Lucene search
+L

262 matches found

SUSE CVE
SUSE CVE
added 2026/05/15 1:58 a.m.8 views

SUSE CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

9.6CVSS6.3AI score0.00386EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2026/05/14 10:47 a.m.15 views

Why Malwarebytes blocks some Yahoo Mail redirects

Some Malwarebytes users have recently noticed frequent web protection alerts while reading email in Yahoo Mail’s web interface. These alerts are caused by background connections from the Yahoo Mail page to a set of third‑party domains that our products and other security tools currently classify ...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-42557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTM...

9.6CVSS6.4AI score0.00386EPSS
Exploits0References3
OSV
OSV
added 2026/05/13 4:16 p.m.5 views

DEBIAN-CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

9.6CVSS6.3AI score0.00386EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 4:16 p.m.9 views

CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

9.6CVSS0.00386EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/13 4:16 p.m.9 views

CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

9.6CVSS6.3AI score0.00386EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 4:16 p.m.10 views

UBUNTU-CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

9.6CVSS6.3AI score0.00386EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/13 3:6 p.m.7 views

CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

9.6CVSS6.3AI score0.00386EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:6 p.m.6 views

CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

8.6CVSS6.3AI score0.00386EPSS
Exploits0References2Affected Software2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:42 a.m.16 views

Malicious code in enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cefeea627aa1a0cc84aeedff1db0ae88ebf61b233bb9b20fa82b0a5fd0737cbf The distribution is published as enhancer but installs modules under the top-level safety namespace setup.py declares namespacepackages='safety' and...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/12 7:42 a.m.9 views

MAL-2026-3691 Malicious code in enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cefeea627aa1a0cc84aeedff1db0ae88ebf61b233bb9b20fa82b0a5fd0737cbf The distribution is published as enhancer but installs modules under the top-level safety namespace setup.py declares namespacepackages='safety' and...

5.9AI score
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Office PowerPoint 访问控制错误漏洞

Microsoft Office PowerPoint is a software tool developed by the American company Microsoft for creating presentation documents PPTs. Microsoft Office PowerPoint has a security vulnerability related to access control. Attackers can exploit this vulnerability to carry out deceptive attacks...

7.1CVSS5.8AI score0.00292EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft Word 访问控制错误漏洞

Microsoft Word is a word processing software within the Office suite developed by the American company Microsoft. There is an access control error vulnerability in Microsoft Word. Attackers exploit this vulnerability to carry out deceptive attacks...

7.1CVSS5.8AI score0.00292EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.9 views

Skill Description Deception Attack against Task Routing in Internet of Agents

A new paradigm, Internet of Agents IoA, is transforming networked systems into LLM-driven service networks, where heterogeneous agents collaborate through task routing based on their self-declared skill descriptions. Although this promising paradigm enables agentic, distributed, and advanced...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/03 4:11 p.m.4 views

MAL-2026-2456 Malicious code in strapi-plugin-core (npm)

strapi-plugin-core is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology. I...

6AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2026/04/01 2:27 p.m.8 views

WhatsApp on Windows users targeted in new campaign, warns Microsoft

Microsoft researchers found a campaign that abuses WhatsApp attachments to sneak a script onto Windows machines which will lead to the attacker gaining remote control. WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices. Desktop...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/12 9:56 a.m.10 views

Meta rolls out anti-scam tools across WhatsApp, Facebook, and Messenger

Meta has rolled out more anti-scam protections across WhatsApp, Facebook, and Messenger to fight sophisticated fraud tactics. The features will help stop celebrity impersonators and brand spoofers from defrauding its users, the company said. Meta is also targeting attackers who exploit legitimate...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.9 views

Microsoft Azure IoT Explorer 代码问题漏洞

Microsoft Azure IoT Explorer is a free and open-source desktop application developed by Microsoft Corporation. There are code-related vulnerabilities in Microsoft Azure IoT Explorer. Attackers exploit these vulnerabilities to carry out deceptive attacks...

7.5CVSS5.8AI score0.01046EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.9 views

Microsoft Windows App Installer 数据伪造问题漏洞

The Microsoft Windows App Installer is a tool provided by Microsoft Corporation for use with the Windows 10 and Windows 11 operating systems. It allows users to easily install applications by double-clicking .msix or .msixbundle files. This tool supports installation from websites, optional...

5.9CVSS5.8AI score0.00297EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/03/05 12:0 a.m.8 views

New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages

The BoryptGrab campaign uses fake SEO‑optimized GitHub repositories and deceptive download pages to distribute a data‑stealing malware family that delivers multiple payloads, including a reverse SSH backdoor, to Windows users...

5.9AI score
Exploits0
Rows per page
Query Builder