183 matches found
MAL-2026-5535 Malicious code in zer0onedate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 106494bfe4420962c30d8b3989a1397d197f277079c71b8d15695c9128d72399 On npm install, postinstall.js executes a chain of curl commands that read cloud instance metadata service IMDS endpoints — AWS...
GHSA-RVP5-9P55-F5RP NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin
Summary The client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that check, so a crafted link such as...
Malicious code in use-context-selector-tony (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dde262b1fecc08fe5853c4ec7ada6c3c3746a6e7afb5bd18c33d5adfa03843c This package is a name-squat of the popular use-context-selector library and ships a postinstall script dist/postinstall.js / src/postinstall.js that...
HashiCorp Vault has Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS
Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0,...
EUVD-2026-22809
Serendipity has a Host Header Injection allows authentication cookie scoping to attacker-controlled domain in functionsconfig.inc.php...
BIT-DISCOURSE-2026-33427 Discourse Authorization Page Displays Unvalidated Redirect Domain
Discourse is an open-source discussion platform. Prior to versions 2026.3.0, 2026.2.1, and 2026.1.2, an unauthenticated attacker can cause a legitimate Discourse authorization page to display an attacker-controlled domain, facilitating social engineering attacks against users. Versions 2026.3.0,...
CVE-2026-33427
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an unauthenticated attacker can cause a legitimate Discourse authorization page to display an attacker-controlled domain, facilitating social engineering attacks against users. Versions...
Discourse 安全漏洞
Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse has a security vulnerability that can be exploited by an attacker to cause a legitimate Discourse authorization page to display...
CVE-2026-33427
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an unauthenticated attacker can cause a legitimate Discourse authorization page to display an attacker-controlled domain, facilitating social engineering attacks against users. Versions...
PT-2026-26715
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an unauthenticated attacker can cause a legitimate Discourse authorization page to display an attacker-controlled domain, facilitating social engineering attacks against users. Versions...
CVE-2026-32616 Pigeon has a Host Header Injection in email verification flow
Pigeon is a message board/notepad/social system/blog. Prior to 1.0.201, the application uses $SERVER'HTTPHOST' without validation to construct email verification URLs in the register and resendmail flows. An attacker can manipulate the Host header in the HTTP request, causing the verification lin...
CVE-2026-0573 Improper Handling of HTTP Redirects vulnerability was identified in GitHub Enterprise Server that allowed leaking of authorization token and enabled remote code execution
An URL redirection vulnerability was identified in GitHub Enterprise Server that allowed attacker-controlled redirects to leak sensitive authorization tokens. The repositorypages API insecurely followed HTTP redirects when fetching artifact URLs, preserving the authorization header containing a...
CVE-2017-18380
edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name...
MAL-2025-48950 Malicious code in terminal-kleur (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfb7974c4fea6be8468d7f37887f3a894f3f1c3b8ba50ee5f6eb49872ce93ddc The package terminal-kleur was found to contain malicious code. Source: ghsa-malware 7aeaeb943d666c429839011345be810a0f587322d34b0b03308f43cd1f9611f5...
CVE-2025-62427 Server-Side Request Forgery (SSRF) in Angular SSR
The Angular SSR is a server-rise rendering tool for Angular applications. The vulnerability is a Server-Side Request Forgery SSRF flaw within the URL resolution mechanism of Angular's Server-Side Rendering package @angular/ssr before 19.2.18, 20.3.6, and 21.0.0-next.8. The function createRequestU...
EUVD-2025-7821
Malicious code in bioql PyPI...
EUVD-2024-19817
Malicious code in bioql PyPI...
MAL-2025-47872 Malicious code in cors-init (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7a30aab649400d5a04c1629bbf795c86ef6d8f2580f85c4af732391eef4bfd3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
FreeBSD : kanboard -- Password Reset Poisoning via Host Header Injection (e26608ff-5266-11f0-b522-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e26608ff-5266-11f0-b522-b42e991fc52e advisory. GitHub Security Advisories reports: Kanboard allows password reset emails to be sent with URLs derived...
CVE-2022-38201
An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1. A remote, unauthenticated attacker can potentially induce an unsuspecting authenticated user to access an an attacker controlled domain...