MAL-2026-3370 Malicious code in sufiagent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f2cfd59dcec981250aeaf0633059cfd0af4d5dac6c87a1d54b9e13ce70957858 Designed to run on Android. Under the mask of an AI agent, the code downloads a remote executable on import, and during usage, silently exfiltrates data like...

OPENSUSE-SU-2026:20708-1 Security update for perl-Text-CSV_XS

This update for perl-Text-CSVXS fixes the following issue: - CVE-2026-7111: use-after-free when registered callbacks extend the Perl argument stack may enable type confusion or memory corruption bsc1263690...

SUSE-SU-2026:21596-1 Security update for perl-Text-CSV_XS

This update for perl-Text-CSVXS fixes the following issue: - CVE-2026-7111: use-after-free when registered callbacks extend the Perl argument stack may enable type confusion or memory corruption bsc1263690...

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Live Code Corruption via Page Cache A novel...

Stego Battlefield: Evaluating Image Steganography Attacks and Steganalysis Defenses

Image steganography is widely used to protect user privacy and enable covert communication. However, it can also be abused by the adversary as a covert channel to bypass content moderation, disseminate harmful semantics, and even hide malicious instructions in images to elicit dangerous outputs...

VMware Spring Cloud Config 日志信息泄露漏洞

VMware Spring Cloud Config is a configuration management solution for distributed systems developed by VMware, Inc. This product provides server and client support for external configurations in distributed systems. VMware Spring Cloud Config has a vulnerability related to log information leakage...

CVE-2026-35453

PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.3 and earlier, 2.0.0 through 2.1.15, 2.2.0 through 2.4.4, 3.3.0 through 3.10.4, and 4.0.0 through 5.6.0, the HTML Writer skips htmlspecialchars output escaping when a cell uses a custom number format containin...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

CVE-2026-41481 vulnerabilities

Vulnerabilities for packages: open-webui, py3-langchain-text-splitters...

CVE-2026-41481 vulnerabilities

Vulnerabilities for packages: py3-langchain-text-splitters, open-webui...

CVE-2025-62345

Technical details for CVE-2025-62345 are not publicly provided in the supplied documents; no affected versions, exploit information, or remediation details are included. Monitor for updates.

CVE-2025-62345 HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

CVE-2025-62345 HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

CVE-2025-62345

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

DEBIAN-CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...