PT-2026-7572

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File...

PT-2026-7569

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

QNAP Systems File Station 安全漏洞

QNAP Systems File Station is an archiving tool under the QTS platform developed by QNAP Systems. This application allows access to NAS files via a web interface. Versions of QNAP Systems File Station prior to 5.5.6.5068 had a security vulnerability caused by path traversal, which could allow remo...

[SECURITY] Fedora 43 Update: rust-below-0.9.0-6.fc43

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

SAP Support Tools Plug-In 安全漏洞

SAP Support Tools Plug-In is a basic component plugin developed by the German company SAP. The SAP Support Tools Plug-In has a security vulnerability; this vulnerability stems from the lack of authorization checks in the function modules. This could allow authenticated attackers to call specific...

CVE-2026-25751 FUXA Unauthenticated Exposure of Plaintext Database Credentials

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...

EUVD-2026-5419

n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...

CVE-2026-25023

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

Malicious code in cat-admin-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 34286533490c9ad41743b1eea6659d9c4fd3e62d1a830658b90840f3c49a6c8c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...

Malicious code in chia-pool-reference (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 51f7e4eb8c8b82bd7c7514255d0eb51dddc657c4b06845232ad8490a514a139c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...

MAL-2026-653 Malicious code in credit-decision-metrics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a0320017dad96c95d4741c311ead566b7d6bea0c7ffdceea82b435ce74a40de Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...

Malicious code in zabitog (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 23d4c7f55266f10f23ddf4a743bb4222b920c0e7f4472c1572a51831a3d1f247 Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...

MAL-2026-654 Malicious code in zabitog (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 23d4c7f55266f10f23ddf4a743bb4222b920c0e7f4472c1572a51831a3d1f247 Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...

Qnap QTS and QuTS hero Exposure of Sensitive System Information to an Unauthorized Control Sphere (CVE-2025-9110)

An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the followin...

CVE-2026-22907

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001180 advisory. In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving ...

CVE-2026-22907

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data...

CVE-2026-22907

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data...

CVE-2026-22907

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data...

EUVD-2026-2821

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data...