Malicious Package

Overview ambar-src is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

CVE-2026-2457

creationtimestamp| type| source ---|---|--- 2026-02-16 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0173/...

SUSE SLES12 Security Update : zabbix (SUSE-SU-2026:0483-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0483-1 advisory. - CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 - CVE-2024-42325: Restricted access to user fields using...

Suricata < 7.0.14 / 8.x < 8.0.3 Multiple Vulnerabilities

The version of OISF Suricata installed on the remote host is prior to 7.0.14 or 8.x prior to 8.0.3. It is, therefore, affected by multiple vulnerabilities, including: - Crafted DCERPC traffic can cause Suricata to expand a buffer without limits, leading to memory exhaustion and the process gettin...

Security update for zabbix

This update for zabbix fixes the following issues: CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 CVE-2024-42325: Restricted access to user fields using user.get API method for users of User and Admin type, and restricted access to alert entities using alert.get...

SUSE-SU-2026:0483-1 Security update for zabbix

This update for zabbix fixes the following issues: - CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 - CVE-2024-42325: Restricted access to user fields using user.get API method for users of User and Admin type, and restricted access to alert entities using...

CVE-2025-10969

creationtimestamp| type| source ---|---|--- 2026-02-12 14:19:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meo6qfj3az25 2026-02-12 14:20:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meo6sispdb24 2026-02-12 14:23:04+00:00| seen|...

CVE-2025-20262

creationtimestamp| type| source ---|---|--- 2026-02-11 17:40:08+00:00| seen| https://gist.github.com/alon710/cd67391569e505b6f90bc55b747ff8d9...

CVE-2026-1814

creationtimestamp| type| source ---|---|--- 2026-02-10 19:29:41+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/rapid7-security-advisory-av26-108 2026-05-14 17:00:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/84239 2026-05-14 21:00:04+00:00| seen|...

GHSA-7G24-QG88-P43Q vulnerabilities

Vulnerabilities for packages: hadoop-fips...

CVE-2026-21525

creationtimestamp| type| source ---|---|--- 2026-02-10 17:30:28+00:00| seen| https://www.thezdi.com/blog/2026/2/10/the-february-2026-security-update-review 2026-02-10 18:01:45+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0053 2026-02-10 18:53:06+00:00| seen|...

Malicious Package

Overview @snazah/davey is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2026-24681

creationtimestamp| type| source ---|---|--- 2026-02-10 15:42:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mejcgheawr2v...

CVE-2025-6967

creationtimestamp| type| source ---|---|--- 2026-02-10 14:18:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mej5qq7ylq22 2026-02-10 14:18:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mej5qzmxgb2o 2026-02-10 14:18:56+00:00| seen|...

ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5), ca.ibodrov.mica.docker:mica-standalone (>=0.0.27 <=0.0.34) +272 more potentially affected by CVE-2026-23901 via org.apache.shiro:shiro-core (>=2.0.0-alpha-1 <=2.0.6)

org.apache.shiro:shiro-core MAVEN version =2.0.0-alpha-1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =6.0.0, =8.0.0, =8.0.0, =2.2.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-23901 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-15253618...

CVE-2026-25154

creationtimestamp| type| source ---|---|--- 2026-02-10 06:25:20+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3meidcwyxe724 2026-02-10 12:17:19+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3meiwycwklm2u...

CVE-2026-25925

creationtimestamp| type| source ---|---|--- 2026-02-09 22:16:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mehhzklndr23...

CVE-2026-25496

creationtimestamp| type| source ---|---|--- 2026-02-09 18:03:15+00:00| published-proof-of-concept| https://github.com/craftcms/cms/security/advisories/GHSA-9f5h-mmq6-2x78 2026-02-09 23:10:05+00:00| seen| https://gist.github.com/alon710/f17e6e93e24b62efe6529ae7f171eec3...

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk WHD instances to obtain initial access and move laterally across the organization's network to other high-value assets. That said, the Microsoft...

CERTFR-2026-ACT-006

creationtimestamp| type| source ---|---|--- 2026-02-09 14:11:32+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3megmvo2ddj22 2026-02-09 14:11:36+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116041075350640073 2026-02-09 15:34:27+00:00| seen|...