Lucene search
K

205 matches found

CVE
CVE
added yesterday14 views

CVE-2026-59995

OpenSSH sftp (client) vulnerability CVE-2026-59995 affects OpenSSH versions older than 10.4. The issue arises when using SFTP with an attacker-controlled server and the command "sftp server:/path .", where the client does not properly constrain the location where downloaded files can be placed. T...

4.2CVSS6AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41915

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

6.1AI score0.00221EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/06/29 3:40 p.m.14 views

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real results. Microsof...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/26 11:2 p.m.5 views

GHSA-39G2-8X68-PMX8 Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile context

Summary PATCH /server/id accepts and persists nonexistent ddnsprofiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the contex...

6.4CVSS5.8AI score0.00227EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 p.m.7 views

CVE-2026-12473

Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...

8.3CVSS0.00232EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 2:5 p.m.11 views

MAL-2026-6396 Malicious code in signup-embedder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48f398f700b78d1893db4570d5d6f16985d937ee79677aab97e673a1cf86e7e [email protected] ships preinstall.js and postinstall.js lifecycle scripts that auto-execute on npm install. preinstall.js collects...

5.8AI score
Exploits0References3
NVD
NVD
added 2026/06/22 6:16 p.m.12 views

CVE-2026-53632

launch-editor allows users to open files with line numbers in editor from Node.js. Prior to 2.14.1, the launch-editor NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the...

5.5CVSS0.00322EPSS
Exploits0References1
OSV
OSV
added 2026/06/17 6:55 p.m.5 views

MAL-2026-6069 Malicious code in @civitatis/bot-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e51e58cf925eb7dd4e084a2e78e22b0a0db0f1f82663101e34110258839f98f7 The package declares "preinstall": "node index.js" in package.json, causing index.js to execute automatically on npm install. index.js requires...

5.6AI score
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.18 views

CVE-2026-48745

Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7.19 and below, a single crafted deep link can silently hijack all GPS tracking parameters and redirect telemetry to an attacker-controlled server. The...

9.3CVSS0.00323EPSS
Exploits0References2
OSV
OSV
added 2026/06/15 6:0 p.m.10 views

MAL-2026-5798 Malicious code in @resolvx/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4639df1cd39850efb8106cbc5ecf3648f386c0cc5cff6c457d90f6a4d569cef0 On npm install, scripts/postinstall.js connects to a hardcoded attacker IP http://213.218.160.189:8080, fallback:80, sends a base64-encoded host...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 12:42 p.m.13 views

Malicious code in parket-slot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dc700128da5b494d5325086ec183ce7c746d44d88dc7f609bfb9f2eab9fa072 On npm install, the package's postinstall script node test.js auto-executes a multi-stage attack against the installer's machine. It recursively scan...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:16 a.m.19 views

Malicious code in 0x2ai-demo2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98ee2445b2f0b01d2457cf45c188b310f58c98f3b676032f9c6213469f071239 On npm install, scripts/postinstall.cjs recursively copies the bundled payload/ directory into INITCWD the developer's project root via fs.cpSync. Th...

5.6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 p.m.13 views

CVE-2026-49948

Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global LLM provider and embedder configuration but only verifies authentication via JWT or X-API-Key without validati...

8.6CVSS5.5AI score0.0029EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 5:35 p.m.9 views

MAL-2026-5407 Malicious code in @card-pci-data/store (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a82d7b7e7588c4b773e2948eb1707e62f2fcece2bec37a23eda5d5058eae871 On npm install, the package's preinstall hook scripts.preinstall: node index.js || true runs index.js which collects host identity — os.hostname,...

5.5AI score
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

mem0 安全漏洞

mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Versions of mem0 prior to 0.2.8 contain security vulnerabilities. These vulnerabilities stem from a lack of authorization verification, which may cause authenticated users with an API key to redirect all LLM...

8.6CVSS5.3AI score0.0029EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 4:47 p.m.24 views

CVE-2026-39908

OpenBullet2 ≤ v0.3.2 on Windows suffers a credential disclosure via a UNC-path proxy source. When a job loads proxies from an attacker-controlled UNC path, an SMB authentication occurs and reveals the NTLMv2 hash of the process user, enabling relay or offline cracking. Affected component is the p...

7.1CVSS5.6AI score0.00314EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 4:47 p.m.7 views

CVE-2026-39908

OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...

7.1CVSS5.5AI score0.00314EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45785

Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSH PROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decode push promise headers and add response/5 inserts a :reserve...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/06/01 9:31 a.m.132 views

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting ove...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.16 views

Malicious code in @cloudplatform-single-spa/ml-inference-marketplace (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
Rows per page
Query Builder