LogDash Activity Log <= 1.1.3 - SQL Injection

The LogDash Activity Log plugin for WordPress is vulnerable to SQL Injection via the username parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

Malicious code in new-ts-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3721ae4cecdfa22793382d07d28a25ba5fabd54ac405cb94e642a1f96faee80 index.js imports childprocess and at lines 101 and 117 invokes execSync to run bash and zsh commands. Lines 9, 194, and 195 use Buffer.from...,...

CVE-2026-55255

creationtimestamp| type| source ---|---|--- 2026-06-19 13:17:29+00:00| published-proof-of-concept| https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2 2026-06-19 23:56:24+00:00| seen| https://bsky.app/profile/suriq.io/post/3mook75kc3e2d...

Kaseya VSA 2017 ConnectWise ManagedITSync - Remote Code Execution

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run...

CVE-2026-32174

creationtimestamp| type| source ---|---|--- 2026-06-19 04:30:27+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3momj2bqrjp26 2026-06-19 04:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116774890711719017...

EUVD-2026-37642

Unauthenticated PHP Object Injection in WP Activity Log = 5.6.3.1 versions...

CVE-2026-54806

Unauthenticated PHP Object Injection in WP Activity Log = 5.6.3.1 versions...

CVE-2026-54806

Affected software: WordPress WP Activity Log plugin (vulnerable &lt;= 5.6.3.1). Issue: unauthenticated PHP Object Injection. Root cause and technical specifics are not detailed in the provided documents beyond the vulnerability type. Impact metrics indicate a high-severity CVSS v3.1 score of 9.8 ...

CVE-2026-54806 WordPress WP Activity Log plugin <= 5.6.3.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in WP Activity Log = 5.6.3.1 versions...

Malicious code in cryptodao-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b5f3b7ec6eecce3d891664f33660a1c612cdd3c6ac99ba52633ef77a2df543c On npm install, the postinstall hook runs node recon.js, which harvests installer-side secrets and POSTs them over HTTPS with TLS certificate...

Malicious code in cryptodao-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39fca1d76ba65e01fbd3319d6752bb0dc896f9cc356676c6bfad3671d8b1e0d9 On npm install, the package's postinstall script recon.js harvests installer-side secrets and POSTs them to attacker-controlled webhook endpoints. Th...

Malicious code in cryptodao-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dbe5f8614a264a8d3cdd2ecf8ecd2ad17292dbb5c5bcc25d0ae9d77eb8821df package.json declares postinstall: node recon.js, which auto-runs on npm install. recon.js lines 30-46 scrapes a curated list of credential-bearing...

Malicious code in cryptodao-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ac58e81310f19b32d136445eab91f7ddc776921ff8dfd08bdb91bcdd4a1da6 [email protected] ships a postinstall script recon.js that runs automatically on npm install and harvests installer-side secrets. The script...

PT-2026-50234

In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

MAL-2026-5875 Malicious code in myfirstpackagetestaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c05b4934471efac919453e87b37a94a9a92c930455283c0bfb85b535c61f4a6b During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

Malicious code in setka-editor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9dd5cda5d5a0925c139a36f0ea4c69b96052ff203d7dc365ac119408ba76069 package.json registers both preinstall and postinstall lifecycle hooks that run node callback.js, which executes automatically on npm install...

CERTFR-2026-ACT-026

creationtimestamp| type| source ---|---|--- 2026-06-15 12:00:10+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3modacqtf5b2h 2026-06-15 12:00:21+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116754009882252784 2026-06-15 12:15:22+00:00| seen|...

Malicious code in ltidiconf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4ca306052ea5224831743daec9d3944fadff8cb4a7211e980be7669a739d00d [email protected] is an empty wrapper package index.js is module.exports = ;, empty author/description, inflated 99.9.1 version whose sole effect on...

MAL-2026-5624 Malicious code in edu-npm-postinstall-demo2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce30f195fb63661526196defd7d613a58ded58acd1208989400bf6267de6bfb1 On npm install, postinstall.js reads the installer's .env file from INITCWD, harvests environment variable values DEMO-prefixed, collects host...