Lucene search
K

2291 matches found

Positive Technologies
Positive Technologies
added 2026/02/16 12:0 a.m.8 views

PT-2026-8307

A security vulnerability has been detected in MindsDB up to 25.14.1. This vulnerability affects the function clear filename of the file mindsdb/utilities/security.py of the component File Upload. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The...

6.5CVSS5.8AI score0.00226EPSS
Exploits1References7
OSV
OSV
added 2026/02/15 9:58 p.m.4 views

MAL-2026-909 Malicious code in clawdist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3008887b6c2929530cd48dc996c91d70eb92432465d02f4ff28e6d5927350097 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

6.5AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/14 2:2 a.m.11 views

Malicious code in magicwolf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

6.4AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/13 11:10 p.m.8 views

Malicious code in clawdest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf31ecc1ce2cf9d018d5ea73c9ee8467f85efd2fda44d75dfd10797cb35778a2 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

6.4AI score
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/10 3:19 a.m.9 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM DB2 shipped with IBM WebSphere Remote Server

Summary IBM DB2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletins Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...

8.4CVSS5.9AI score0.02015EPSS
Exploits3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/02 6:56 p.m.3 views

CVE-2026-24471 Improper Validation in Conduit-derived homeservers resulting in Unintended Proxy or Intermediary ('Confused Deputy')

continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...

9.3CVSS5.7AI score0.00312EPSS
Exploits0References2
CVE
CVE
added 2026/02/02 6:56 p.m.9 views

CVE-2026-24471

The CVE-2026-24471 issue affects Continuwuity and Conduit-derived servers (Continuwuity, Conduit, Grapevine, Tuwunel). A malicious remote server can induce the victim to sign an arbitrary event during user interactions such as leaving a room, joining a room, or knocking on a room, by requesting a...

9.3CVSS5.7AI score0.00312EPSS
Exploits0References2
OSV
OSV
added 2026/02/02 6:56 p.m.7 views

CVE-2026-24471 Improper Validation in Conduit-derived homeservers resulting in Unintended Proxy or Intermediary ('Confused Deputy')

continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...

9.3CVSS5.8AI score0.00312EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/02 6:56 p.m.5 views

CVE-2026-24471

continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...

9.3CVSS5.7AI score0.00312EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/02/02 3:25 p.m.8 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 1:10 p.m.4 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 10:53 a.m.7 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/02 6:47 a.m.10 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/30 7:9 p.m.9 views

Malicious code in snapshot-date (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e86008d35e5f11e68c465940563127cdc9ba1d4b2963f092914bf8e9ce2587b This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

6AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/27 9:52 a.m.6 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 9:35 a.m.4 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 9:35 a.m.6 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 9:32 a.m.5 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 9:10 a.m.7 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 8:39 a.m.5 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00622EPSS
Exploits0References6
Rows per page
Query Builder