CVE-2026-40035

Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by default. The debug configuration value is read as a string and passed directly to app.run, causing any non-empty string to evaluate truthy, allowing attackers to access th...

CVE-2025-36753

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

Malicious code in default-debug (npm)

The package default-debug was found to contain malicious code...

MAL-2025-18178 Malicious code in default-debug (npm)

The package default-debug was found to contain malicious code...

brick (=0.0.0), brick-node (>=0.0.8 <=0.0.17) +20 more potentially affected by unknown CVE via default-debug (>=0.0.0 <=2.0.0)

default-debug NPM version =0.0.0, =0.0.8, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-18178...

Cisco Catalyst Passive Optical Network Series Switches 信任管理问题漏洞

Cisco Catalyst Passive Optical Network Series Switches Catalyst Pon Series Switches is a series of high-performance, simple and easy-to-maintain switches from Cisco. Used to provide competitive network solutions. A trust management issue vulnerability exists in the Cisco Catalyst Passive Optical...