EUVD-2021-8641

Malicious code in bioql PyPI...

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

Citrix Bleed 2 PoC Scanner CVE-2025-5777 This script is a P...

ReCIT: Reconstructing Full Private Data from Gradient in Parameter-Efficient Fine-Tuning of Large Language Models

Parameter-efficient fine-tuning PEFT has emerged as a practical solution for adapting large language models LLMs to custom datasets with significantly reduced computational cost. When carrying out PEFT under collaborative learning scenarios e.g., federated learning, it is often required to exchan...

CVE-2025-32958 Adept exposed the GITHUB_TOKEN in workflow run artifact

Adept is a language for general purpose programming. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the mac-standalone artifact. This artifact is a zip of the current directory, which includes the automatically generated .git/config file...

CVE-2025-30351

CVE-2025-30351 affects Directus: real-time API and app dashboard for SQL DB content. From version 10.10.0 up to, but not including, 11.5.0, a suspended user can keep using a token from session auth to access the API because verifySessionJWT does not check that the user is still active. This enabl...

CVE-2025-26604

Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract...

CVE-2025-26604 Possibility to retrieve bot token by malicious module developers in Discord-Bot-Framework-Kernel

Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract...

CVE-2025-26604 Possibility to retrieve bot token by malicious module developers in Discord-Bot-Framework-Kernel

Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract...

CVE-2025-26604

Discord-Bot-Framework-Kernel is affected by CVE-2025-26604 due to an arbitrary user-submitted code execution vulnerability. A malicious module can extract the bot token and, with high privileges, allow the attacker to impersonate the bot or gain near-full control; a blocking module can also be lo...

PT-2025-7203 · Unknown · Discord-Bot-Framework-Kernel

Name of the Vulnerable Software and Affected Versions: Discord-Bot-Framework-Kernel versions prior to commit f0d9e70841a0e3170b88c4f8d562018ccd8e8b14 Description: The issue allows users to execute potentially malicious code, which can be used to extract sensitive information or perform damage. By...

CVE-2024-28134

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

PT-2024-24235

Name of the Vulnerable Software and Affected Versions: tiagorlampert CHAOS version 5.0.1 Description: A Cross Site Scripting XSS vulnerability exists in tiagorlampert CHAOS. A remote attacker may be able to escalate privileges via the sendCommandHandler function in the handler.go component. A...

KnockKnock - Enumerate Valid Users Within Microsoft Teams And OneDrive With Clean Output

Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods. Additionally, it can output/create a list of legacy Skype users identified through Microsoft Teams enumeration. Finally, it also creates a nice clean list for future usage, all conduct...

New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises

A new post-exploitation framework called EXFILTRATOR-22 aka EX-22 has emerged in the wild with the goal of deploying ransomware within enterprise networks while flying under the radar. "It comes with a wide range of capabilities, making post-exploitation a cakewalk for anyone purchasing the tool,...

NoSQL injection in express-cart

Versions of express-cart before 1.1.8 are vulnerable to NoSQL injection. The vulnerability is caused by the lack of user input sanitization in the login handlers. In both cases, the customer login and the admin login, parameters from the JSON body are sent directly into the MongoDB query which...

CVE-2019-12914

Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services such as Gmail, Outlook, etc. used in the application...

Authentication flaw

Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services such as Gmail, Outlook, etc. used in the application...

Authentication flaw

Redbrick Shift through 3.4.3 allows an attacker to extract authentication tokens of services such as Gmail, Outlook, etc. used in the application...

Cross site request forgery (csrf)

A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. If not otherwise prevented, a separate XSS vulnerability via JavaScript could further allow for the extraction ...

explo - Human And Machine Readable Web Vulnerability Testing Format

explo is a simple tool to describe web security issues in a human and machine readable format. By defining a request/condition workflow, explo is able to exploit security issues without the need of writing a script. This allows to share complex vulnerabilities in a simple readable and executable...