EUVD-2025-208750

A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...

GHSA-VCV2-Q258-WRG7 Glances has a Command Injection via Process Names in Action Command Templates

Summary The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime monitoring data. The securepopen function, which executes...

Glances has a Command Injection via Process Names in Action Command Templates

Summary The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime monitoring data. The securepopen function, which executes...

GHSA-WVXV-4J8Q-4WJQ Glances exposes the REST API without authentication

Summary Glances web server runs without authentication by default when started with glances -w, exposing REST API with sensitive system information including process command-lines containing credentials passwords, API keys, tokens to any network client. Details Root Cause: Authentication is...

CVE-2025-69783

A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...

Incorrect Authorization

Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Incorrect Authorization in the authentication process. An attacker can change another user's account password without confirmation by falsely...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the upload process. An attacker can bypass team-specific file upload restrictions by uploading files in a team where they have permission and reusing the file metadata in a POST request to a different team...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the login process. An attacker can exhaust server CPU and memory resources by submitting authentication requests with excessively large password payloads. Remediation Upgrade...

New XWorm 7.1 and Remcos RAT Attacks Abuse Windows Tools to Evade Detection

New XWorm 7.1 and Remcos RAT campaigns abuse trusted Windows tools to evade detection. The attacks exploit a WinRAR flaw and use process hollowing to spy on victims...

Doom Launcher 安全漏洞

Doom Launcher is a game launcher and resource manager developed by Nick personally. Version 3.8.1.0 of Doom Launcher has a security vulnerability. This vulnerability stems from the lack of file path validation during the extraction of game files, which may lead to directory traversal attacks...

Bedrock AgentCore Starter Toolkit 安全漏洞

Bedrock AgentCore Starter Toolkit is an open-source AI development and deployment toolkit provided by Amazon Web Services. Versions of the tool before v0.1.13 contain security vulnerabilities. These vulnerabilities stem from a lack of S3 ownership verification, which allows remote attackers to...

PT-2026-25774

Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files...

CVE-2025-69783

A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...

PT-2026-25767

A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...

CVE-2025-69783

OpenEDR 2.5.1.0 self-defense can be bypassed by renaming a malicious executable to a trusted process name (e.g., csrss.exe, edrsvc.exe, edrcon.exe), enabling interaction with the OpenEDR kernel driver and granting access to privileged configuration, process monitoring, and IOCTL functionality. Th...

PT-2026-25844

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.2 Description Glances, a system cross-platform monitoring tool, has an issue where the web server runs without authentication by default when started with glances -w. This exposes a REST API containing sensitive...

GHSA-V9P9-HFJ2-HCW8 Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation

Impact The undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the servermaxwindowbits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression....

EUVD-2026-11704

Undici has Unhandled Exception in WebSocket Client Due to Invalid servermaxwindowbits Validation...

Deno vulnerable to command Injection via incomplete shell metacharacter blocklist in node:child_process

Summary A command injection vulnerability exists in Deno's node:childprocess polyfill shell: true mode that bypasses the fix for CVE-2026-27190 GHSA-hmh4-3xvx-q5hr. An attacker who controls arguments passed to spawnSync or spawn with shell: true can execute arbitrary OS commands, bypassing Deno's...

EUVD-2026-11694

Deno vulnerable to command Injection via incomplete shell metacharacter blocklist in node:childprocess...