205 matches found
CVE-2026-59995
OpenSSH sftp (client) vulnerability CVE-2026-59995 affects OpenSSH versions older than 10.4. The issue arises when using SFTP with an attacker-controlled server and the command "sftp server:/path .", where the client does not properly constrain the location where downloaded files can be placed. T...
EUVD-2026-41915
The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...
Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real results. Microsof...
GHSA-39G2-8X68-PMX8 Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile context
Summary PATCH /server/id accepts and persists nonexistent ddnsprofiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the contex...
CVE-2026-12473
Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...
MAL-2026-6396 Malicious code in signup-embedder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48f398f700b78d1893db4570d5d6f16985d937ee79677aab97e673a1cf86e7e [email protected] ships preinstall.js and postinstall.js lifecycle scripts that auto-execute on npm install. preinstall.js collects...
CVE-2026-53632
launch-editor allows users to open files with line numbers in editor from Node.js. Prior to 2.14.1, the launch-editor NPM package accesses arbitrary paths including Windows UNC paths. When a UNC path is opened, Windows automatically attempts NTLM authentication to the remote host, causing the...
MAL-2026-6069 Malicious code in @civitatis/bot-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e51e58cf925eb7dd4e084a2e78e22b0a0db0f1f82663101e34110258839f98f7 The package declares "preinstall": "node index.js" in package.json, causing index.js to execute automatically on npm install. index.js requires...
CVE-2026-48745
Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7.19 and below, a single crafted deep link can silently hijack all GPS tracking parameters and redirect telemetry to an attacker-controlled server. The...
MAL-2026-5798 Malicious code in @resolvx/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4639df1cd39850efb8106cbc5ecf3648f386c0cc5cff6c457d90f6a4d569cef0 On npm install, scripts/postinstall.js connects to a hardcoded attacker IP http://213.218.160.189:8080, fallback:80, sends a base64-encoded host...
Malicious code in parket-slot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dc700128da5b494d5325086ec183ce7c746d44d88dc7f609bfb9f2eab9fa072 On npm install, the package's postinstall script node test.js auto-executes a multi-stage attack against the installer's machine. It recursively scan...
Malicious code in 0x2ai-demo2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98ee2445b2f0b01d2457cf45c188b310f58c98f3b676032f9c6213469f071239 On npm install, scripts/postinstall.cjs recursively copies the bundled payload/ directory into INITCWD the developer's project root via fs.cpSync. Th...
CVE-2026-49948
Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global LLM provider and embedder configuration but only verifies authentication via JWT or X-API-Key without validati...
MAL-2026-5407 Malicious code in @card-pci-data/store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a82d7b7e7588c4b773e2948eb1707e62f2fcece2bec37a23eda5d5058eae871 On npm install, the package's preinstall hook scripts.preinstall: node index.js || true runs index.js which collects host identity — os.hostname,...
mem0 安全漏洞
mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Versions of mem0 prior to 0.2.8 contain security vulnerabilities. These vulnerabilities stem from a lack of authorization verification, which may cause authenticated users with an API key to redirect all LLM...
CVE-2026-39908
OpenBullet2 ≤ v0.3.2 on Windows suffers a credential disclosure via a UNC-path proxy source. When a job loads proxies from an attacker-controlled UNC path, an SMB authentication occurs and reveals the NTLMv2 hash of the process user, enabling relay or offline cracking. Affected component is the p...
CVE-2026-39908
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
PT-2026-45785
Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSH PROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decode push promise headers and add response/5 inserts a :reserve...
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting ove...
Malicious code in @cloudplatform-single-spa/ml-inference-marketplace (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...