Malicious code in solc-abi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5ecbb6619ae13314417faab35b315155c9a55f98dfdb707fe44edfe1f7e7356 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5512 Malicious code in solc-abi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5ecbb6619ae13314417faab35b315155c9a55f98dfdb707fe44edfe1f7e7356 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview solc-abi is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious code in solidity-abi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d00c844413b4c809e5d57d1952a17f67f2c72324fd379c91d5fdd8aa3fdd9da9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview solidity-abi is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Unbreakable Enterprise kernel security update

6.12.0-203.76.7.3 - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017589 CVE-2025-10263 - arm64: tlb: Add ARM64WORKAROUNDREPEATTLBISYNC Mark Rutland Orabug: 39017589 - arm64: tlb: allow XZR argument to TLBI ops Mark Rutland Orabug: 39017589 - arm64: cputype: Add...

CLSA-2026-1780132159 Fix of 7 CVEs

CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount CVE-2026-23193 CVE-2025-71093 - e1000: fix OOB in e1000tbishouldaccept CVE-2025-71093 CVE-2025-71116 - libceph: make decodepool more resilient against corrupted osdmaps CVE-2025-71116 CVE-2025-71136 - media:...

CLSA-2026-1779202006 Fix CVE(s): CVE-2026-43284, CVE-2026-46300, CVE-2026-46333

Ubuntu: 4.15.0-256.267 CVE-2026-46333 - ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333 CVE-2026-46300 - net: skbuff: propagate shared-frag marker through copy/coalesce/gro/shift paths CVE-2026-46300 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...

WordPress Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin <= 1.8.10.4 - Authenticated (Custom+) SQL Injection vulnerability

Authenticated Custom+ SQL Injection vulnerability discovered by Abi Wiranata in WordPress Plugin Charitable versions = 1.8.10.4...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012963)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012963 advisory. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert...

OPENSUSE-SU-2026:20572-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +155 more potentially affected by CVE-2026-25219 via apache-airflow (>=1.8.2 <=3.1.7)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.6.4 and more Source cves: CVE-2026-25219 Source advisory: OSV:GHSA-4G48-54Q2-FG7Q...

Malicious code in @abi-labs-frontend/standards (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a60eba79d2fd49b58fb2a2073d2b7c87f66c1ad781bc1a6137962f9b5e772449 The package @abi-labs-frontend/standards was found to contain malicious code...

MAL-2026-2329 Malicious code in @abi-labs-frontend/standards (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a60eba79d2fd49b58fb2a2073d2b7c87f66c1ad781bc1a6137962f9b5e772449 The package @abi-labs-frontend/standards was found to contain malicious code...

Abi-smuggling-exploit

Web3 Security Research Portfolio A collection of smart contra...

a-api-server (=1.3.0), a2 (>=0.1.0 <=0.3.17) +3876 more potentially affected by CVE-2026-27205 via flask (>=0.10.1 <=3.1.2)

flask PYPI version =0.10.1, =0.1.0, =0.10.0, =1.0.2, =1.0.0, =1.0.5, =1.8.8, =1.0.2, =0.3.1, =0.8.44.4, =1.3.1.post1 and more Source cves: CVE-2026-27205 Source advisory: OSV:GHSA-68RP-WP8R-4726...

GHSA-47QC-857F-7W7F PyO3 has type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature

PyO3 0.28.1 added support for pyclassextends=PyList struct NativeSub and other native types when targeting Python 3.12 and up with the abi3 feature. It was discovered that subclasses of such classes would use the type of the subclass when attempting to access to data of NativeSub contained within...

PyO3 has type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature

PyO3 0.28.1 added support for pyclassextends=PyList struct NativeSub and other native types when targeting Python 3.12 and up with the abi3 feature. It was discovered that subclasses of such classes would use the type of the subclass when attempting to access to data of NativeSub contained within...

MiracleLinux 9 : bind-dyndb-ldap-11.9-9.el9.ML.1, bind-9.16.23-18.el9.1 (AXSA:2024-7866:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7866:02 advisory. bind: Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868 bind: KeyTrap - Extreme CPU consumption in DNSSEC validator...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47557: net/sched: schets: do not peek at classes beyond 'nbands' bsc1207361 bsc1225468. CVE-2021-47595: net/sched: schets: do not remove idle classes from the...