Malicious code in cheerio-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d51a2885f4eaff732d1ef7ab065b04d21c59263b1212d5b92b92c87914ef879 cheerio-tool typosquats the popular cheerio HTML parser README claims 'Cheerio Tool utility helpers', keywords are 'lodash','utilities', and index.js...

Malicious code in chalk-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6eab5e9e696250cc719b36e144f4534cac2b38a25521cda80222b6c66cd64c Package is named chalk-pack impersonating chalk with keywords and index.js impersonating lodash; index.js is a stub that self-describes as 'Just a...

cyber-security-project-

cyber-security-project- A Vulnerability Scanner is a cy...

FortiGate-FortiWeb-Multi-Exploit-Extractor

FortiGate-FortiWeb-Multi-Exploit-Extractor markdown Fort...

Exploit for CVE-2026-42945

NGINX Rift Configuration Scanner Language: Chinese | English...

Wapiti Web Application Vulnerability Scanner 3.3.0

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-019019)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-019019 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Tenable...

CVE-2026-44219

ciguard is a static security auditor for CI/CD pipelines. From 0.6.0 to 0.8.1, both SCA HTTP clients src/ciguard/analyzer/sca/osv.py and src/ciguard/analyzer/sca/endoflife.py call payload = json.loadsresp.read.decode'utf-8' without a maximum-bytes cap. A hostile or compromised endoflife.date /...

Exploit for CVE-2026-45185

CVE-2026-45185 — "Dead.Letter" Exim Vulnerability Scanner A s...

wafuzz

wafuzz — Web Pentesting Orchestrator Interactive CLI web secu...

CVE-2026-42645

Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...

ISPB

🛡️ AI-powered Security Scanner Platform A next-generation...

torrentpier has PHP Serialize Injections

Summary Hi, there. We've found PHP Serialize Injections in your project “torrentpier". According to the OWASP, it can pose a significant risk: enable an attacker to modify serialized objects in order to inject malicious data into the application code, resulting in code execution or an arbitrary...

-Advanced-Web-Vulnerability-Scanner

No d...

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

macOS 14.x < 14.8.7 Multiple Vulnerabilities (127117)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.8.7. It is, therefore, affected by multiple vulnerabilities: - An information leakage was addressed with additional validation. CVE-2025-43524, CVE-2026-28819, CVE-2026-28840, CVE-2026-28846, CVE-2026-28897,...

OSK ATBroker Registry Security Scanner

This program is a defensive Windows security scanner designed to inspect registry locations related to On-Screen Keyboard osk.exe and Accessibility/ATBroker configuration, which are sometimes abused in privilege escalation or persistence attacks...

webhunter

🕷️ WebHunter — OWASP Top 10 AI Scanner !Pythonhttps://im...

Linux Distros Unpatched Vulnerability : CVE-2026-43469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xprtrdma: Decrement rereceiving on the early exit paths In the event that rpcrdmapostrecvs fails to create a work request due to memory allocation failure, say ...

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...