the Yii PHP framework. A cross-site scripting vulnerability exists in HumHub versions prior to 1.17.4, which stems from a cross-site scripting vulnerability in the Meta-Search functionality that could caus...
Scam Ads Are Flooding Social Media. These Former Meta Staffers Have a Plan
Rob Leathern and Rob Goldman, who both worked at Meta, are launching a new nonprofit that aims to bring transparency to an increasingly opaque, scam-filled social media ecosystem...