MAL-2026-5516 Malicious code in tailwind-animator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9a1b7c3c3877a14abbea0abc4ee53a2d5d7207f7932141f428235c069285c0d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-48855

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

Malicious code in @validate-sdk/v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e93b483fd9338717a984d2e695d44a5497cb4b2d1a91c0eabc160fbc6d6cd7aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-29114

A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain...

CVE-2025-66280

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the...

GHSA-9V76-4QCC-FRGH vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

CVE-2026-11645 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-X2HH-W9MW-3VQ2 vulnerabilities

Vulnerabilities for packages: chromium...

Linux Distros Unpatched Vulnerability : CVE-2026-45445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV ...

PT-2026-48360

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

ECYSAP EYE: From Cyber Situational Awareness to Mission-Centric Decision Support for Enhanced Cyberspace Operations

Operational organizations increasingly require Cyber Situational Awareness CySA capabilities that go beyond isolated technical alerts, providing mission-relevant artefacts that can be embedded into heterogeneous toolchains and cyber security or cyber defense processes. ECYSAP EYE addresses this...

QNAP QTS 输入验证错误漏洞

QNAP Systems QuTScloud is a product of QNAP Systems. It is a cloud-optimized version of the QNAP NAS operating system. QNAP Systems QTS is software with data storage and management capabilities. QNAP Systems QuTS Hero is also software with data storage and management capabilities. Several product...

QNAP QTS 路径遍历漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have path traversal vulnerabilities, which allow remote attackers to access unexpected files or system data after...

QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability stems from command injection, which...

QNAP file station 资源管理错误漏洞

QNAP Systems File Station 6 is a file management software developed by QNAP Systems, a company based in Taiwan, China. There is a security vulnerability in QNAP Systems File Station 6, which stems from unlimited resource allocation or throttling. This vulnerability could allow remote attackers to...

QNAP qts 异常处理不当漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory after obtaining...

QNAP qts 异常处理不当漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability arises from command injections, whic...

Linux Distros Unpatched Vulnerability : CVE-2026-42771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When the X509VERIFYPARAMset1email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an...