272042 matches found
ROS-20260618-73-0005
The vulnerability of the MSL Magick Scripting Language command in the console-based image editing tool ImageMagick is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...
📄 Grav CMS Zip Slip Remote Code Execution
This Metasploit module exploits a vulnerability in Grav CMS versions prior to 2.0.0-beta.2. The Direct Install feature in the Admin plugin allows administrators to upload plugins as ZIP files...
📄 Microsoft Windows Defender MsMpEng.exe Race Condition / Privilege Escalation
A race condition exists between Windows Defender's MpCleanCallbackFunction cleanup routine and Volume Shadow Copy creation. This vulnerability allows an attacker to escalate privileges to NT AUTHORITY\SYSTEM. This Metasploit module demonstrates the issue...
📄 WordPress PickPlugins 2.0.46 OTP Bypass
WordPress PickPlugins plugin version 2.0.46 proof of concept user verification OTP authentication bypass exploit. ================================================================================================================================== | Title : WordPress PickPlugins 2.0.46 User...
📄 Wing FTP Server 8.1.2 Remote Code Execution via Session Poisoning
This proof of concept remote code execution exploit abuses a flaw in how Wing FTP Server handles admin session serialization, specifically the mydirectory basefolder field. Version 8.1.2 is affected...
📄 Wing FTP Server 8.1.2 Authenticated Remote Code Execution
Wing FTP Server versions prior to 8.1.3 allows authenticated administrators to execute arbitrary Lua code on the server. ================================================================================================================================== | Title : Wing FTP Server 8.1.2 - Authenticat...
Rclone 1.46.x < 1.74.3 Unauthenticated Command Execution
The version of Rclone installed on the remote host is 1.46.x prior to 1.74.3. It is, therefore, affected by an unauthenticated command execution vulnerability: - rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form /remote:path/object. The remote value is parse...
Security update for perl-GD (important)
openSUSE Security Update: Security update for perl-GD Announcement ID: openSUSE-SU-2026:0209-1 Rating: important References: 1268240 Cross-References: CVE-2026-11526 CVSS scores: CVE-2026-11526 SUSE: 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP7...
Crypto Clipper uses Tor and worm-like propagation for persistence and control
In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. References 4. Learn more Microsoft Threat Intelligence and Microsoft Defender Experts identified a Windows-based cryptocurrency clipper that has affected users since February of 2026. Clipper malware relies on...
CVE-2026-48997
e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...
Malicious code in ai-chat-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39a12d35a8713a8f63eaf342901214a7f53fa396b9ee8218d246e5e0db7b6318 collect.js performs system reconnaissance and exfiltration to a hardcoded attacker-controlled host. The script imports childprocess, os, fs, http, an...
MAL-2026-6086 Malicious code in ai-chat-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39a12d35a8713a8f63eaf342901214a7f53fa396b9ee8218d246e5e0db7b6318 collect.js performs system reconnaissance and exfiltration to a hardcoded attacker-controlled host. The script imports childprocess, os, fs, http, an...
Malicious code in @hotcappuccino/nodepull (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e9bbd7a5cb25d0863ef140b42a7ab2abec1e921e18669eef3f07a91c3d6d99 @hotcappuccino/[email protected] ships a single index.js the package's declared main that is wrapped in an obfuscator.io string-array +...
MAL-2026-6085 Malicious code in @hotcappuccino/nodepull (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42e9bbd7a5cb25d0863ef140b42a7ab2abec1e921e18669eef3f07a91c3d6d99 @hotcappuccino/[email protected] ships a single index.js the package's declared main that is wrapped in an obfuscator.io string-array +...
EUVD-2026-37810
e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...
CVE-2026-48997 e107: Command Injection via shell expansion in ImageMagick resize destination path
e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...
CVE-2026-48997
CVE-2026-48997 affects e107 CMS
CVE-2026-48997 e107: Command Injection via shell expansion in ImageMagick resize destination path
e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...
Malicious code in boardflow (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a7f48df7609edb5bab9d9e572f093994d071165578a58032a69392d62b08b86 On pip install boardflow, setup.py spawns a background thread that fetches http://pooron.org/test.exe over plain HTTP into the OS temp directory and...
MAL-2026-6080 Malicious code in boardflow (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a7f48df7609edb5bab9d9e572f093994d071165578a58032a69392d62b08b86 On pip install boardflow, setup.py spawns a background thread that fetches http://pooron.org/test.exe over plain HTTP into the OS temp directory and...