CVE-2026-34939

PraisonAI is vulnerable to a Regular Expression Denial of Service (ReDoS) through MCPToolIndex.search_tools(), where the function compiles a caller-supplied string directly into a Python regex with no validation or timeout. A crafted pattern can trigger catastrophic backtracking, blocking the Pyt...

EUVD-2026-18893

LTI JupyterHub Authenticator: Unbounded Memory Growth via Nonce Storage Denial of Service...

[SECURITY] Fedora 42 Update: bind9-next-9.21.20-1.fc42

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

CVE-2026-5333

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

CVE-2026-0688

The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 via the 'Tools::read' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the node.event process. An attacker can gain unauthorized access to gateway-side tools and execute arbitrary code by dispatching unrestricted agent requests fro...

[SECURITY] Fedora 43 Update: bind9-next-9.21.20-1.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-intelligence body collaboration framework by the individual developer Mervin Praison. PraisonAI suffers from a security vulnerability that stems from the OAuthManager.validatetoken function returning True for any token not found in its internal storage, which can be...

SUSE: Security Advisory (SUSE-SU-2026:20940-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-30253

LTI JupyterHub Authenticator is a JupyterHub authenticator for LTI. Prior to version 1.6.3, the LTI 1.1 validator stores OAuth nonces in a class-level dictionary that grows without bounds. Nonces are added before signature validation, so an attacker with knowledge of a valid consumer key can send...

LTI JupyterHub Authenticator 安全漏洞

LTI JupyterHub Authenticator is an open-source LTI-based authentication service for JupyterHub. Versions of LTI JupyterHub Authenticator prior to 1.6.3 contained a security vulnerability. This vulnerability stemmed from the unlimited growth of OAuth random numbers, which could lead to...

Malicious Package

Overview strapi-plugin-cms-tools is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...

EUVD-2026-18226

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

Malicious code in k8s-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9358111fecbdb3180b8f4c0c6543abff3024c59deaf488cf3a34089820e96172 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

CVE-2026-5333

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

Yurei Ransomware Uses Common Tools, Adds Stranger Things References

Team Cymru details the Yurei ransomware campaign, using standard tools and a few Stranger Things–named payloads to breach and encrypt systems...

CVE-2026-5333

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubblica and news agency ANSA, the vast majority of the targets are located in...

CVE-2026-0688

The CVE concerns the WordPress Webmention plugin (versions up to and including 5.6.2) with a Server-Side Request Forgery due to Tools::read. An authenticated attacker with Subscriber-level access or higher can cause the web application to issue requests to arbitrary external/internal locations, p...

CVE-2026-0688 Webmention <= 5.6.2 - Authenticated (Subscriber+) Server-Side Request Forgery

The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 via the 'Tools::read' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...