Lucene search
+L

2451 matches found

OSV
OSV
added 2026/06/09 4:5 p.m.3 views

CVE-2026-49848 FreeSWITCH: Pre-authentication `userVariables` injection in `mod_verto`

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's checkauth userauth branch wrote request-supplied userVariables into the...

4.3CVSS5.9AI score0.00172EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2026/06/09 12:0 a.m.14 views

cve-2026-41727 - MEDIUM - In Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behavior

cve-2026-41727 - MEDIUM - In Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behavior...

6.5CVSS6.1AI score0.0024EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 7:49 a.m.20 views

Malicious code in nhmpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34db1950ee9bdf9c75ae9bb2436085bbb443107321d8d7056a0bf3b8fae36978 The package is published as 'nhmpy' on PyPI but its contents are a verbatim copy of NumPy 2.4.6: the same source tree, docstrings, and license files...

6.1AI score
Exploits0References7
EUVD
EUVD
added 2026/06/06 9:31 a.m.6 views

EUVD-2025-26494

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Password Recovery Exploitation, Brute Force. This issue affects MyRezzta: from s2.03.01 before v2.05.01...

9.8CVSS5.4AI score0.00421EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/06 9:31 a.m.5 views

EUVD-2025-26341

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft QR Menu allows Authentication Bypass. This issue affects QR Menu: from s1.05.07 before v1.05.12...

8.6CVSS5.4AI score0.00325EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/06 6:30 a.m.7 views

EUVD-2025-26493

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass. This issue affects MyRezzta: from s2.03.01 before v2.05.01...

8.6CVSS5.4AI score0.00325EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.17 views

Malicious code in pantheon-agents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ee06d7aabbdf76969119c2f986e18bbc7f0dcac59ae9cae4f7a04798f2d083d The package installs pantheonagents-setup.pth into site-packages, which Python auto-executes at every interpreter startup broader than import-time,...

5.7AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.22 views

Malicious code in spateo-release (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21400e8510d0663de6c3a4454fe99d9200cb83ae8d1ecdc137c99f3668da4293 Versions 1.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...

5.5AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.25 views

Malicious code in mflux-streamlit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9924feddaacd4b86934ddc7bdf8ff498921a80b34bf99a9136baa592fcc504b6 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in ppkt2synergy (PyPI)

The package ppkt2synergy version 0.1.1 contains a malicious .pth file ppkt2synergy-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an...

6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.16 views

Malicious code in orchestr8-platform (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d9526ae43236ac15964b307175384455975ace26d8157ef3c41ed8db8192562 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.18 views

Malicious code in uprobe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82230ac4ef4464e9696491bf25cfabbd5cff78ab2256f4aa1a0d5ad7456218a8 The package installs uprobe-setup.pth, which Python auto-loads at every interpreter startup in any environment where the wheel is present. The.pth...

5.6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.20 views

Malicious code in pantheon-toolsets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3f2d24843d0caf23a36f07f7bd7b3adb7163463404856654f1745c7e75017be The wheel installs pantheontoolsets-setup.pth, which Python automatically executes at every interpreter startup before any user import. The.pth...

5.6AI score
Exploits0References7
OSV
OSV
added 2026/06/06 6:13 a.m.14 views

MAL-2026-5325 Malicious code in ray-mcp-server (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 278bed91803e9a6775f966913bab49658f82a589e086ce8413782418a4bc4833 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.16 views

Malicious code in executor-http (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cde4da7201fbc0dd3ae09240232f5767c2893e33977d6c8ee9071d15e79f0363 The package ships executorhttp-setup.pth, which Python auto-loads at interpreter start for any environment where the package is installed. The.pth fi...

5.7AI score
Exploits0References6
OSV
OSV
added 2026/06/06 6:13 a.m.12 views

MAL-2026-5278 Malicious code in spateo-release (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21400e8510d0663de6c3a4454fe99d9200cb83ae8d1ecdc137c99f3668da4293 Versions 1.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/06 6:13 a.m.13 views

MAL-2026-5285 Malicious code in ufish (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27371fa53e0e8e5e763b18b9bcadfd9b6991c720dd154d17bffeab0e7a139ef4 Versions 0.1.2, 0.1.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...

5.5AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.13 views

CVE-2025-2514

Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One...

5.3CVSS5.5AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.13 views

CVE-2026-2402

CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on a sequence of requests to multiple endpoints...

6.9CVSS5.6AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-22616

Eaton Intelligent Power Protector IPP software allows repeated authentication attempts against the web interface login page due to insufficient rate‑limiting controls. This security issue has been fixed in the latest version of Eaton IPP which is available on the Eaton download centre...

7.5CVSS5.4AI score0.00319EPSS
Exploits0References1
Rows per page
Query Builder