113 matches found
CVE-2026-33976 Notesnook vulnerable to RCE via stored XSS in Web Clipper rendering
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the desktop app. The root cause is that the clipper preserves attacker-controlled attributes from the sourc...
PT-2026-28580
Name of the Vulnerable Software and Affected Versions Notesnook versions prior to 3.3.11 Web/Desktop Notesnook versions prior to 3.3.17 Android/iOS Description Notesnook is a note-taking app. Prior to versions 3.3.11 Web/Desktop and 3.3.17 Android/iOS, a stored Cross-Site Scripting XSS issue exis...
Notesnook ไปฃ็ ๆณจๅ ฅๆผๆด
Notesnook is an end-to-end encrypted note application developed by Streetwriters. There were code injection vulnerabilities in versions of Notesnook Web/Desktop prior to 3.3.11, as well as in versions for Android/iOS prior to 3.3.17. These vulnerabilities stemmed from a stored-xss vulnerability...
Amadey Exploiting Self-Hosted GitLab to Distribute StealC
Amadey Exploiting Self-Hosted GitLab to Distribute StealC By Rahul Sharma ยท December 18, 2025 Executive summary Amadey is a malware loader that has been active since 2018, primarily used to distribute second-stage payloads and infostealers. While Amadey has been previously known to distribute...
EUVD-2001-0584
Malware in sbrugna...
EUVD-2015-0880
Malware in sbrugna...
EUVD-2021-14833
Malware in sbrugna...
EUVD-2019-4186
Malware in sbrugna...
EUVD-2018-4080
Malware in sbrugna...
CVE-2024-23745
In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...
CVE-2021-28134
Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API...
CVE-2018-12101
CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. "One such project, officepackage, on the mai...
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users
Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with the goal of facilitating financial fraud. Clipper malware, also called ClipBankers, is a type of malware that Microsoft calls cryware, which comes with...
Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer
Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. "Adversaries had managed to trick users into downloading password-protected archive...
Deceptive Crypto Sites A Breeding Ground for XPhase Clipper
Summary: A global malware campaign is actively targeting cryptocurrency enthusiasts, employing deceptive websites that masquerade as authentic cryptocurrency applications and ultimately leading to the execution of the XPhase Clipper payload. Threat Level - Amber | Attack Report For a detailed...
CVE-2024-23745
In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...
CVE-2024-23745
In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...
Design/Logic Flaw
In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...
Notion Web Clipper Command Injection Vulnerability
Notion is an application from Notion that integrates notes, knowledge base, data forms, Kanban, calendars, and many other capabilities into one application. A command injection vulnerability exists in Notion Web Clipper version 1.0.3, which stems from a NIB file that can be manipulated to execute...