1242 matches found
Malicious code in livekit-agents (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5abf921f58c69745fee91e812853b493a282f3d42f55db38516ba54b827ea35b The unscoped npm package livekit-agents advertises itself in README as the official LiveKit Agents SDK and links to livekit.io documentation, but the...
MAL-2026-6555 Malicious code in livekit-agents (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5abf921f58c69745fee91e812853b493a282f3d42f55db38516ba54b827ea35b The unscoped npm package livekit-agents advertises itself in README as the official LiveKit Agents SDK and links to livekit.io documentation, but the...
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the moniker StrikeShark , said the...
CVE-2026-53113
A flaw was found in the Linux kernel's ath11k Wi-Fi driver. Specifically, the ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid functions, responsible for setting up beacon templates, fail to release allocated memory when an error occurs during parameter setup. This oversight can lead to...
MAL-2026-6512 Malicious code in react-context-form-tdsss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a53e75a65681ee9ea818634ddee1ed52c6c8398dbd68e2b6abca255b24aaf37 [email protected] is a dependency-confusion payload. package.json declares scripts.preinstall="node index.js", and index.js issues an...
MAL-2026-6480 Malicious code in gx-npm-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e919710d2f28ec776b8165821ebe2fbe480c1e432ec9416c7b73bd1315ee6a6e Package published at version 99.99.99 under a generic name gx-npm-lib — the canonical dependency-confusion shape used to overshadow internal packages...
MAL-2026-6466 Malicious code in gx-npm-feature-flags (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fcad1b944d9ceb92389673398df9f471911a788fe608774a3298c69900bb1c7 [email protected] is a dependency-confusion squat max-semver 99.99.99 on a gx--prefixed name to outrank a private internal package that...
Linux Distros Unpatched Vulnerability : CVE-2026-53113
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon...
CVE-2026-53113
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...
CVE-2026-53113 wifi: ath11k: fix memory leaks in beacon template setup
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...
CVE-2026-53113
The CVE-2026-53113 entry concerns the Linux kernel wifi driver ath11k, where beacon template setup functions ath11k_mac_setup_bcn_tmpl_ema() and ath11k_mac_setup_bcn_tmpl_mbssid() allocate memory for beacon templates but fail to release it on error. The issue is addressed by implementing unified ...
EUVD-2026-38981
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...
EUVD-2026-38980
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irqpreparebcntasklet The irqpreparebcntasklet is initialized in rtlpciinit and scheduled when RTLIMRBCNINT interrupt is triggered by hardware. But it is never...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtw88: Fixed an alignment fault in rtwcoreenablebeacon. The rtwcoreenablebeacon function reads 4 bytes from an address that is not a multiple of 4. This results in a crash on some systems. Instead, only 1 byte is...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames sent to non-broadcast addresses Beacon frames are required to be sent to the broadcast address. See IEEE Std 802.11-2020, 11.1.3.1: “The ‘Address 1’ field of the Beacon frame shall be set to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed an out-of-bounds read during the parsing of the OnBeacon Extended Supported Rates ESR extension. The handling of the ESR extension during the OnBeacon phase involves accessing p + 1 + ielen and p + 2 +...
Malicious code in hs-locale-management (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2adb7ba5ebcb66930ae574353088696c939ed6e677c12437e78de7166e96b932 Package self-identifies in package.json as a dependency-confusion proof-of-concept targeting HubSpot's internal hs-locale-management namespace,...
MAL-2026-6394 Malicious code in hs-locale-management (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2adb7ba5ebcb66930ae574353088696c939ed6e677c12437e78de7166e96b932 Package self-identifies in package.json as a dependency-confusion proof-of-concept targeting HubSpot's internal hs-locale-management namespace,...
PT-2026-52006
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the rtlwifi PCI component. The irq prepare bcn tasklet is initialized in rtl pci init and scheduled upon a RTL IMR BCNINT hardware interrupt. Because thi...
PT-2026-52007
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the ath11k wifi driver during beacon template setup. The functions ath11k mac setup bcn tmpl ema and ath11k mac setup bcn tmpl mbssid allocate memory for beacon...