CVE-2026-32703

OpenProject is an open-source, web-based project management software. In versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1, the Repositories module did not properly escape filenames displayed from repositories. This allowed an attacker with push access into the repository to create commits wit...

CVE-2026-28500 ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack

Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...

PT-2026-26156

OpenProject is an open-source, web-based project management software. Versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 are vulnerable to an SQL injection attack via a custom field's name. When that custom field was used in a Cost Report, the custom field's name was injected into the SQL query...

OpenProject SQL注入漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 have a SQL injection vulnerability. This vulnerability arises from custom field names not being properly cleaned in SQL queries, which can allow SQL injection...

OpenProject 跨站脚本漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 had a cross-site scripting vulnerability. This vulnerability stemmed from the Repositories module not properly escaping file names, which could lead to stored-x...

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by...

GHSA-HQMJ-H5C6-369M ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack

What's the issue Passing silent=True to onnx.hub.load kills all trust warnings and user prompts. This means a model can be downloaded from any unverified GitHub repo with zero user awareness. python if not verifyreporefrepo and not silent: completely skipped when silent=True print"The model repo...

ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack

What's the issue Passing silent=True to onnx.hub.load kills all trust warnings and user prompts. This means a model can be downloaded from any unverified GitHub repo with zero user awareness. python if not verifyreporefrepo and not silent: completely skipped when silent=True print"The model repo...

PT-2026-25841

Name of the Vulnerable Software and Affected Versions Open Neural Network Exchange ONNX versions through 1.20.1 Description ONNX is an open standard for machine learning interoperability. A security control bypass exists in the onnx.hub.load function due to flawed repository trust verification...

Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence

YARA has established itself as the de facto standard for "Detection as Code," enabling analysts and DevSecOps practitioners to define signatures for malware identification across the software supply chain. Despite its pervasive use, the open-source YARA ecosystem remains characterized by ad-hoc...

GHSA-99QW-6MR3-36QR OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories

Summary OpenClaw automatically discovered and loaded plugins from .openclaw/extensions/ inside the current workspace without an explicit trust or install step. A malicious repository could include a crafted workspace plugin that executed as soon as a user ran OpenClaw from that cloned directory...

OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories

Summary OpenClaw automatically discovered and loaded plugins from .openclaw/extensions/ inside the current workspace without an explicit trust or install step. A malicious repository could include a crafted workspace plugin that executed as soon as a user ran OpenClaw from that cloned directory...

CVE-2026-31852 Jellyfin Possible Organization/Secret Compromise from dangerous CI implementation

Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in jellyfin/jellyfin-ios is vulnerable to arbitrary code execution via pull requests from forked repositories. Due to the workflow's elevated permissions nearly all write permissions, this vulnerability enables...

CVE-2025-12555

GitLab CVE-2025-12555 fixes an improper authorization check that could let an authenticated user access previous pipeline job information on projects with repository/CI-CD disabled. Affected: GitLab CE/EE versions 15.1–before 18.7.6, 18.8–before 18.8.6, and 18.9–before 18.9.2. Root cause: insuffi...

EUVD-2026-10828

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

CVE-2026-3582

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

CVE-2026-3582

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

CVE-2026-3582

CVE-2026-3582 affects GitHub Enterprise Server. An Incorrect Authorization vulnerability allowed an authenticated user with a classic PAT lacking the repo scope to retrieve issues and commits from private/internal repositories via the search REST API, provided the user already had access to the r...

CVE-2026-3582

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

BIT-MAVEN-2021-26291 block repositories using http by default

Apache Maven will follow repositories that are defined in a dependency’s Project Object Model pom which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository...