4 matches found
CVE-2026-26056
Yoke is a Helm-inspired infrastructure-as-code IaC package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller ATC component of Yoke. It allows users with CR create/update permissions to execute arbitrary WASM code in the ATC controller context by injecting a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986907)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986907 advisory. In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasminitone In ibmasminitone, it calls...
MAL-2025-9786 Malicious code in @zalastax/nolb-_asm (npm)
The package @zalastax/nolb-asm was found to contain malicious code...
Exploit for Improper Input Validation in Google Chrome
This is a PoC exploit for CVE-2020-16040, a vulnerability in the WebAssembly WASM module loader. The exploit targets the WASM module loader's ability to load and execute WASM code, which can lead to arbitrary code execution. The exploit is implemented in JavaScript and uses the WebAssembly API to...