Malicious code in dcchbot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df79831d1b486c8ca704295b410cec7b66be85aa87c3244d97ff1e87f643183a The package performs multiple installer-hostile behaviors. 1 dcchbot/init.py auto-invokes run on import, which triggers interactive input prompts and...

Maestro 0.15.4

Maestro is a cross-platform desktop app for orchestrating your fleet of AI agents and projects. It's a high-velocity solution for hackers who are juggling multiple projects in parallel. Designed for power users who live on the keyboard and rarely touch the mouse. Collaborate with AI to create...

Malicious code in timemcp-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2370fd05b77259c6177d02a019d357a9e7773539588345fe4a5582a9582a1aa3 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

Maestro 0.15.3

Maestro is a cross-platform desktop app for orchestrating your fleet of AI agents and projects. It's a high-velocity solution for hackers who are juggling multiple projects in parallel. Designed for power users who live on the keyboard and rarely touch the mouse. Collaborate with AI to create...

Microsoft Windows Registry Editor Version 5.00 Malicious Registry File Generator

This script generates a malicious Windows Registration Entries .reg file designed to establish persistence on Windows systems. It creates a registry file that, when executed by a user, adds the attacker's payload to Windows auto-run registry keys. Written in PHP...

CVE-2026-22708

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

CVE-2026-22708

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

CVE-2026-22708

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

EUVD-2026-2678

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

CVE-2026-22708

CVE-2026-22708 affects Cursor (AI-enhanced code editor). Prior to version 2.3, when the Cursor Agent runs in Auto-Run mode with Allowlist enabled, certain shell built-ins can be executed without appearing in the allowlist or requiring user approval. This enables an attacker to perform indirect or...

CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

CVE-2026-22708 Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...

PT-2026-2918

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 2.3 Description Cursor is a code editor designed for programming with AI. When the Cursor Agent operates in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can be executed without appearing on the...

CVE-2025-59828 Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions

Claude Code is an agentic coding tool. Prior to Claude Code version 1.0.39, when using Claude Code with Yarn versions 2.0+, Yarn plugins are auto-executed when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins would be executed prior to t...

CVE-2010-20120 Maple <= v13 Maplet File Creation and Command Execution

Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...

CVE-2025-54131

Cursor is a code editor built for programming with AI. In versions below 1.3, an attacker can bypass the allow list in auto-run mode with a backtick or $cmd. If a user has swapped Cursor from its default settings requiring approval for every terminal call to an allowlist, an attacker can execute...

CVE-2025-54131 Cursor bypasses its allow list to execute arbitrary commands

Cursor is a code editor built for programming with AI. In versions below 1.3, an attacker can bypass the allow list in auto-run mode with a backtick or $cmd. If a user has swapped Cursor from its default settings requiring approval for every terminal call to an allowlist, an attacker can execute...

CVE-2025-48877

Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, Codepen is present in the default allowediframes site setting, and it can potentially auto-run arbitrary JS...

MAL-2025-191889 Malicious code in telepycore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dcd0a2a8162a703ef9d7b90566e4c55116a7f4f4d3b8759ca0d2640acd4ee4 Package can only be used requires additional triggering to install a remote executable, ensure it starts on logon and name mimic network service. Though...