Malicious code in devops-debug-tool-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d30d25ee7c0447913c62771e8ddcec556db40753e2133f73ec7613939b5ca35c The package devops-debug-tool-ctf was found to contain malicious code...

MAL-2026-2755 Malicious code in devops-debug-tool-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d30d25ee7c0447913c62771e8ddcec556db40753e2133f73ec7613939b5ca35c The package devops-debug-tool-ctf was found to contain malicious code...

EUVD-2017-8714

Malware in sbrugna...

EUVD-2022-40726

Malicious code in bioql PyPI...

EUVD-2025-3342

Malicious code in bioql PyPI...

EUVD-2024-45903

Malicious code in bioql PyPI...

CVE-2025-10433

A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been...

CVE-2025-59144 [email protected] contains malware after npm account takeover

debug is a JavaScript debugging utility. On 8 September 2025, the npm publishing account for debug was taken over after a phishing attack. Version 4.4.2 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency...

CVE-2025-10433

A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been...

CVE-2025-10433

A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been...

CVE-2025-10433 1Panel-dev MaxKB debug deserialization

A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been...

CVE-2025-10433

1Panel-dev MaxKB versions up to 2.0.2/2.1.0 are affected by a vulnerability in the handling of the file /admin/api/workspace/default/tool/debug, where manipulation of the code argument can lead to a deserialization attack. The issue is exploitable remotely and has publicly disclosed proofs of con...

CVE-2025-10433 1Panel-dev MaxKB debug deserialization

A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been...

MaxKB 代码问题漏洞

MaxKB is 1Panel-dev open source an open source knowledge base question and answer system based on large language model and RAG. A code issue vulnerability exists in MaxKB version 2.0.2 and earlier and version 2.1.0, which stems from the incorrect manipulation of the parameter code in the file...

PT-2025-37458

Name of the Vulnerable Software and Affected Versions: 1Panel-dev MaxKB versions up to 2.0.2 and 2.1.0 Description: A vulnerability exists in 1Panel-dev MaxKB due to improper processing of files. Specifically, the file /admin/api/workspace/default/tool/debug is susceptible to manipulation of the...

PT-2025-36970

Name of the Vulnerable Software and Affected Versions: NVIDIA NVDebug tool affected versions not specified Description: The NVIDIA NVDebug tool contains an issue that may allow an actor to gain access to a privileged account. A successful exploit may lead to code execution, denial of service,...

VulnCheck KEV: CVE-2024-10586

The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...

CVE-2025-23684

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Tool: from n/a through = 2.2...

CVE-2024-10588

The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to obtain information from...

CVE-2023-22344

Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to obtain the password of the debug tool and execute it. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22336...