145598 matches found
Malicious code in lynx-keeper-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cebbf0e6cc5a35eea6e6869d295d072526b6ff7d566c49bc80f15952138cf88 lynx-keeper-cli ships a heavily obfuscated payload in dist/index.js that runs at require time. After a CI-evasion gate that aborts when...
MAL-2026-4497 Malicious code in bingocode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78f3d873e7c4d16629263bb242a2636f18747d5dd096b614fb3cf43a56d2dc8e The package declares bin.claude pointing at bin/claude-win.cjs and bin/claude on Linux/macOS. After npm i -g bingocode, the claude command on PATH is...
CVE-2026-39828
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
EUVD-2026-31394
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
CVE-2026-39828
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
SUSE CVE-2026-8632
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection...
SUSE CVE-2026-44076
Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-33000
A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
Exploit for Command Injection in Exiftool_Project Exiftool
⚠️ Security Research & Legal Disclaimer 📌 Purpose of This...
CVE-2026-33000
A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-33000
Summary: CVE-2026-33000 affects UniFi OS devices and stems from an Improper Input Validation that enables a Command Injection. An attacker with network access and high privileges could exploit this with no user interaction to achieve potentially high impact on confidentiality, integrity, and avai...
EUVD-2026-31385
A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-33000
A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
EUVD-2026-31382
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-34910
CVE-2026-34910 affects UniFi OS devices and stems from an Improper Input Validation vulnerability that allows a Command Injection . The connected records specify a network-adjacent attacker could exploit this with no user interaction, leading to high impact on confidentiality, integrity, and avai...
CVE-2026-33000
A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...