EUVD-2026-28599

ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in BrowserAutomation::PlaywrightService. This issue has been patched in version 1.4.1...

CVE-2026-41512

ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in BrowserAutomation::PlaywrightService. This issue has been patched in version 1.4.1...

secscan

secscan !PyPI versionhttps://img.shields.io/pypi/v/secsca...

MAL-2026-3392 Malicious code in wallet-scanner-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c24dfc47c3ee1d37f4d7ec65a43d1f861422d7fb3ee6f8e8b6e6a85fe2b5120 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

Malicious code in wallet-scanner-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c24dfc47c3ee1d37f4d7ec65a43d1f861422d7fb3ee6f8e8b6e6a85fe2b5120 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

MAL-2026-3381 Malicious code in solana-scanner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 047a41b9a67bb975c2e98b31b5e13875569de5097f0b61bb5984e300687e03e3 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

Malicious code in solana-scanner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 047a41b9a67bb975c2e98b31b5e13875569de5097f0b61bb5984e300687e03e3 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

EUVD-2022-48746

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

CVE-2022-45899

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

CVE-2026-41646 Nuclei: Local File Read via require() Module Loader Bypass

Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's JavaScript protocol runtime allows JavaScript templates to read local .js and .json files through the require function, bypassing the default local file acce...

Linux Distros Unpatched Vulnerability : CVE-2026-43387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: rtl8723bs: properly validate the data in rtwgetieex Just like in commit 154828bf9559 staging: rtl8723bs: fix out-of-bounds read in rtwgetie parser, we...

CVE-2022-45899

Nokia BMC (Broadcast Message Center) Log Scanner, prior to version 13.1, is vulnerable to unauthenticated command injection via shell metacharacters in the Log Scanner Search Pattern field. An attacker can achieve remote code execution as root. The issue is fixed in version 13.1. Affected product...

CVE-2022-45899

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

PT-2026-38659

Name of the Vulnerable Software and Affected Versions Nokia Broadcast Message Center BMC versions prior to 13.1 Description An unauthenticated remote attacker can perform OS command injection with root privileges. This is possible by using shell metacharacters within the Log Scanner Search Patter...

PT-2026-39143

Name of the Vulnerable Software and Affected Versions kosma minmea version 0.3.0 Description A stack buffer overflow exists in the minmea scan function. The format specifier within this function copies NMEA field data into a buffer provided by the caller without utilizing a size parameter. This c...

CVE-2022-45899

Nokia Broadcast Message Center BMC before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field...

Scanner 代码注入漏洞

Scanner is an AI model security assessment tool developed by 0DIN.ai. Versions 1.0.0 to 1.4.1 of Scanner contained a code injection vulnerability. This vulnerability originated from JavaScript injection in BrowserAutomation::PlaywrightService, which could lead to remote code execution...

Linux Distros Unpatched Vulnerability : CVE-2026-39823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a tag's attribute. If the URL content were to insert ASCII whitespaces...

Linux Distros Unpatched Vulnerability : CVE-2026-43339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: prevent possible UaF in addrconfpermanentaddr The mentioned helper try to warn the user about an exceptional condition, but the message is delivered too...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)

Last week, there were 87 vulnerabilities disclosed in 198 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 61 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...