MAL-2026-3134 Malicious code in timemcp-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7811f1fb547708bc27c15d45ca610ab6c0b30189f111b09666b8933bd59ee754 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

Malicious code in timemcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8be0be5130ca45aa72ebb49b748e71aaf6998f09229910884076b5abc6a70c39 During import, the package automatically downloads and executes code that first acts as an infostealer, and then starts code acting as a RAT. It connects with ...

MAL-2026-3132 Malicious code in timemcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8be0be5130ca45aa72ebb49b748e71aaf6998f09229910884076b5abc6a70c39 During import, the package automatically downloads and executes code that first acts as an infostealer, and then starts code acting as a RAT. It connects with ...

TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions

A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service DoS...

📄 OSK Registry-Based Privilege Escalation / Symlink Attack

The provided code is a conceptual Windows privilege escalation exploit targeting the On-Screen Keyboard osk.exe and Accessibility AT registry infrastructure. It attempts to abuse weak trust boundaries between user-level registry configuration and system-level execution paths...

fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO

...

CLSA-2026-1777056907 tigervnc: Fix of CVE-2026-34352

CVE-2026-34352: prevent other users reading x0vncserver screen...

CVE-2026-31605

This CVE concerns the Linux kernel udlfb driver, where FBIOPUT_VSCREENINFO could trigger a divide-by-zero when pixclock is used directly in the udlfb path. The issue mirrors a prior fix in fb_dev paths and has been resolved in the kernel with related commits (e.g., addressing divide-by-zero in si...

PT-2026-34970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A divide-by-zero error exists in the tdfxfb driver within the fbdev subsystem. The issue occurs during the FBIOPUT VSCREENINFO operation because the driver uses the pixclock variable...

FBI Extracts Deleted Signal Messages from iPhone Notification Database

404 Media reports alternate site: The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database…. The news shows how forensic...

Malicious code in process-support (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ba15c5dd66c6282ee21f8ee819191d6fbbbf194845ad231ac7d26856d334db70 During import, the package automatically starts code acting as a RAT. It connects with a hardcoded C2 server and waits for commands, supporting e.g. executing...

MAL-2026-3001 Malicious code in process-support (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ba15c5dd66c6282ee21f8ee819191d6fbbbf194845ad231ac7d26856d334db70 During import, the package automatically starts code acting as a RAT. It connects with a hardcoded C2 server and waits for commands, supporting e.g. executing...

📄 dcontrol 1.0.9 Remote Screen Capture

dcontrol version 1.0.9 suffers from an unauthenticated remote screen capture vulnerability via the WebSocket endpoint at /ws. The application allows any client to connect to the WebSocket without authentication and request screenshots of the target system's display by sending a "screen" message...

PT-2026-46943

Name of the Vulnerable Software and Affected Versions X.Org X server affected versions not specified Xwayland affected versions not specified Description A use-after-free flaw exists in the CreateSaverWindow function. A client can trigger a use-after-free read by changing window attributes and...

📄 Remote Sunrise Helper for Windows 2026.14 Live Screen Capture

Remote Sunrise Helper for Windows version 2026.14 suffers from an unauthenticated live screen capture vulnerability. !/usr/bin/env python3 Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated Live Screen Capture Date: 2026-04-20 Exploit Author: Chokri Hammedi Software:...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via improper validation of the outPath parameter in the screen recording. An attacker can write files outside the intended workspace boundary by specifying a path...

GHSA-JF25-7968-H2H5 OpenClaw: screen_record outPath bypassed workspace-only filesystem guard

Summary screenrecord outPath bypassed workspace-only filesystem guard. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact The node-host screen recording tool could honor an outPath outside the workspace guard, allowing an authorized tool call...

OpenClaw: screen_record outPath bypassed workspace-only filesystem guard

Summary screenrecord outPath bypassed workspace-only filesystem guard. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact The node-host screen recording tool could honor an outPath outside the workspace guard, allowing an authorized tool call...

SUSE CVE-2003-0972

Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007456 advisory. In the Linux kernel, the following vulnerability has been resolved: vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to...