Malicious code in buddyme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f4ae4b8c00d27e82d54a5d2d960b1dc4f40ba15bc938355bad8421c338d6ef6 buddyme advertises a CLI agent. When installed and run, the default REPL routes every prompt the user types to third-party LLM providers Zhipu GLM at...

EUVD-2026-23476

Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction with device messaging channels at scale...

PT-2026-33489

CVE-2026-32324 Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction wi… https://t.co/229Go9uB4w...

HP Poly Edge E Series 安全漏洞

The HP Poly Edge E Series is a series of IP desktop phones produced by the American company HP. The HP Poly Edge E Series contains security vulnerabilities. These vulnerabilities stem from the inclusion of test keys and certificates within the devices, which may allow attackers to extract these...

OPENSUSE-SU-2026:20003-1 Security update of valkey

This update for valkey fixes the following issues: Update to 8.0.6: - Security fixes: - CVE-2025-49844: Fixed that a Lua script may lead to remote code execution bsc1250995 - CVE-2025-46817: Fixed that a Lua script may lead to integer overflow and potential RCE bsc1250995 - CVE-2025-46818: Fixed...

CVE-2025-2394 Disclosure of Alibaba (OSS) Keys In Ecovacs Home Android and iOS Mobile Applications

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

VulnCheck KEV: CVE-2019-19752

nvOC through 3.2 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io...

Arigatou PICOOC AliCloud OSS credentials have information leakage vulnerability

Arigatou PICOOC APP is the companion APP application for Latin, a smart scale that measures body fat. AliCloud Object Storage Service, or OSS for short, is a massive, secure and highly reliable cloud storage service provided by AliCloud to the outside world. There is an information leakage...

Today's manipulation of the AliCloud OSS credentials have information leakage vulnerability

Today's manipulation is a practical financial management cell phone application, the user through the software can conveniently keep abreast of the precious metals trading market, information, easy financial management, efficient money. AliCloud Object Storage Service Object Storage Service,...

Amusing phone call AliCloud OSS credentials have information leakage vulnerability

Amusing Phone is a communication APP that combines entertainment and security, developed and launched by Beijing Shusheng Mobile Technology Co. There is an information leakage vulnerability in the AliCloud OSS credentials of Tease Phone. The vulnerability is caused by credential leakage due to th...

Yeah Classroom AliCloud OSS credentials have an information leakage vulnerability

Yeah Classroom is an online interactive learning and communication platform that focuses on vocational skills education. There is an information leakage vulnerability in the AliCloud OSS credentials of Yeah Classroom. The vulnerability is caused by credential leakage due to the use of SDK with...