Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded yesterday8 views

CVE-2026-54323

CVE-2026-54323 describes a vulnerability in Daytona prior to 0.185.0 where the daemon’s git clone path disabled TLS certificate verification. When a clone carried Git credentials, the daemon sent the HTTP Basic Authorization header to the remote over an unvalidated TLS connection on both the go-g...

5.9CVSS6.4AI score0.00015EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/05/09 2:42 a.m.6 views

SUSE CVE-2026-42284

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but aft...

9.8CVSS5.7AI score0.00571EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2026/04/17 9:32 p.m.9 views

Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing

Executive Summary This report documents a critical security research finding in the compressing npm package specifically tested on the latest v2.1.0. The core vulnerability is a Partial Fix Bypass of CVE-2026-24884. The current patch relies on a purely logical string validation within the...

8.4CVSS6AI score0.00334EPSS
Exploits2References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/27 4:39 p.m.5 views

Malicious code in gemini-ai-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 db2be37ea455b54b825242a3f66310fdf3f70e50b1dc1a234fa3ebb534afa857 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
Snyk
Snykadded 2026/03/07 8:3 p.m.4 views

Remote Code Execution (RCE)

Overview org.webjars.npm:simple-git is an A light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --conf...

9.8CVSS9.4AI score0.02784EPSS
Exploits2References2
Packet Storm News
Packet Storm Newsadded 2025/11/14 12:0 a.m.3 views

Automated Side-Channel Analysis of Cryptographic Protocol Implementations

We extract the first formal model of WhatsApp from its implementation by combining binary-level analysis via CryptoBap with reverse engineering via Ghidra to handle this large closed-source application. Using this model, we prove forward secrecy, identify a known clone-attack against...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTECadded 2019/02/05 12:0 a.m.4 views

The vulnerability of the “git clone” function in a distributed version control system like Git allows a perpetrator to execute arbitrary code.

The vulnerability of the “git clone” function in a distributed version control system like Git is related to the improper handling of the recursive “git clone” command applied to a supersource project where the .gitmodules file contains an field with a URL starting with the symbol “-”. Exploiting...

9.8CVSS8.1AI score0.97356EPSS
Exploits12References6Affected Software1
Rows per page
Query Builder