EUVD-2026-30510

VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...

CVE-2026-41702 TOCTOU local privilege escalation vulnerability

VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...

Linux Distros Unpatched Vulnerability : CVE-2026-44673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffe...

MalwarePT: A Binary-Level Foundation Model for Malware Analysis

Automated malware analysis increasingly relies on machine learning, yet most existing methods remain task-specific and depend on handcrafted features or narrowly scoped models. Recent developments in binary-level foundation models suggest a path toward reusable program representations, but their...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound through the lybreadstring function in src/parserlyb.c when parsing a specially crafted LYB binary blob. An attacker can cause a crash or corrupt the heap by supplying malicious LYB data to a consumer of th...

CVE-2026-6811

Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...

CVE-2026-6811

Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server...

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

Malicious code in sysbin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ab8ea4ce073a93a1973a062ac7661ceeaea9c312f9fd67e9acda9936e2b6578 Package metadata advertises sysbin as a 'System binary configuration tool' but the tarball ships pointer.py, a stealth overlay that runs automaticall...

MAL-2026-3770 Malicious code in prisma-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aab2820bfb9036995418ba2b36887f8970d7deaa69d8bc4aa24e36266bf18d1 [email protected] is a name-confusion package against the genuine prisma ORM. Its package.json declares "preinstall":...

MAL-2026-3767 Malicious code in node-ci-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1593e77b5e2763e7ace49c239accedfe30209faea11bc07cf3901a7253798444 On require'node-ci-utils', index.js runs a top-level init that, on Linux, creates a hidden directory /.local/share/.nodecache/, downloads an opaque...

Malicious code in node-ci-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1593e77b5e2763e7ace49c239accedfe30209faea11bc07cf3901a7253798444 On require'node-ci-utils', index.js runs a top-level init that, on Linux, creates a hidden directory /.local/share/.nodecache/, downloads an opaque...

MAL-2026-3776 Malicious code in typography-stylecss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4eeb50f69746fd21696baaa7d3534bbd22489edb037742ca591d49ca88981f70 The package impersonates the legitimate @tailwindcss/typography plugin: README, src/index.js, src/utils.js, and src/styles.js are copied verbatim fro...

Malicious code in typography-stylecss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4eeb50f69746fd21696baaa7d3534bbd22489edb037742ca591d49ca88981f70 The package impersonates the legitimate @tailwindcss/typography plugin: README, src/index.js, src/utils.js, and src/styles.js are copied verbatim fro...

MongoDB PHP Driver 安全漏洞

The MongoDB PHP Driver is an open-source driver developed by MongoDB for PHP applications, enabling connection to MongoDB databases. The MongoDB PHP Driver has a security vulnerability that stems from a stack overflow issue when processing deeply nested BSON documents, which may lead to applicati...

PT-2026-41121

Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.15 Description The lyb read string function in src/parser lyb.c contains an integer overflow. This occurs when parsing a maliciously crafted LYB binary blob, leading to a heap buffer overflow. An attacker capable ...

Veritas: A Semantically Grounded Agentic Framework for Memory Corruption Vulnerability Detection in Binaries

Detecting memory corruption vulnerabilities in stripped binaries requires recovering object semantics, interprocedural propagation, and feasible triggers from low-level, lossy representations. Recent LLM-based approaches improve code understanding, but reliable detection still requires grounding ...

CVE-2026-44288

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs includes a minimal UTF-8 decoder that accepted overlong UTF-8 byte sequences and decoded them to their canonical characters instead of replacing them. An attacker who can provide protobuf...

CVE-2026-44288

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs includes a minimal UTF-8 decoder that accepted overlong UTF-8 byte sequences and decoded them to their canonical characters instead of replacing them. An attacker who can provide protobuf...

CVE-2026-45185

A flaw was found in Exim. An unauthenticated remote attacker could exploit a use-after-free vulnerability in the BDAT body parsing path when a client sends a TLS closenotify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap...