Lucene search
K

14331 matches found

CVE
CVE
added 2026/06/25 4:42 p.m.14 views

CVE-2026-55697

pnpm is vulnerable prior to 10.34.2 and 11.5.3: repository‑controlled configDependencies in pnpm-workspace.yaml could cause pnpm to install a repository‑controlled install‑engine (pacquet) by resolving a platform‑specific @pacquet/-/pacquet binary from node_modules/.pnpm-config and spawning it as...

8.8CVSS5.9AI score0.00127EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/06/25 12:27 a.m.3 views

MGASA-2026-0232 Updated nats-server packages fix security vulnerabilities

nats-server and its dependencies are updated to fix CVE-2025-30215 Missing access controls for JS API in multi-tenancy...

9.6CVSS5.8AI score0.00561EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52522

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.2 pnpm versions prior to 11.5.3 Description pnpm allows the installation of configDependencies declared in pnpm-workspace.yaml before command dispatch. A repository can declare pacquet or @pnpm/pacquet as a config...

8.8CVSS5.8AI score0.00127EPSS
Exploits1References9
OSV
OSV
added 2026/06/24 2:0 p.m.5 views

UBUNTU-CVE-2026-10536

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE, subsequently invokes curleasyreset, and finally terminates the handle with curleasycleanup. During this final cleanup phase, libcurl...

9.8CVSS5.9AI score0.00891EPSS
Exploits1References4
OSV
OSV
added 2026/06/24 9:1 a.m.2 views

SUSE-SU-2026:2612-1 Security update for google-guest-agent

This update for google-guest-agent fixes the following issues Security issues: - CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. - CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. - CVE-2026-39828: Update golang.org/x/crypto dependency bsc1266171. -...

10CVSS6.9AI score0.91969EPSS
Exploits4References38
OSV
OSV
added 2026/06/22 2:41 p.m.3 views

SUSE-SU-2026:22328-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for...

9.6CVSS6.7AI score0.01557EPSS
Exploits1References8
OSV
OSV
added 2026/06/22 2:30 p.m.3 views

OPENSUSE-SU-2026:21010-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for...

9.6CVSS6.7AI score0.01557EPSS
Exploits1References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 11:24 p.m.14 views

Malicious code in requests-enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0f61f1a905e0ec1bb593f7b20d4f9a8a9e72deeb16440f72acbcaf00aeab1cd On import requestsenhancer, the package's init.py spawns a daemon thread that runs pip install...

6.7AI score
Exploits0References5
OSV
OSV
added 2026/06/20 11:24 p.m.18 views

MAL-2026-6247 Malicious code in requests-enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0f61f1a905e0ec1bb593f7b20d4f9a8a9e72deeb16440f72acbcaf00aeab1cd On import requestsenhancer, the package's init.py spawns a daemon thread that runs pip install...

6.7AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 7:24 p.m.11 views

Malicious code in d0rk3r (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cbc673402f814b065eadc8be2641d761d482c30722fdd8e6b1b7522fde2f478 d0rk3r 1.0.5 is advertised as a Shodan IP scraper with proxy rotation, but the sdist ships no Python source — only LICENSE, README, pyproject.toml,...

6AI score
Exploits0References17
OSV
OSV
added 2026/06/20 7:24 p.m.9 views

MAL-2026-6246 Malicious code in d0rk3r (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cbc673402f814b065eadc8be2641d761d482c30722fdd8e6b1b7522fde2f478 d0rk3r 1.0.5 is advertised as a Shodan IP scraper with proxy rotation, but the sdist ships no Python source — only LICENSE, README, pyproject.toml,...

5.9AI score
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

SUSE SLES16 Security Update : google-guest-agent (SUSE-SU-2026:22128-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22128-1 advisory. Changes in google-guest-agent: Update to version 20260430.00 Update OWNERS 609 Update THIRDPARTYLICENSES to be package specific...

9.1CVSS5.8AI score0.01557EPSS
Exploits1References24
NVD
NVD
added 2026/06/16 7:17 p.m.13 views

CVE-2026-53858

OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATEDIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATEDIRECTORY variable to load runtime dependencies from unintended local paths, potentially...

7.1CVSS0.00124EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/16 6:5 p.m.8 views

CVE-2026-53858 OpenClaw < 2026.5.2 - Arbitrary Runtime Dependency Loading via STATE_DIRECTORY Environment Variable

OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATEDIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATEDIRECTORY variable to load runtime dependencies from unintended local paths, potentially...

7.1CVSS5.3AI score0.00124EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:5 p.m.16 views

CVE-2026-53858

OpenClaw (pre-2026.5.2) is affected by CVE-2026-53858: an environment variable injection flaw where the workspace .env STATE_DIRECTORY can influence bundled runtime dependency roots. An attacker can manipulate STATE_DIRECTORY to load runtime dependencies from unintended local paths, potentially e...

7.1CVSS5.3AI score0.00124EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/15 2:31 p.m.3 views

OPENSUSE-SU-2026:20969-1 Security update for google-guest-agent

This update for google-guest-agent fixes the following issues: Changes in google-guest-agent: Update to version 20260430.00 Update OWNERS 609 Update THIRDPARTYLICENSES to be package specific location. 608 Update dependencies and go version to 1.26.2 607 bsc1265762, CVE-2026-33814 Bump...

9.1CVSS6.6AI score0.01557EPSS
Exploits1References17
OSV
OSV
added 2026/06/15 2:28 p.m.3 views

SUSE-SU-2026:22128-1 Security update for google-guest-agent

This update for google-guest-agent fixes the following issues: Changes in google-guest-agent: Update to version 20260430.00 Update OWNERS 609 Update THIRDPARTYLICENSES to be package specific location. 608 Update dependencies and go version to 1.26.2 607 bsc1265762, CVE-2026-33814 Bump...

9.1CVSS6.4AI score0.01557EPSS
Exploits1References18
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/15 12:0 a.m.5 views

Security update for neonmodem (important)

openSUSE security update: security update for neonmodem ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20963-1 Rating: important References: bsc1260727 bsc1267193 Cross-References: CVE-2026-25680 CVE-2026-25681 CVE-2026-27136 CVE-2026-33809...

8.7CVSS6.5AI score0.00328EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/14 5:4 a.m.20 views

[SECURITY] Fedora 43 Update: composer-2.10.1-1.fc43

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

5.4AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/12 9:36 p.m.83 views

exploitGuard

Run and deploy your AI Studio app This contains everything yo...

5.3AI score
Exploits0
Rows per page
Query Builder