3087 matches found
MAL-2026-2272 Malicious code in solana-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0a22ac83bdfd88312e7d422a0e3c27531ccdb7a6c6e4afa1ae513bb9aecf41f Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
Malicious code in solana-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0a22ac83bdfd88312e7d422a0e3c27531ccdb7a6c6e4afa1ae513bb9aecf41f Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
MAL-2026-2268 Malicious code in gemini-ai-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 db2be37ea455b54b825242a3f66310fdf3f70e50b1dc1a234fa3ebb534afa857 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
Malicious code in gemini-ai-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 db2be37ea455b54b825242a3f66310fdf3f70e50b1dc1a234fa3ebb534afa857 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
MAL-2026-2245 Malicious code in requests-testik111 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 72561775d8d7a7c1e47c83f2a7e13ed9eeb776d05ca6924cfcceaca7cad0cfef Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
Malicious code in fluxhttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2669b72303bd592ba1633febc04bca1f0a8804d8546baf21b5f3f12baaa80f29 Malicious clone of a legitimate package. When using it, the code attempts to download and execute remote code. In on of the incarnations, the malicious code wa...
MAL-2026-2244 Malicious code in fluxhttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2669b72303bd592ba1633febc04bca1f0a8804d8546baf21b5f3f12baaa80f29 Malicious clone of a legitimate package. When using it, the code attempts to download and execute remote code. In on of the incarnations, the malicious code wa...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
CVE-2026-33632
CVE-2026-33632 (ClearanceKit) : macOS component ClearanceKit previously did not intercept two file-operation events (ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE) in its opfilter extension, enabling local processes to bypass per-process file-access policies. The patch in commit 61...
CVE-2026-33632 ClearanceKit: opfilter policy bypass via exchangedata and clone operations
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...
CVE-2026-33632 ClearanceKit: opfilter policy bypass via exchangedata and clone operations
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...
CVE-2026-33632 ClearanceKit: opfilter policy bypass via exchangedata and clone operations
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...
CVE-2026-2917
The Happy Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.21.0 via the haduplicatething admin action handler. This is due to the canclone method only checking currentusercan'editposts' a general capability without...
CVE-2025-66413
Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the user's account name and password. This vulnerability is...
CVE-2026-33478
WWBN AVideo is an open source video platform. In versions up to and including 26.0, multiple vulnerabilities in AVideo's CloneSite plugin chain together to allow a completely unauthenticated attacker to achieve remote code execution. The clones.json.php endpoint exposes clone secret keys without...
CVE-2026-33293
WWBN AVideo is an open source video platform. Prior to version 26.0, the deleteDump parameter in plugin/CloneSite/cloneServer.json.php is passed directly to unlink without any path sanitization. An attacker with valid clone credentials can use path traversal sequences e.g., ../../ to delete...
Malicious code in lightmock (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a3c7924362f935b55a808e1ede8ffea2dbc96326b853dc00d7ede36c002ff63c Clone of a legitimate package. During import, heavily obfuscate code downloads next stages and finally exfiltrates sensitive data, including data from web...
MAL-2026-2233 Malicious code in lightmock (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a3c7924362f935b55a808e1ede8ffea2dbc96326b853dc00d7ede36c002ff63c Clone of a legitimate package. During import, heavily obfuscate code downloads next stages and finally exfiltrates sensitive data, including data from web...