Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

142 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/21 2:49 p.m.8 views

Malicious code in pgrayy-wasmtime (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7c9cfd90d6de2acd86d50019dfa4a2b140ac9246fdcbae8d7aaa3d17bd4af6e The distribution is published as pgrayy-wasmtime but its toplevel.txt declares the top-level import name as wasmtime, and the entire Python source tr...

5.9AI score
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/02/03 3:18 p.m.4 views

CVE-2026-24070

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

8.8CVSS5.8AI score0.00005EPSS
Exploits1References1
OSV
OSVadded 2026/02/02 2:16 p.m.3 views

CVE-2026-24070

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

8.8CVSS5.9AI score0.00005EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/02/02 1:15 p.m.26 views

CVE-2026-24070 Local Privilege Escalation via DYLIB Injection in Native Instruments Native Access

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

0.00005EPSS
Exploits1References2
EUVD
EUVDadded 2026/02/02 1:15 p.m.2 views

EUVD-2026-5108

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

8.8CVSS5.8AI score0.00005EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2026/02/02 12:0 a.m.5 views

PT-2026-5657

Name of the Vulnerable Software and Affected Versions Native Instruments Native Access affected versions not specified Description The Native Access application installs a privileged helper, com.native-instruments.NativeAccess.Helper2, used for triggering functions via XPC communication, such as...

8.8CVSS5.6AI score0.00005EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2026/01/09 12:37 p.m.7 views

CVE-2023-49313

A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data...

9.8CVSS7.3AI score0.04174EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:7 a.m.3 views

CVE-2019-20856

An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection...

9.8CVSS6.9AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/10 12:28 a.m.5 views

CVE-2025-65741

Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application...

9.8CVSS6.9AI score0.00141EPSS
Exploits1References1
NVD
NVDadded 2025/12/09 8:15 p.m.2 views

CVE-2025-65741

Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application...

9.8CVSS0.00141EPSS
Exploits1References3
OSV
OSVadded 2025/12/09 8:15 p.m.1 views

CVE-2025-65741

Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application...

9.8CVSS6AI score0.00141EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/09 3:55 p.m.18 views

CVE-2025-5469 Dylib Hijacking in Yandex Messenger

Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...

8.8CVSS0.00019EPSS
Exploits0References1
CVE
CVEadded 2025/12/09 3:55 p.m.19 views

CVE-2025-5469

CVE-2025-5469 is described as an Uncontrolled Search Path Element vulnerability in Yandex Messenger on macOS, enabling search order hijacking and affecting Telemost before version 2.245. Public sources in the connected set corroborate this for Telemost prior to 2.245 and identify the root cause a...

8.8CVSS6.6AI score0.00019EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/09 3:55 p.m.4 views

CVE-2025-5469 Dylib Hijacking in Yandex Messenger

Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...

8.8CVSS6.6AI score0.00019EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/09 3:53 p.m.3 views

CVE-2025-5471 Dylib Hijacking in Yandex Telemost

Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...

8.8CVSS6.6AI score0.00018EPSS
Exploits0References1
CVE
CVEadded 2025/12/09 3:53 p.m.7 views

CVE-2025-5471

CVE-2025-5471 affects Yandex Telemost on macOS, before version 2.19.1. The root cause is an uncontrolled Search Path Element, enabling search-order hijacking (dylib hijacking). Impact per sources is high on confidentiality, integrity, and availability when a malicious library is loaded via a mani...

8.8CVSS6.6AI score0.00018EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/12/09 3:53 p.m.16 views

CVE-2025-5471 Dylib Hijacking in Yandex Telemost

Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...

8.8CVSS0.00018EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/09 3:50 p.m.5 views

CVE-2025-5470 Dylib Hijacking in Yandex Disk

Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...

8.8CVSS6.6AI score0.00019EPSS
Exploits0References1
CVE
CVEadded 2025/12/09 3:50 p.m.12 views

CVE-2025-5470

The CVE-2025-5470 entry details an Uncontrolled Search Path Element vulnerability in Yandex Disk for MacOS, enabling Search Order Hijacking. Affected: Yandex Disk on macOS prior to 3.2.45.3275. Root cause: improper control of the search path element. Impact is described as high across confidentia...

8.8CVSS6.6AI score0.00019EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/09 12:0 a.m.18 views

CVE-2025-65741

Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application...

0.00141EPSS
Exploits1References3
Rows per page
Query Builder