CVE-2026-20979

creationtimestamp| type| source ---|---|--- 2026-02-05 23:19:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me5jnsgqra2m 2026-02-05 23:20:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me5joqifel2v...

CVE-2026-20983

creationtimestamp| type| source ---|---|--- 2026-02-05 23:19:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me5jnlswh62h 2026-02-05 23:19:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me5jokezgc23...

CVE-2026-1251

creationtimestamp| type| source ---|---|--- 2026-02-05 00:42:39+00:00| seen| https://bsky.app/profile/opsmatters.com/post/3me35tkya5s22 2026-02-05 00:42:40+00:00| seen| https://bsky.app/profile/potato.software/post/3me35tlikqn2f 2026-02-05 08:33:28+00:00| seen|...

Google Go Code Execution Vulnerability (CNVD-2026-10650)

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. A code execution vulnerability exists in Google Go due to an insecure construction of external VCS commands when handling untrusted module sources or malicious version strings in...

CVE-2025-13375

creationtimestamp| type| source ---|---|--- 2026-02-04 21:16:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me2sdnvpj725 2026-02-04 21:18:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me2sfmshoo2x 2026-02-05 06:55:37+00:00| seen|...

CVE-2025-63624

creationtimestamp| type| source ---|---|--- 2026-02-04 21:15:05+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me2sachkv62h 2026-02-04 21:15:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me2sba3niq2g...

CVE-2026-20987

creationtimestamp| type| source ---|---|--- 2026-02-04 09:16:53+00:00| seen| Telegram/XdHYZh0J7WcTlVKxiglshK6ayFniZdPMWChJvlhd1IMv6c 2026-02-04 09:17:03+00:00| seen| Telegram/AJJNsvmkwmZ-BaEozEan6esCkIRlwWrgPq4ibjXsKQ5cofg...

CVE-2025-10878

creationtimestamp| type| source ---|---|--- 2026-02-03 20:20:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdy6qnolkf2o 2026-02-03 20:21:05+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdy6qvto2j2v...

CVE-2026-24149

creationtimestamp| type| source ---|---|--- 2026-02-03 20:20:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdy6q7myap27 2026-02-03 20:21:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdy6rl63zs2g 2026-02-04 05:00:00+00:00| seen|...

CVE-2026-1285

creationtimestamp| type| source ---|---|--- 2026-02-03 15:53:03+00:00| seen| https://seclists.org/oss-sec/2026/q1/141 2026-02-03 17:16:15+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mdxugave7y2b 2026-02-03 17:23:21+00:00| seen|...

openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where control characters in usernames were not properly validated when sourced from untrusted inputs like the command line or configuration expansion. If a ProxyCommand is used, these control characters could modify command behavior, potentially leading to code executi...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

CVE-2025-8590

creationtimestamp| type| source ---|---|--- 2026-02-03 08:18:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdwwdz4vlp23 2026-02-03 08:18:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdwwep6anm2m...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where control characters in usernames were not properly validated when sourced from untrusted inputs like the command line or configuration expansion. If a ProxyCommand is used, these control characters could modify command behavior, potentially leading to code executi...

PT-2026-6424

A Path Traversal vulnerability in the partition msg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. Impact An attacker can craft a malicious .msg file with attachment filenames containing path traversal...

GHSA-9M3X-QQW2-H32H picklescan missing detection by simple obfuscation of a `builtins.eval` call

Summary An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the host loading a pickle payload from an untrusted source. Details It's possible to hide the eval call nested under another callable via getattr. PoC python import builtins class EvilClas...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...