Wikipedia’s AI agent row likely just the beginning of the bot-ocalypse

The Internet is filled with people who insist on being right. In the past, at least they could be reasonably sure that they were arguing with other humans. Those days are gone, apparently. Wikipedia just had to ban an AI that was making edits on its own. Apparently, the AI took it personally. The...

EUVD-2015-5231

Malware in sbrugna...

EUVD-2022-29895

Malicious code in bioql PyPI...

CVE-2025-2938

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval...

CVE-2025-2798 Woffice <= 5.4.21 - Authentication Bypass via Registration Role

The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom...

CVE-2024-7049

In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This allows the user to perform actions without admin confirmation, bypassing the intended approval process...

Design/Logic Flaw

The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...

CVE-2022-25152

The CVE-2022-25152 entry concerns ITarian’s platform (SaaS and on-premise) where a flaw in the agent-Run code workflow (procedures) allows bypassing the mandatory approval process. Versions before 6.35.37347.20040 are affected; a user with a valid session token can create a procedure, bypass appr...

CVE-2022-25152 ITarian - Any user with a valid session token can create and execute agent procedures and bypass mandatory approvals

The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...

Not calling _safeApprove(0) before setting a new approval causes the call to revert when used with Tether (USDT)

Lines of code Vulnerability details Impact Some tokens like the very popular USDT do not work when changing the allowance from an existing non-zero allowance value it will revert if the current approval is not zero to protect against front-running changes of approvals. These tokens must first be...

All approved addresses can burn tokens

Lines of code Vulnerability details Impact The burn function calls isApprovedOrOwner to check if a caller is authorized to burn tokens. This means that any address that has been approved can burn a user's token. Reading the ERC721 documentation from OpenZeppelin makes it understood that the...

Approved by zero first

Handle Jujic Vulnerability details Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value. They must first be approved by zero and then the actual allowance must be approved. Impact When using one of these unsupported tokens, all transactions rever...

Traffic Factory: WordPress Plugin Update Confusion at trafficfactory.com

Hi, I'm currently researching a "novel" supply chain attack affecting WordPress plugins, and I believe your website might be vulnerable. The way it works is similar to a recent Dependency Confusion attack, where a malicious actor can take over internal packages unclaimed on PyPI / npm registry. I...

CVE-2019-11546

GitLab CVE-2019-11546 involves a race condition in the Merge Request approval flow. Affected releases include GitLab Community/Enterprise before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. The issue could allow a user to approve a merge request multiple times and reach the merge th...

Legal Robot: Code injection

A security researcher discovered that they were able to inject potentially malicious code into Legal Robot's newly created Roadmap page through improper input sanitization when submitting a new Idea for consideration by the community. A limited-scope attack was possible since the input sanitizati...

CVE-2015-5235

IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page...

CVE-2015-5235

CVE-2015-5235 affects IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1, where the origin of unsigned applets is not properly determined, allowing remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. The issue is addressed in icedtea...

CVE-2015-5235

IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page...

Fake iPhone Camera+ App Allowed in App Store

A fake version of the popular Camera+ iPhone application was offered on Apple’s App Store over the weekend, according to a post by Glyn Evans on the iPhoneography blog on Saturday, just the latest example of suspicious and malicious applications to slip through Apple’s shadowy application vetting...

Android Controversy Highlights Mobile App Store Weaknesses

Most of the angst and controversy surrounding Google’s decision to remotely erase a benign application from a couple of hundred Android phones recently has centered just on the fact that Google has that ability–as well as the ability to remotely install apps. But, as one security expert says, tha...