8732 matches found
Missing Authentication for Critical Function
Overview vite-plus is a The Unified Toolchain for the Web Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and WebSocket is...
CVE-2026-32662
Development and test API endpoints are present that mirror production functionality...
Arbitrary Command Injection
Overview @elgentos/magento2-dev-mcp is a Magento 2 Development MCP Server for AI agents - provides cache management, module tools, and system diagnostics Affected versions of this package are vulnerable to Arbitrary Command Injection via the executeMagerun2Command function. An attacker can execut...
PT-2026-30706
Name of the Vulnerable Software and Affected Versions Anthropic Claude Code CLI and Claude Agent SDK affected versions not specified Description Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection issue in the command lookup helper and deep-link terminal launcher. Local...
Killer robots are here. Now what? (Lock and Code S07E07)
Big news : Lock and Code is nominated for a Webby Award! You can help us win the People's Voice Award by voting here. Vote now! This week on the Lock and Code podcast … We have to talk about killer robots. No, not the Terminator, and not some Boston Dynamics robot run amok. We have to talk instea...
exploit_skillz
exploitskillz Work i...
PT-2026-30586
Name of the Vulnerable Software and Affected Versions SDL image affected versions not specified Description The SDL image library has an issue where pixel index values from decoded XCF tile data are used directly as colormap indices without validation against the colormap size. A crafted .xcf fil...
libinput-devel-1.31.1-1.1 on GA media (moderate)
libinput-devel-1.31.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10489-1 Rating: moderate Cross-References: CVE-2026-35093 CVE-2026-35094 CVSS scores: CVE-2026-35093 SUSE : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-35093 SUSE : 6.3...
[SECURITY] Fedora 43 Update: python3.9-3.9.25-7.fc43
Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...
OPENSUSE-SU-2026:10489-1 libinput-devel-1.31.1-1.1 on GA media
These are all security issues fixed in the libinput-devel-1.31.1-1.1 package on the GA media of openSUSE Tumbleweed...
EUVD-2026-18847
Development and test API endpoints are present that mirror production functionality...
CVE-2026-32662
Development and test API endpoints are present that mirror production functionality...
CVE-2026-32662 Gardyn Cloud API Active Debug Code
Development and test API endpoints are present that mirror production functionality...
CVE-2026-32662 Gardyn Cloud API Active Debug Code
Development and test API endpoints are present that mirror production functionality...
CVE-2026-32662
Technical details about CVE-2026-32662 are not provided in the supplied documents. Monitor for updates from vendors and security advisories.
CVE-2026-32662
Development and test API endpoints are present that mirror production functionality...
[SECURITY] Fedora 42 Update: gst-devtools-1.26.11-1.fc42
Development and debugging tools for GStreamer...
A Systematic Security Evaluation of OpenClaw and Its Variants
Tool-augmented AI agents substantially extend the practical capabilities of large language models, but they also introduce security risks that cannot be identified through model-only evaluation. In this paper, we present a systematic security assessment of six representative OpenClaw-series agent...
PT-2026-30215
Development and test API endpoints are present that mirror production functionality...
EUVD-2026-18534
hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, the /enter page contains a DOM-based open redirect vulnerability. The redirect query parameter is directly used to construct a URL and redirect the user without proper validation. This issue has been patched in...