107409 matches found
MAL-2026-5973 Malicious code in classbreeze-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e19daf4f946816f5ba3c6e592eacc980861b281c6752b738de57fdd31f49279d The package masquerades as a Tailwind plugin: README and the top of src/index.js are a verbatim clone of @tailwindcss/typography...
CVE-2026-12452
creationtimestamp| type| source ---|---|--- 2026-06-17 01:56:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-google-chrome-56 2026-06-17 06:08:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mohnlkqzrj22...
CVE-2026-12460
creationtimestamp| type| source ---|---|--- 2026-06-17 01:56:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-google-chrome-56 2026-06-17 06:00:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mohn627uzo2j...
CVE-2026-12462
creationtimestamp| type| source ---|---|--- 2026-06-17 01:56:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-google-chrome-56 2026-06-17 05:56:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mohmwmbwsm2f...
CVE-2026-12464
creationtimestamp| type| source ---|---|--- 2026-06-17 01:56:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-google-chrome-56 2026-06-17 05:48:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mohmhkfptc2f...
CVE-2026-49073
creationtimestamp| type| source ---|---|--- 2026-06-17 01:00:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moh4fdxvxf22...
CVE-2026-11410
creationtimestamp| type| source ---|---|--- 2026-06-17 00:40:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moh3bjgwv222...
CVE-2026-49057
creationtimestamp| type| source ---|---|--- 2026-06-17 00:28:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moh2k5rnnn2g...
CVE-2026-48783
creationtimestamp| type| source ---|---|--- 2026-06-17 00:11:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mogznfyenc2x...
CVE-2026-47277
creationtimestamp| type| source ---|---|--- 2026-06-17 00:07:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mogzghhrvn2v...
CVE-2026-48781
creationtimestamp| type| source ---|---|--- 2026-06-17 00:03:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mogz6imvsz26...
Bosch Security Systems IP Cameras Uncontrolled Resource Consumption (CVE-2021-23852)
An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service DoS. This plugin only works with Tenable.ot. Please visit...
PT-2026-50609
Name of the Vulnerable Software and Affected Versions Drupal core affected versions not specified Description The Media module supports oEmbed, which utilizes two discovery mechanisms: providers.json and URL discovery. The URL discovery code can be exploited to trick the system into making...
EUVD-2026-37205
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting XSS. This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it...
CVE-2026-53843
creationtimestamp| type| source ---|---|--- 2026-06-16 21:18:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mogpypptkp2i 2026-06-17 02:00:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3moh7qn6agy25...
CVE-2026-12425
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting XSS. This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it...
CVE-2026-48294
Adobe Acrobat PDF Extension Chrome versions 26.5.2.2 and earlier are affected by a UXSS-class cross-origin data disclosure vulnerability. An attacker could exploit this vulnerability to gain access to data regarding the victim's session. Exploitation of this issue requires user interaction in tha...
CVE-2026-48776
LangGraph Python SDK (versions ≤ 0.3.14) has unsafe URL path construction due to unsanitized caller-supplied identifiers in HTTP request paths, which could address the wrong resource or resource type. Impact: potential unintended access, modification, or deletion of resources beyond the caller's ...
Malicious code in uidai_reusable_components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5875a720dc1cfc6e30a67b003fc43975fbef2e11352e715e19e55e54dd84ae67 On npm install, the preinstall lifecycle script in package.json executes an inline Node one-liner that collects the installer's hostname, OS username...
CVE-2026-48780
creationtimestamp| type| source ---|---|--- 2026-06-16 16:00:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mog67gafbm25 2026-06-16 18:03:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mogf2rqlzg2c...