Lucene search
K

391 matches found

Cvelist
Cvelist
added 2026/06/12 11:52 a.m.31 views

CVE-2026-47197 Quest Bot: Discord moderation role hierarchy bypass in ban, kick, mute, unmute, warn, and nickname commands

Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, a moderator with the relevant Discord permission bit can use the bot to moderate users above them in the Discord role hierarchy, as long as the bot itself outranks the target. This bypasses Discord’s normal role hierarchy protections...

7.2CVSS0.00228EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 9:16 p.m.13 views

CVE-2026-49136

Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...

8.7CVSS0.00417EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/01 7:9 p.m.9 views

CVE-2026-49136 Banana Slides 0.4.0 Path Traversal via generate_image() in ai_service.py

Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...

8.7CVSS5.9AI score0.00417EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:9 p.m.10 views

CVE-2026-49136

Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...

8.7CVSS5.9AI score0.00417EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/01 7:9 p.m.27 views

CVE-2026-49136 Banana Slides 0.4.0 Path Traversal via generate_image() in ai_service.py

Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...

8.7CVSS0.00417EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

banana-slides 路径遍历漏洞

banana-slides is an AI-based PPT generation application developed by Anion. Versions of banana-slides 0.4.0 and earlier have a path traversal vulnerability. This vulnerability stems from a path traversal issue in the AI service’s backend function, generateimage. Due to the use of os.path.startswi...

8.7CVSS5.3AI score0.00417EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 1:15 p.m.11 views

Malicious code in banana-stand (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab14273a518e66f357d229806e82cb2f4ce211cae4bc5de0f2d15eeab67fb720 On npm install, the package's install lifecycle hook runs node index.js, which loads lib/core.js. That module reads os.userInfo.username, os.hostname...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/20 1:15 p.m.8 views

MAL-2026-4495 Malicious code in banana-stand (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab14273a518e66f357d229806e82cb2f4ce211cae4bc5de0f2d15eeab67fb720 On npm install, the package's install lifecycle hook runs node index.js, which loads lib/core.js. That module reads os.userInfo.username, os.hostname...

5.8AI score
Exploits0References1
HackRead
HackRead
added 2026/05/20 9:14 a.m.16 views

Banana RAT Malware in Fake Invoices Hits Customers at 16 Brazilian Banks

Banana RAT malware hidden in fake invoices and security update screens targets customers at 16 Brazilian banks stealing data with QR fraud...

5.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/05/19 12:0 a.m.15 views

Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud

In this blog entry, researchers from the TrendAI™ MDR team discuss how they mapped the full end-to-end operation of SHADOW-WATER-063’s Banana RAT banking malware by analyzing server-side artifacts and victim-side data...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/01/22 4:16 p.m.20 views

CVE-2026-23764 VB-Audio Voicemeeter & Matrix Drivers DoS via Corrupted IoAllocateMdl Length

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...

6.8CVSS0.00139EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

VB-Audio’s various products have security vulnerabilities

VB-Audio Voicemeeter and VB-Audio Matrix are products of the French company VB-Audio. VB-Audio Voicemeeter is a virtual audio mixer software. VB-Audio Matrix is a real-time audio routing software. Several VB-Audio products have security vulnerabilities; these vulnerabilities stem from the exposur...

6.8CVSS5.8AI score0.00139EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-5068

Malware in sbrugna...

7.5CVSS6.4AI score0.01118EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-4359

Malware in sbrugna...

5.8CVSS6.4AI score0.01739EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-5075

Malware in sbrugna...

7.5CVSS6.4AI score0.01311EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-5165

Malware in sbrugna...

6.8CVSS6.1AI score0.02537EPSS
Exploits5References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-5076

Malware in sbrugna...

4.3CVSS6.4AI score0.00931EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-5167

Malware in sbrugna...

7.5CVSS6.1AI score0.015EPSS
Exploits5References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.4 views

Malicious code in golf-alpha-banana-oyueb (npm)

The package golf-alpha-banana-oyueb was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.3 views

Malicious code in banana-lemon-ugli-ghlkk (npm)

The package banana-lemon-ugli-ghlkk was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder