30384 matches found
CVE-2026-14898
The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...
CVE-2026-40139
creationtimestamp| type| source ---|---|--- 2026-07-06 17:27:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpymetigjj26 2026-07-06 17:30:05+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mpymjzwroy2i 2026-07-06 17:48:42+00:00| seen|...
CVE-2026-40141 High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access
A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters. Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to acces...
CVE-2026-57630
creationtimestamp| type| source ---|---|--- 2026-07-06 14:15:08+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mpybngao7v2t...
CVE-2026-13708
Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in ireadjpegwiol. ireadjpegwiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with iptcitext = mymalloc... and overwrites the previous...
CVE-2026-13708 Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in i_readjpeg_wiol
Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in ireadjpegwiol. ireadjpegwiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with iptcitext = mymalloc... and overwrites the previous...
CVE-2026-12686
creationtimestamp| type| source ---|---|--- 2026-07-06 10:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116872565768512647 2026-07-06 10:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mpxv3qz2ph2g 2026-07-06 12:08:04+00:00| seen|...
CVE-2026-14802
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The...
CVE-2025-50567
creationtimestamp| type| source ---|---|--- 2026-07-06 06:45:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpxijeqlja2p...
CVE-2026-14802 react create-react-app react-dev-utils openBrowser.js startBrowserProcess os command injection
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The...
CVE-2026-14802
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The...
CVE-2026-14802
CVE-2026-14802 affects react-create-app releases up to 5.0.1 on macOS, targeting the startBrowserProcess function in openBrowser.js within react-dev-utils. The root cause is an input manipulation that enables OS command injection, with remote exploitation described as possible and the exploit pub...
PT-2026-55971
Name of the Vulnerable Software and Affected Versions OpenAI Codex for macOS affected versions not specified Description The desktop application renders remote images from Markdown within model responses. An attacker can use indirect prompt injection—a technique where malicious instructions are...
CVE-2026-59520
creationtimestamp| type| source ---|---|--- 2026-07-05 23:59:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpwrsytwez2p 2026-07-07 08:04:56+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mq25geh37n2v...
CVE-2026-10513
creationtimestamp| type| source ---|---|--- 2026-07-05 23:16:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mpwpftltek2h...
CVE-2025-67316
creationtimestamp| type| source ---|---|--- 2026-07-05 19:40:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpwdf6kzfn2j...
CVE-2025-64637
creationtimestamp| type| source ---|---|--- 2026-07-05 17:16:22+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mpw3clcpzv2p...
CVE-2026-14634
creationtimestamp| type| source ---|---|--- 2026-07-04 20:05:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mptucx6eos2a...
CVE-2025-71353
creationtimestamp| type| source ---|---|--- 2026-07-04 04:38:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpsahzpup32z 2026-07-04 16:00:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mptgmha4ar2u...
CVE-2026-58286
creationtimestamp| type| source ---|---|--- 2026-07-04 01:39:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mprwj2iusx25 2026-07-05 03:00:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mpuli5jfby2t 2026-07-05 23:01:39+00:00| seen|...