MAL-2026-6274 Malicious code in web3-token-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c826bf782895b60580b94e3a28a2c4562d3742420ce81e9895ad8568da57890 The package advertises itself as a Web3 fee utility but its main export is a dropper. index.js line 140 base64-decodes a platform-specific command...

utcp-cli Vulnerable to Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol

Summary The substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix or powershell.exe -Command Windows, allowing an attacker to...

MAL-2026-2449 Malicious code in mgc (npm)

Package fetches platform-specific stage-2 payloads from a GitHub Gist. The stage-2 payloads are full Remote Access Trojans RATs for Linux Python and Windows PowerShell that beacon to a C2 server, exfiltrate system information, enumerate directories, execute arbitrary commands, and support binary...

Exploit for Command Injection in Microsoft

CVE-2025-54100-BYPASS- CVE-2025-54100 POC "simple" Bypass Patc...

CVE-2026-24414 Icinga for Windows certificate can have too-open permissions

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

CVE-2021-47759

CVE-2021-47759 (MTPutty 1.0.1.21) : A local information-disclosure vulnerability allows an attacker with local access to view SSH passwords by listing Windows PowerShell processes; the full command line of MTPutty processes is retrievable, exposing plaintext credentials. Documented impact is conf...

EUVD-2026-2776

MTPutty 1.0.1.21 contains a sensitive information disclosure vulnerability that allows local attackers to view SSH connection passwords through Windows PowerShell process listing. Attackers can run a PowerShell command to retrieve the full command line of MTPutty processes, exposing plaintext SSH...

CVE-2025-54100

Improper neutralization of special elements used in a command 'command injection' in Windows PowerShell allows an unauthorized attacker to execute code locally...

EUVD-2025-202201

Improper neutralization of special elements used in a command 'command injection' in Windows PowerShell allows an unauthorized attacker to execute code locally...

PT-2025-50150

Name of the Vulnerable Software and Affected Versions Microsoft Windows PowerShell versions prior to December 17, 2025 Description The issue is a command injection flaw in Windows PowerShell that allows an unauthorized attacker to execute code locally. The flaw stems from improper neutralization ...

curl: runs javascript on powershell when it shouldnt

On windows, if I run a curl on powershell for a script that should show alert1 it just executes the script when it shouldn't. I did not use AI to find or report this bug. Affected version on CMD I ran curl --version curl 8.16.0 Windows libcurl/8.16.0 Schannel zlib/1.3.1 WinIDN on powershell it...

EUVD-2017-3423

Malware in sbrugna...

EUVD-2017-17661

Malware in sbrugna...

EUVD-2018-19873

Malware in sbrugna...

EUVD-2018-19869

Malware in sbrugna...

EUVD-2018-19880

Malware in sbrugna...

EUVD-2018-19885

Malware in sbrugna...

EUVD-2018-19884

Malware in sbrugna...

EUVD-2018-19890

Malware in sbrugna...

EUVD-2018-19881

Malware in sbrugna...