Lucene search
K

486610 matches found

Github Security Blog
Github Security Blog
added 2026/06/10 7:33 p.m.11 views

Claude Code Action: Malicious MCP Server Configuration in PRs Enables Remote Code Execution and Secret Exfiltration

Due to the combination of checking out PR head branches attacker-controlled, reading .mcp.json from the working directory via default setting sources, and unconditionally enabling all project MCP servers via enableAllProjectMcpServers, it was possible for an attacker who opened a PR containing a...

6.3AI score0.00069EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/10 7:33 p.m.18 views

GHSA-8Q5R-MMJF-575Q Claude Code Action: Malicious MCP Server Configuration in PRs Enables Remote Code Execution and Secret Exfiltration

Due to the combination of checking out PR head branches attacker-controlled, reading .mcp.json from the working directory via default setting sources, and unconditionally enabling all project MCP servers via enableAllProjectMcpServers, it was possible for an attacker who opened a PR containing a...

5.3CVSS6.3AI score0.00069EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 6:46 p.m.12 views

Malicious code in chai-check-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e290b42de2cbd4aa74afa6550fc9a0381dfcb0f6996dcdc22254268b391f9f8 [email protected] impersonates the legitimate chaijs/check-error utility copied README, author metadata, repository URL, and exported API surfac...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/10 6:46 p.m.9 views

MAL-2026-5526 Malicious code in chai-check-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e290b42de2cbd4aa74afa6550fc9a0381dfcb0f6996dcdc22254268b391f9f8 [email protected] impersonates the legitimate chaijs/check-error utility copied README, author metadata, repository URL, and exported API surfac...

5.6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 6:44 p.m.17 views

Malicious code in check-error-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c25cbbb904c18028cac363ba66eb89d91301bd3204a8347834e52387b4b575e On require/import, index.js executes a top-level resolveConfig that reconstructs a URL from an XOR-obfuscated integer array, AES-256-CBC-decrypts it,...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/06/10 6:44 p.m.10 views

MAL-2026-5527 Malicious code in check-error-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c25cbbb904c18028cac363ba66eb89d91301bd3204a8347834e52387b4b575e On require/import, index.js executes a top-level resolveConfig that reconstructs a URL from an XOR-obfuscated integer array, AES-256-CBC-decrypts it,...

6.2AI score
Exploits0References6
NVD
NVD
added 2026/06/10 6:17 p.m.10 views

CVE-2026-46618

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...

6.9CVSS0.00364EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 6:16 p.m.12 views

CVE-2026-45062

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS0.00568EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 6:16 p.m.13 views

CVE-2026-20251

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the 'admin' or...

8.8CVSS0.00575EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/10 5:44 p.m.12 views

kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()

A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...

9.8CVSS6AI score0.00311EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/10 5:38 p.m.9 views

CVE-2026-45062 FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS6.2AI score0.00568EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 5:38 p.m.8 views

EUVD-2026-36075

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS6.2AI score0.00568EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 5:38 p.m.19 views

CVE-2026-45062

CVE-2026-45062 affects FrankenPHP (versions 1.11.2–1.12.2). The vulnerability arises in the CGI path splitting logic (splitPos in cgi.go), where fallback matching uses golang.org/x/text/search with ignore-case, and engages when the request path contains non-ASCII bytes. Two flaws enable an attack...

8.1CVSS6.2AI score0.00568EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 5:38 p.m.37 views

CVE-2026-45062 FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS0.00568EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 5:20 p.m.8 views

EUVD-2026-36093

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command...

6.9CVSS5.9AI score0.00364EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 5:16 p.m.8 views

EUVD-2026-36082

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the 'admin' or...

8.8CVSS5.8AI score0.00575EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/10 5:16 p.m.29 views

CVE-2026-20251 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the 'admin' or...

8.8CVSS0.00575EPSS
Exploits1References1
CVE
CVE
added 2026/06/10 5:16 p.m.57 views

CVE-2026-20251

CVE-2026-20251 affects Splunk Enterprise (versions below 10.2.4/10.0.7/9.4.12/9.3.13), Splunk Cloud Platform (below 10.3.2512.12/10.2.2510.14/10.1.2507.22/9.3.2411.132), and Splunk Secure Gateway (below 3.10.6/3.9.20/3.8.67). A low-privileged user (not admin/power) can achieve Remote Code Executi...

8.8CVSS5.8AI score0.00575EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/10 5:16 p.m.7 views

CVE-2026-20251 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the 'admin' or...

8.8CVSS5.8AI score0.00575EPSS
Exploits1References1
Wordfence Blog
Wordfence Blog
added 2026/06/10 4:53 p.m.12 views

Critical Unauthenticated Authentication Bypass Vulnerability Patched in UpdraftPlus WordPress Plugin

On June 2nd, 2026, we received a submission for a critical Unauthenticated Authentication Bypass vulnerability in UpdraftPlus, a WordPress plugin with more than 3 million active installations. Although the plugin has such a large install base, the vulnerability is only exploitable on sites that...

8.1CVSS7.8AI score0.03578EPSS
Exploits3
Rows per page
Query Builder