372 matches found
MAL-2026-5295 Malicious code in coolbox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c55bfdad112134e980af7568a9138be1e4b940f7bfbeebad2b0f85d9337a0f44 The wheel installs coolbox-setup.pth, a Python path-configuration file that Python auto-loads at every interpreter startup any python invocation...
Malicious code in magique-ai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4241e99d1053712e6909db44c939421695dff66556055a93058f9a55f8694929 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...
Malicious code in executor-engine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fee580000475783e657a2e66ca6a4a4bd4369aa0bc9f87152b003dca6f34848 executor-engine 0.3.4 ships a malicious site-packages.pth file executorengine-setup.pth that Python's site initialization auto-executes on every...
MAL-2026-5325 Malicious code in ray-mcp-server (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eae739a0cbe63099850e15e7ed9a72efd9d840d8cf003aa8c8dae1bb4c78a716 Versions 0.2.1 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...
Malicious code in embiggen (PyPI)
The package embiggen version 0.11.97 contains a malicious .pth file embiggen-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscated...
Malicious code in funcdesc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a5756a79331cdda67721e39889609f5c0b5e342b678dbce2de97c94ec2dbe29 The package installs funcdesc-setup.pth, which Python auto-executes at interpreter startup for any environment where this package is installed. The.p...
Malicious code in ufish (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 27371fa53e0e8e5e763b18b9bcadfd9b6991c720dd154d17bffeab0e7a139ef4 Versions 0.1.2, 0.1.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in gpsea (PyPI)
The package gpsea version 0.9.14 contains a malicious .pth file gpsea-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscated JavaScrip...
CVE-2026-40883
goshs is a SimpleHTTPServer written in Go. From 2.0.0-beta.4 to 2.0.0-beta.5, goshs contains a cross-site request forgery issue in its state-changing HTTP GET routes. An external attacker can cause an already authenticated browser to trigger destructive actions such as ?delete and ?mkdir because...
CVE-2026-42551
Flight is an extensible micro-framework for PHP. Prior to 3.18.1, Request::getMethod unconditionally honors the X-HTTP-Method-Override header and the $REQUEST'method' parameter on any HTTP verb including safe verbs such as GET, with no opt-in and no whitelist of permitted target methods. A GET...
CVE-2026-10843
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10843
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10843
OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS allow operator credentials to have account-wide permissions for destructive actions, rather than being restricted to cluster-owned resources. This enables cross-scope impact after credential compromise. The CVE-2026-10843 entry do...
CVE-2026-10843
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
PT-2026-46192
Name of the Vulnerable Software and Affected Versions OpenShift Cloud Credential Operator affected versions not specified Description A flaw exists in the Mint-mode IAM policies for AWS within the OpenShift Cloud Credential Operator. Operator credentials are provisioned with account-wide scope fo...
Red Hat OpenShift Container Platform 安全漏洞
Red Hat OpenShift Container Platform is a platform developed by Red Hat Corporation that helps enterprises develop, deploy, and manage existing container-based applications across physical, virtual, and public cloud infrastructures. There is a security vulnerability in Red Hat OpenShift Container...
praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id}
Summary Type: Authorization bypass enabling destructive action. The DELETE /workspaces/workspaceid endpoint is gated only by requireworkspacememberworkspaceid default minrole="member". Any member of the workspace can issue a single DELETE to wipe the entire workspace, including every project,...
web-app-pentest-altoromutual
Web Application Penetration Test — AltoroMutual demo.testfire...
PT-2026-45485
Summary Type: Authorization bypass enabling destructive action. The DELETE /workspaces/workspace id endpoint is gated only by require workspace memberworkspace id default min role="member". Any member of the workspace can issue a single DELETE to wipe the entire workspace, including every project...
Exploit for CVE-2026-22557
CVE-2026-22557 Vulnerability Assessment Tool Safely detect wh...