Malicious Package

Overview etsy-advocacy is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2026-36872

creationtimestamp| type| source ---|---|--- 2026-04-13 15:05:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjf5bjmcxn2o...

CERTFR-2026-ACT-017

creationtimestamp| type| source ---|---|--- 2026-04-13 13:44:42+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3mjeyroej5f2c 2026-04-13 13:44:48+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116397695370532777 2026-04-13 13:57:52+00:00| seen|...

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks' Wendi Whitmore warned that similar capabilities are weeks or months from proliferation. CrowdStrike's 2026...

CERTFR-2026-ACT-016

creationtimestamp| type| source ---|---|--- 2026-04-13 09:31:53+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116396701141864601 2026-04-14 13:28:56+00:00| seen| https://bsky.app/profile/macsouverain.bsky.social/post/3mjhiefzp3q2z 2026-04-15 09:38:44+00:00| seen|...

CVE-2026-6159

creationtimestamp| type| source ---|---|--- 2026-04-13 07:36:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjee7zjin62t...

CVE-2025-69624

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference in the JavaScript app.alert() implementation. When called with more than one argument and the first is null (e.g., app.alert(app.activeDocs, true) with activeDocs null), the engine routes to a fallback path for non-string arg...

CVE-2025-69624

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...

CVE-2025-69624

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...

PT-2026-32376

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...

CVE-2026-40393

creationtimestamp| type| source ---|---|--- 2026-04-12 19:29:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjd3lfxipw2f 2026-04-12 20:02:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116393517494341967 2026-04-12 21:15:35+00:00| seen|...

CVE-2026-6126

creationtimestamp| type| source ---|---|--- 2026-04-12 12:44:53+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjcexr3jzj22 2026-04-12 13:15:23+00:00| published-proof-of-concept| Telegram/MAArghuJr9V3EBWp3NdbOgL0SAw37FjqzKr6qVSads5vX0...

CVE-2019-25711

creationtimestamp| type| source ---|---|--- 2026-04-12 04:16:34+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25711 2026-04-12 14:55:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjcmaqnjja23...

CVE-2019-25706

creationtimestamp| type| source ---|---|--- 2026-04-12 04:16:33+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25706 2026-04-12 14:18:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjck6lqblp2m...

CVE-2019-25707

creationtimestamp| type| source ---|---|--- 2026-04-12 04:16:33+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25707 2026-04-12 14:50:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjclxs2ktc2g...

CVE-2019-25708

creationtimestamp| type| source ---|---|--- 2026-04-12 04:16:33+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25708 2026-04-12 14:40:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjclfuwc5p2g...

CVE-2019-25705

creationtimestamp| type| source ---|---|--- 2026-04-12 04:16:33+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2019-25705 2026-04-12 14:20:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjckcqao5n23 2026-06-07 03:07:07+00:00| seen|...

bg.codexio.ai:openai-api-examples (>=0.8.0.BETA <=0.9.0.BETA-JDK17), ch.cern:cerndb-sw-zkpolicy (=1.0.1-21) +307 more potentially affected by CVE-2026-34480 via org.apache.logging.log4j:log4j-core (>=3.0.0-alpha1 <=3.0.0-beta3)

org.apache.logging.log4j:log4j-core MAVEN version =3.0.0-alpha1, =0.8.0.BETA, =1.0.0, =0.0.2, =00.00.03, =1.0.6, =1.0.7, =1.0.0, =2.0.21, =1.0, =1.0.2 and more Source cves: CVE-2026-34480 Source advisory: SNYK:JAVA-ORGAPACHELOGGINGLOG4J-15967769...

CVE-2026-40200

creationtimestamp| type| source ---|---|--- 2026-04-10 08:17:14+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40200 2026-04-10 15:26:16+00:00| seen| https://bsky.app/profile/musl.treehouse.systems.ap.brid.gy/post/3mj5mztiq6sy2 2026-04-10 18:08:47+00:00|...

CVE-2026-40157

creationtimestamp| type| source ---|---|--- 2026-04-10 08:17:13+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40157 2026-04-10 18:15:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj5wjkxdgu2m 2026-04-10 19:27:59+00:00|...