EUVD-2026-34188

Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

MAL-2024-12291 Malicious code in instacart-roulette-daemon-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3b808e86bd3e62945973ac3b25e0f07437a3031a13b6dd2a0567eba90a63821 During installation, the obfuscated code attempts to exfiltrate basic information about the host. There is no other purpose of the package --- Category:...

Malicious code in instacart-roulette-daemon-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3b808e86bd3e62945973ac3b25e0f07437a3031a13b6dd2a0567eba90a63821 During installation, the obfuscated code attempts to exfiltrate basic information about the host. There is no other purpose of the package --- Category:...

Information Disclosure

kotlin-daemon-client is vulnerable to information disclosure. The vulnerability exists due to the insecure file permissions used in temporary file creation, allowing a malicious user to read the data and list directories...