Lucene search
K

22 matches found

OSV
OSV
added 2026/06/11 6:49 a.m.9 views

MAL-2026-5615 Malicious code in sysau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b9246e768a775d54485e7208d0ed4fc575af09bc78c3fde95c5cb24ebc2350d Package advertises itself as a 'System binary configuration tool' but ships pointer.py spawned by index.js which hardcodes...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/11 6:49 a.m.69 views

MAL-2026-5617 Malicious code in sysnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac9873e59ffdf79c56fd4f9366b56e0532f87dc00c4380fae18d714785b0bc8 On require / CLI invocation, sysnu performs two install-time-equivalent actions on Windows hosts. First, if python is not on PATH, index.js lines 42-...

5.6AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.8 views

CVE-2026-45597

Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...

7CVSS5.6AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.13 views

CVE-2026-45597

Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...

7CVSS0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:5 p.m.10 views

EUVD-2026-35555

Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...

7CVSS5.6AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.33 views

CVE-2026-45597 Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability

...

7CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:5 p.m.8 views

CVE-2026-45597 Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability

...

7CVSS5.4AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.107 views

CVE-2026-45597

The CVE-2026-45597 issue affects Windows UI Automation Manager (uiamanager.dll). A race condition arises from concurrent execution with improper synchronization on a shared resource, enabling a local, authorized attacker to elevate privileges. Documents confirm the vulnerability type and impact (...

7CVSS5.6AI score0.00186EPSS
Exploits0References1Affected Software6
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.8 views

Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...

7CVSS5.6AI score0.00186EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

Microsoft Windows UI Automation Manager (uiamanager.dll) 竞争条件问题漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability related to the Microsoft Windows UI Automation Manager uiamanager.dll. Attackers can exploit this vulnerability to gain higher privileges. The following products and...

7CVSS5.9AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-47986

Name of the Vulnerable Software and Affected Versions UI Automation Manager affected versions not specified Description A race condition occurs in the UI Automation Manager uiamanager.dll due to concurrent execution using a shared resource with improper synchronization. This allows an authorized...

7CVSS5.5AI score0.00186EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/24 6:5 p.m.11 views

Malicious code in sysnode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1f5d271eb72dffa8868b2701aeb4aa7799ee9d7294f342e14682b6675114077 Package self-describes as a 'System binary configuration tool' but on invocation CLI/bin entry or require it silently bootstraps a full surveillance...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/24 6:5 p.m.7 views

MAL-2026-4678 Malicious code in sysnode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1f5d271eb72dffa8868b2701aeb4aa7799ee9d7294f342e14682b6675114077 Package self-describes as a 'System binary configuration tool' but on invocation CLI/bin entry or require it silently bootstraps a full surveillance...

5.8AI score
Exploits0References1
The Hacker News
The Hacker News
added 2026/02/19 5:52 p.m.8 views

PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence AI chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to...

6.2AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/04 11:0 a.m.181 views

wechat-monitor-poc

WeChat Message Monitoring PoC Project Project Description...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/23 12:58 p.m.17 views

New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials

The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework calledUI AutomationUIA to harvest sensitive information. "The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banki...

7.1AI score
Exploits0
HackRead
HackRead
added 2025/07/22 9:50 p.m.15 views

Coyote Trojan First to Use Microsoft UI Automation in Bank Attacks

Coyote Trojan becomes first malware to abuse Microsoft’s UI Automation in real attacks, targeting banks and crypto platforms with stealthy tactics...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 3:13 p.m.8 views

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

A newly devised technique leverages a Windows accessibility framework called UI Automation UIA to perform a wide range of malicious activities without tipping off endpoint detection and response EDR solutions. "To exploit this technique, a user must be convinced to run a program that uses UI...

7.5AI score
Exploits0
Akamai Blog
Akamai Blog
added 2024/12/11 2:0 p.m.11 views

Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation

...

7.3AI score
Exploits0
Akamai Blog
Akamai Blog
added 2024/12/11 2:0 p.m.4 views

Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation

...

7.3AI score
Exploits0
Rows per page
Query Builder