EUVD-2026-24629

Missing bounds validation for operator could allow out of range operator-code lookup during model loading Affected version is prior to commit 1.30.0...

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

CVE-2026-6839

Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0...

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

PT-2026-34263

CVE-2026-6840 Missing bounds validation for operator could allow out of range operator-code lookup during model loading Affected version is prior to commit 1.30.0. https://t.co/DGJUzFs4hC...

PT-2026-34255

CVE-2026-40448 Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected v… https://t.co/x8HxY9Raln...

PT-2026-34260

CVE-2026-41666 Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prio… https://t.co/k3CS5TgA5s...

EUVD-2019-2035

Malware in sbrugna...

EUVD-2025-28478

Malicious code in bioql PyPI...

EUVD-2025-27955

Malicious code in bioql PyPI...

EUVD-2021-7722

Malicious code in bioql PyPI...

CVE-2025-59037 DuckDB NPM packages 1.3.3 and 1.29.2 briefly compromised with malware

DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm was compromised with malware along with several other packages. An attacker published new versions of four of DuckDB's packages that included malicious code to...

PT-2025-36966

Name of the Vulnerable Software and Affected Versions: DuckDB versions 1.3.3 @duckdb/node-api version 1.3.3 @duckdb/node-bindings version 1.3.3 @duckdb/duckdb-wasm version 1.29.2 Description: DuckDB packages distributed for Node.js on npm were compromised with malware intended to interfere with...

PhpSpreadsheet 代码问题漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A code issue vulnerability exists in PhpSpreadsheet versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and prior to 5.0.0, which stems from a server-side request forgery during HTML document processing...

CVE-2025-57886

Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility Checker by Equalize Digital accessibility-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Checker by Equalize Digital: from n/a through...

CVE-2025-57886 WordPress Accessibility Checker by Equalize Digital Plugin <= 1.30.0 - Insecure Direct Object References (IDOR) Vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility Checker by Equalize Digital accessibility-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Checker by Equalize Digital: from n/a through...

CVE-2025-57886

CVE-2025-57886 (WordPress) – Equalize Digital Accessibility Checker . Affected plugin: Equalize Digital Accessibility Checker, versions up to 1.30.0. Root cause: authorization bypass via a user-controlled key caused by incorrectly configured access control levels, enabling bypass of access restri...

WordPress plugin Accessibility Checker by Equalize Digital 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in WordPress...

PT-2025-34351 · Unknown · Accessibility Checker By Equalize Digital

Name of the Vulnerable Software and Affected Versions: Equalize Digital Accessibility Checker versions through 1.30.0 Description: An authorization bypass issue exists in Equalize Digital Accessibility Checker due to incorrectly configured access control security levels. The issue allows...

CVE-2025-52935

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly src/redis/lua/struct modules. This vulnerability is associated with program files luastruct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18...