Why Malwarebytes blocks some Yahoo Mail redirects

Some Malwarebytes users have recently noticed frequent web protection alerts while reading email in Yahoo Mail’s web interface. These alerts are caused by background connections from the Yahoo Mail page to a set of third‑party domains that our products and other security tools currently classify ...

CVE-2026-42516 Broken Access Control Vulnerability in e-Sushrut HMIS

This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulnerability by manipulating encoded parameters in the request URL to gain unauthorized access to patient accounts on the targeted system...

CVE-2026-42516

This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulnerability by manipulating encoded parameters in the request URL to gain unauthorized access to patient accounts on the targeted system...

EUVD-2026-26201

This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulnerability by manipulating encoded parameters in the request URL to gain unauthorized access to patient accounts on the targeted system...

CVE-2026-42516

The CVE-2026-42516 entry concerns e-Sushrut HMIS with improper authorization checks during resource access. An authenticated attacker could exploit encoded parameters in the request URL to gain unauthorized access to patient accounts. The connected records confirm the vulnerability is a Broken Ac...

CDAC e-Sushrut 安全漏洞

CDAC e-Sushrut is a system platform provided by the Indian CDAC company that facilitates hospital information management and medical process support. There is a security vulnerability in CDAC e-Sushrut, which stems from improper authorization checks during resource access. This vulnerability coul...

PT-2026-35888

Name of the Vulnerable Software and Affected Versions e-Sushrut affected versions not specified Description Improper authorization checks during resource access allow an authenticated attacker to gain unauthorized access to patient accounts. This is achieved by manipulating encoded parameters...

Apache Linkis security vulnerabilities

Apache Linkis is a middleware product developed by the Apache Foundation in the United States. It enables effective connections between upper-level applications and underlying data engines. Versions of Apache Linkis 1.7.0 and earlier contain security vulnerabilities. These vulnerabilities stem fr...

EUVD-2025-198982

body-parser is vulnerable to denial of service when url encoding is used...

CVE-2025-13466

body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This c...

CVE-2025-13466

body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This c...

UBUNTU-CVE-2025-13466

body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This c...

CVE-2025-13466 body-parser vulnerable to denial of service when url encoding is used

body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This c...

CVE-2025-13466 body-parser vulnerable to denial of service when url encoding is used

body-parser 2.2.0 is vulnerable to denial of service due to inefficient handling of URL-encoded bodies with very large numbers of parameters. An attacker can send payloads containing thousands of parameters within the default 100KB request size limit, causing elevated CPU and memory usage. This c...

PT-2025-47951

Name of the Vulnerable Software and Affected Versions body-parser versions prior to 2.2.1 Description The software is susceptible to a denial of service condition resulting from inefficient processing of URL-encoded request bodies containing a large number of parameters. An attacker can exploit...

EUVD-2002-1405

Malware in sbrugna...

WordPress plugin WP Accessibility Helper (WAH) 跨站脚本漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.A cross-site scripting vulnerability exists in versions of the WordPress WP Accessibility Helper plugin prio...

CVE-2006-1431

Cross-site scripting XSS vulnerability in local.cfm in fusionZONE couponZONE 4.2 allows remote attackers to inject arbitrary web script or HTML via URL-encoded 1 srchfor and 2 srchby parameters...