390 matches found
CVE-2026-49136
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
CVE-2026-49136 Banana Slides 0.4.0 Path Traversal via generate_image() in ai_service.py
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
CVE-2026-49136 Banana Slides 0.4.0 Path Traversal via generate_image() in ai_service.py
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
CVE-2026-49136
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
Banana-slides path traversal vulnerability
banana-slides is an AI-based PPT generation application developed by Anion. Versions of banana-slides 0.4.0 and earlier have a path traversal vulnerability. This vulnerability stems from a path traversal issue in the AI service’s backend function, generateimage. Due to the use of os.path.startswi...
Malicious code in banana-stand (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab14273a518e66f357d229806e82cb2f4ce211cae4bc5de0f2d15eeab67fb720 On npm install, the package's install lifecycle hook runs node index.js, which loads lib/core.js. That module reads os.userInfo.username, os.hostname...
MAL-2026-4495 Malicious code in banana-stand (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab14273a518e66f357d229806e82cb2f4ce211cae4bc5de0f2d15eeab67fb720 On npm install, the package's install lifecycle hook runs node index.js, which loads lib/core.js. That module reads os.userInfo.username, os.hostname...
Banana RAT Malware in Fake Invoices Hits Customers at 16 Brazilian Banks
Banana RAT malware hidden in fake invoices and security update screens targets customers at 16 Brazilian banks stealing data with QR fraud...
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
In this blog entry, researchers from the TrendAI™ MDR team discuss how they mapped the full end-to-end operation of SHADOW-WATER-063’s Banana RAT banking malware by analyzing server-side artifacts and victim-side data...
CVE-2026-23764 VB-Audio Voicemeeter & Matrix Drivers DoS via Corrupted IoAllocateMdl Length
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...
VB-Audio’s various products have security vulnerabilities
VB-Audio Voicemeeter and VB-Audio Matrix are products of the French company VB-Audio. VB-Audio Voicemeeter is a virtual audio mixer software. VB-Audio Matrix is a real-time audio routing software. Several VB-Audio products have security vulnerabilities; these vulnerabilities stem from the exposur...
EUVD-2005-4359
Malware in sbrugna...
EUVD-2011-5068
Malware in sbrugna...
EUVD-2011-5076
Malware in sbrugna...
EUVD-2011-5075
Malware in sbrugna...
EUVD-2012-5167
Malware in sbrugna...
EUVD-2012-5165
Malware in sbrugna...
Malicious code in kilo-november-banana-ykktm (npm)
The package kilo-november-banana-ykktm was found to contain malicious code...
MAL-2025-44870 Malicious code in kilo-november-banana-ykktm (npm)
The package kilo-november-banana-ykktm was found to contain malicious code...
Malicious code in golf-alpha-banana-oyueb (npm)
The package golf-alpha-banana-oyueb was found to contain malicious code...