Lucene search
+L

92 matches found

cvelist
cvelist
added 2026/07/02 6:0 a.m.42 views

CVE-2026-10077 YOOtheme Pro < 5.0.35 - Author+ Stored XSS via UIkit Data Attributes

The yootheme WordPress theme before 5.0.35 does not prevent its bundled front-end framework from treating certain HTML attributes, which are permitted by wpksespost, as markup, allowing users with the Author role to perform Stored Cross-Site Scripting attacks that execute in the browser of any us...

0.00235EPSS
Exploits0References1
cve
cve
added 2026/07/02 6:0 a.m.24 views

CVE-2026-10077

The affected product is the YOOtheme WordPress theme (prior to 5.0.35). The issue arises in the bundled front-end framework that can treat certain HTML attributes, allowed by wp_kses_post(), as markup, enabling Stored XSS when a user with the Author role views a post. The root cause is improper h...

6.8CVSS5.8AI score0.00235EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/03/24 12:0 a.m.6 views

PT-2026-27611

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.4 iPadOS versions prior to 26.4 Description A security issue exists where an attacker with physical access to an iOS device with Stolen Device Protection enabled may be able to access biometrics-gated Protected Apps wi...

4.6CVSS5.8AI score0.00187EPSS
Exploits0References6
ossf
ossf
added 2026/03/16 12:0 a.m.8 views

Malicious code in @storylane/uikit (npm)

The package '@storylane/uikit' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
snyk
snyk
added 2026/01/20 4:16 a.m.8 views

Malicious Package

Overview uq-global-ec-uikit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
euvd
euvd
added 2026/01/20 4:16 a.m.5 views

EUVD-2026-3510

Malicious code in gu-global-ec-uikit npm...

5.5AI score
Exploits0References1
euvd
euvd
added 2026/01/20 4:16 a.m.6 views

EUVD-2026-3506

Malicious code in shared-global-ec-uikit npm...

5.5AI score
Exploits0References1
euvd
euvd
added 2026/01/20 4:16 a.m.6 views

EUVD-2026-3509

Malicious code in pl-global-ec-uikit npm...

5.5AI score
Exploits0References1
snyk
snyk
added 2026/01/20 4:16 a.m.6 views

Malicious Package

Overview pl-global-ec-uikit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
ossf
ossf
added 2026/01/20 4:16 a.m.11 views

Malicious code in gu-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af8b504bec83c372b24f21eb2b83e6a5ec1ceceef82ba4b57dc401e1ab44f9a4 The package gu-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
ossf
ossf
added 2026/01/20 4:16 a.m.10 views

Malicious code in uq-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aff150b2aef330176090006c8f217913a40ee17728ec4c821c5c3310624bb0ba The package uq-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
euvd
euvd
added 2026/01/20 4:16 a.m.7 views

EUVD-2026-3505

Malicious code in uq-global-ec-uikit npm...

5.5AI score
Exploits0References1
snyk
snyk
added 2026/01/20 4:16 a.m.6 views

Malicious Package

Overview shared-global-ec-uikit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS5.5AI score
Exploits0References2
osv
osv
added 2026/01/20 4:16 a.m.5 views

MAL-2026-363 Malicious code in pl-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327cc69fee3f2500a3cf23d3c917935d3d7db124d0b7f3c136fead2f1d69f093 The package pl-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
ossf
ossf
added 2026/01/20 4:16 a.m.8 views

Malicious code in pl-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327cc69fee3f2500a3cf23d3c917935d3d7db124d0b7f3c136fead2f1d69f093 The package pl-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
ossf
ossf
added 2026/01/20 4:16 a.m.9 views

Malicious code in shared-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac32ab19d7e9c15b0c6a69dafe143c75cab5612b903293c16865f371b8a00a7 The package shared-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
osv
osv
added 2026/01/20 4:16 a.m.7 views

MAL-2026-361 Malicious code in gu-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af8b504bec83c372b24f21eb2b83e6a5ec1ceceef82ba4b57dc401e1ab44f9a4 The package gu-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
osv
osv
added 2026/01/20 4:16 a.m.5 views

MAL-2026-364 Malicious code in shared-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac32ab19d7e9c15b0c6a69dafe143c75cab5612b903293c16865f371b8a00a7 The package shared-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
osv
osv
added 2026/01/20 4:16 a.m.5 views

MAL-2026-367 Malicious code in uq-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aff150b2aef330176090006c8f217913a40ee17728ec4c821c5c3310624bb0ba The package uq-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
euvd
euvd
added 2026/01/16 12:10 a.m.9 views

EUVD-2026-3104

Malicious code in @wb-team/uikit-myteam-web npm...

6.6AI score
Exploits0
Rows per page
Query Builder