Lucene search
K

158 matches found

NVD
NVD
added 5 days ago9 views

CVE-2026-13199

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS0.00114EPSS
Exploits0References2
CVE
CVE
added 5 days ago15 views

CVE-2026-13199

CVE-2026-13199 affects Raspberry Pi 5 and Compute Module 5 EEPROM firmware. The issue is that the EEPROM produced non-random KASLR and RNG seed values, resulting in consistent kernel addresses across boots and devices. This may lower entropy and potentially ease exploitation of other vulnerabilit...

5.1CVSS5.9AI score0.00114EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-13199 Insufficient Entropy in Raspberry Pi 5 and Compute Module 5

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS0.00114EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42021

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS5.9AI score0.00114EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 11:8 p.m.11 views

MAL-2026-5680 Malicious code in bittensor-burn-message (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f574e414f35843b11dbb52cd921ce2f2e57f6292845d4770256bea17b41d86e8 Package targets Bittensor BIP-39 wallet holders. On import, defaults.env loads a hardcoded TELEGRAMBOTTOKEN 8666228137 and TELEGRAMCHATID 8766781014...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/06/09 7:55 a.m.11 views

MAL-2026-5359 Malicious code in swap-sdk-87 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+. postinstall auto-execs, src/index.js harvests /.ssh keys + Sol/Eth/BTC/Tron/Sui/Aptos wallets + .env + seeds, self-labels "CRYPTO STEALER", exfils to SAME Telegram bot 8227918239 chat 6433587894 not rotated. Inflated version...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/09 7:55 a.m.9 views

MAL-2026-5353 Malicious code in crypto-utils-7 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/09 7:53 a.m.9 views

MAL-2026-5352 Malicious code in blockchain-helper-0 (npm)

Note: This report is updated by a verification record Crypto/SSH/wallet stealer self-labeled "CRYPTO STEALER". postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa + wallet keys/seeds + env and exfils to hardcoded Telegram bot...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/09 3:26 a.m.10 views

MAL-2026-5358 Malicious code in solana-core-4 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 3:26 a.m.15 views

Malicious code in solana-core-4 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:51 a.m.10 views

Malicious code in web3-tools-9 (npm)

Note: This report is updated by a verification record Crypto/SSH/wallet stealer, confirmed sibling of blockchain-helper-0 c960. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa + wallet keys/seeds + env, self-labels "CRYPTO STEALER", exfils to IDENTICAL hardcoded...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/09 2:51 a.m.10 views

MAL-2026-5361 Malicious code in web3-tools-9 (npm)

Note: This report is updated by a verification record Crypto/SSH/wallet stealer, confirmed sibling of blockchain-helper-0 c960. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa + wallet keys/seeds + env, self-labels "CRYPTO STEALER", exfils to IDENTICAL hardcoded...

5.5AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.9 views

TeleHunt: A Framework and Tool for Efficient Cybercriminal Community Discovery on Telegram

This paper presents TeleHunt, a framework and tool for evaluating the effectiveness of different strategies to discover cybercriminal communities on Telegram. TeleHunt employs a set of reference-driven snowballing strategies, integrating message-level classification, contextual filtering, and...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/24 2:14 a.m.10 views

MAL-2026-4672 Malicious code in solidity-coverage-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44e5a7775aa2bbde61d35a548198d976f9bdc6e9b11de33a2e28f6a6a9929de6 Package name impersonates the well-known solidity-coverage Hardhat plugin sc-forks and ships a verbatim copy of the upstream README. On...

5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/18 5:31 p.m.11 views

CVE-2026-8700

A flaw was found in perl-Crypt-DSA. This vulnerability occurs because the software generates cryptographic seeds using Perl's built-in rand function, which is predictable and unsuitable for security-sensitive operations. An attacker could potentially leverage this predictability to weaken the...

7.3CVSS5.7AI score0.00355EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/16 12:31 a.m.22 views

EUVD-2026-30666

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

5.8AI score0.00355EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-8700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitabl...

7.3CVSS5.4AI score0.00355EPSS
Exploits0References3
OSV
OSV
added 2026/05/15 10:16 p.m.6 views

DEBIAN-CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

7.3CVSS5.8AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2026/05/15 10:16 p.m.19 views

CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

7.3CVSS0.00355EPSS
Exploits0References3
OSV
OSV
added 2026/05/15 10:16 p.m.8 views

UBUNTU-CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

7.3CVSS5.8AI score0.00355EPSS
Exploits0References6
Rows per page
Query Builder