MAL-2026-1138 Malicious code in fwk-amigapython-amigamlserver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5d6f09429b123469b1fc83ceb4af35c595ff4b6e2631552fc857922ca921c4c5 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

MAL-2026-1139 Malicious code in fwk-amigapython-rest-server (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9694db9e75e6f3f31137edfba3f3a51ede2881961ee930ea4a4b02e1be086fc8 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

Malicious code in fwk-amigapython-rest-server (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9694db9e75e6f3f31137edfba3f3a51ede2881961ee930ea4a4b02e1be086fc8 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

MAL-2026-1141 Malicious code in identityapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 45946e31faffbed940c8acb3656be0d5f25de7db36f58766cdac44a1e7d6150b During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

Malicious code in identityapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 45946e31faffbed940c8acb3656be0d5f25de7db36f58766cdac44a1e7d6150b During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

BIT-GITLAB-2025-14103 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

Exploit for Incorrect Authorization in Suse Pam-Config

CVE-2025-6018 + CVE-2025-6019 Privilege Escalation Guide 中文...

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14478)

Apple watchOS is a smartwatch operating system. apple macOS is a dedicated operating system developed for Mac computers. apple visionOS is an operating system for AR glasses. An information disclosure vulnerability exists in multiple Apple products and is caused due to an issue with the handling ...

CVE-2026-28411

WeGIA Web Manager prior to version 3.6.5 is vulnerable to an authentication bypass via unsafe use of extract($_REQUEST). The issue allows an unauthenticated attacker to overwrite local variables across multiple PHP scripts, enabling unauthorized access to administrative and protected areas. remed...

Multiple Releases of Same Resource or Handle

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Multiple Releases of Same Resource or Handle via the applySkillConfigEnvOverrides function. An attacker can inject dangerous environment variables into the host process by modifying local...

GHSA-82G8-464F-2MV7 OpenClaw: Skill env override host env injection via applySkillConfigEnvOverrides (defense-in-depth)

Summary applySkillConfigEnvOverrides previously copied skills.entries..env values into the host process.env without applying the host env safety policy. Impact In affected versions, dangerous process-level variables such as NODEOPTIONS could be injected when unset, which can influence...

PT-2026-22413

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.5 Description WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $ REQUEST superglobal allows an unauthenticated attacker to overwrite local...

CVE-2025-14103

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

Malicious Package

Overview magichat is a malicious package. that utilizes typosquatting to infiltrate developer environments via PyPI. Once installed, it executes obfuscated payloads designed to harvest sensitive data, including environment variables, cloud credentials, and SSH keys. This stolen information is...

Malicious Package

Overview polyclawd is a malicious package. that utilizes typosquatting to infiltrate developer environments via PyPI. Once installed, it executes obfuscated payloads designed to harvest sensitive data, including environment variables, cloud credentials, and SSH keys. This stolen information is...

Malicious Package

Overview clawdest is a malicious package. that utilizes typosquatting to infiltrate developer environments via PyPI. Once installed, it executes obfuscated payloads designed to harvest sensitive data, including environment variables, cloud credentials, and SSH keys. This stolen information is...

Malicious Package

Overview polyutil is a malicious package. that utilizes typosquatting to infiltrate developer environments via PyPI. Once installed, it executes obfuscated payloads designed to harvest sensitive data, including environment variables, cloud credentials, and SSH keys. This stolen information is...

Docker Desktop < 4.43.0 Information Disclosure

The version of Docker Desktop is prior to 4.43.0. It is therefore affected by an information disclosure vulnerability. - System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information...

📄 telnetd Environment Variable Bypass

It has been discovered that telnetd has further bypass issues relating to environment variables that can achieve remote root. For 27 years, this issue persists. From: Justin Swartz Date: Tue, 24 Feb 2026 03:17:02 +0200 Greetings, I have been reviewing the recent vulnerability report by Ron Ben...

EUVD-2025-208116

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...