3159 matches found
Sunflower Simple and Personal 1.0.1.43315 - Remote Code Execution
Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...
Malicious code in auto-debug-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dd31c11b5149d8dd2142c81cc066576dc799ba4dae4599a9569cb56256417ec package.json declares a postinstall hook node install.js that fires automatically on npm install. On Windows, install.js invokes hidden PowerShell -N...
Updated vim packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Arbitrary Code Execution via Python Omni-Completion in Vim 9.1.1783 && Vim = 9.2.0320 && Vim 9.2.0679. CVE-2026-57454 Out-of-bounds Write in SOFO Soundfolding in Vim 9.2.0698. CVE-2026-57455 Arbitrary Code Execution via Python Omni-Completion...
Malicious code in multer-orm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb45c09aa7a237b2b9ff18ccf6426b76a4f46e5ea665c7747f35a345940e161 multer-orm is a typosquat of the widely used multer middleware. Its README is copied from multer, but the package adds a load-time dropper in...
Devolutions Remote Desktop Manager 2026.2.5 < 2026.2.12 Code Execution (DEVO-2026-0021)
The version of Devolutions Remote Desktop Manager installed on the remote host is 2026.2.5 through 2026.2.11. It is, therefore, affected by a code execution vulnerability: - Incorrect link resolution by display name in the custom PowerShell VPN editor allows an authenticated attacker with write...
GHSA-J472-GF56-X589 OpenClaw: PowerShell encoded-command aliases could miss exec allowlist checks
Summary PowerShell encoded-command aliases could miss exec allowlist checks. In affected versions, a command request using abbreviated encoded-command flags could use an alias form not recognized by the allowlist parser. This advisory is scoped to the named feature and configuration. It does not...
Fake Google and Cloudflare verification pages spread multiple malware families
Updated July 6 to add connections with SyncTDS and TrafficTDS ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices. A single...
Vim 9.1.1784 < 9.2.0678 Command Injection (GHSA-x5fg-h5w9-9frf)
The version of Vim installed on the remote host is between 9.1.1784 and 9.2.0678 exclusive. It is, therefore, affected by a vulnerability. - When the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the...
VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEILDROP by Securonix. It's suspected that the initial payloads are distributed...
Linux Distros Unpatched Vulnerability : CVE-2026-57453
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse,...
CVE-2026-13437
Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API...
EUVD-2026-40127
Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API...
CVE-2026-13437
CVE-2026-13437 affects Devolutions PowerShell Universal 2026.2.0. An attacker with AI Agent read access can exploit the AI Agent job API to receive App Tokens serialized in plaintext within API responses, enabling retrieval of reusable authentication tokens with potential higher privilege. The un...
CVE-2026-13437
Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API...
MAL-2026-6576 Malicious code in checkmarx-claude-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26a16e61d88e467ada75205ee93a9339cdf2fb65f3ded068282b4d83b6cb05e9 When the CLI runs the documented npx checkmarx-claude-cache invocation pattern, bin/cli.js performs an HTTPS GET to a hardcoded URL on a lookalike ho...
Malicious code in checkmarx-claude-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26a16e61d88e467ada75205ee93a9339cdf2fb65f3ded068282b4d83b6cb05e9 When the CLI runs the documented npx checkmarx-claude-cache invocation pattern, bin/cli.js performs an HTTPS GET to a hardcoded URL on a lookalike ho...
PT-2026-53303
Name of the Vulnerable Software and Affected Versions Devolutions PowerShell Universal version 2026.2.0 Description An information disclosure issue exists in the AI Agent job API. An authenticated user with AI Agent read access can obtain reusable, potentially higher-privileged authentication...
How to Identify and Repair Files That Cannot Be Opened After Restore
Purpose This article provides steps to identify and repair SharePoint, OneDrive, Teams files, and list attachments that were backed up with corrupted content due to the issue described in KB4835. Note: These instructions apply only to non-immutable object storage repositories that contain backups...
CVE-2026-57453
A security vulnerability exists in the Vim text editor. If a user opens a specially crafted ZIP file in Vim, it can trick the application into running hidden, harmful commands on their computer. This specific issue is only triggered if Vim relies on PowerShell to open the ZIP file...
CVE-2026-46710
Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the...