Lucene search
K

6979 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago9 views

Malicious code in defi-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a2562ad49633ee8c845db08a485394cb31c7de12d9f87eb3f8ef0ab61fb5128 On first import, defitools/init.py decodes a base64-embedded 486KB Linux ELF, writes it to /.config/.npm-cache/snapd-network, sets mode 0777, and...

6.2AI score
Exploits0References3
NVD
NVD
added 3 days ago7 views

CVE-2026-57828

The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...

9CVSS0.00256EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-43167

The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...

9CVSS6.1AI score0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-57828 Joomla Extension - phoca.cz - Authenticated file upload in RSFiles component < 6.1.3

The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...

9CVSS0.00256EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago8 views

Malicious code in multer-orm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb45c09aa7a237b2b9ff18ccf6426b76a4f46e5ea665c7747f35a345940e161 multer-orm is a typosquat of the widely used multer middleware. Its README is copied from multer, but the package adds a load-time dropper in...

6.7AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago8 views

Malicious code in playwrightr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e165b925f82629524e611c81597c32a171df7cec246dc73f268d8192ccbe2c5 setup.py registers a CustomInstallCommand that runs automatically on pip install under Windows. It uses WinHTTP via ctypes to fetch a binary from...

6.1AI score
Exploits0References5
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42435

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...

8.8CVSS6.3AI score0.0012EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 5 days ago11 views

PT-2026-56777

Name of the Vulnerable Software and Affected Versions Balbooa Forms versions prior to 2.4.1 Description The Joomla extension Balbooa Forms contains a flaw in its frontend attachment upload functionality that allows unauthenticated users to upload arbitrary files. Because the system does not...

10CVSS6.5AI score0.00836EPSS
Exploits5References20
CVE
CVE
added 6 days ago16 views

CVE-2026-10037

CVE-2026-10037 describes a sandbox escape in Ubuntu’s OpenJDK packages. The issue arises from .jar MIME handlers installed by these packages executing files marked as executable when the mailcap package is present. A compromised sandboxed application with access to the OpenURI portal via xdg-desk...

8.8CVSS6.3AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-55849 @cyclonedx/cyclonedx-npm: Shell Injection via Unsanitized `--workspace` Argument

@cyclonedx/cyclonedx-npm creates CycloneDX Software Bill of Materials from npm projects. From 2.1.0 before 5.0.0, the CLI passes user-supplied --workspace values to a subshell without proper sanitization when npmexecpath is unset or empty, allowing arbitrary OS command execution with the privileg...

8.5CVSS0.0016EPSS
Exploits0References4
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-59946

Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a Composer package bin entry containing .. path segments can resolve outside the package install directory and cause Composer's binary installation flow to chmod an existing host file to a world-readable and...

6.1CVSS5.9AI score0.00136EPSS
Exploits0
NVD
NVD
added 6 days ago9 views

CVE-2026-57895

Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...

8.5CVSS0.0011EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-57895

Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...

8.5CVSS0.0011EPSS
Exploits0References2
CVE
CVE
added 6 days ago15 views

CVE-2026-57895

Pupsman before 3.9.0 has an incorrect default-permissions issue that allows an attacker to drop a malicious executable into the installation folder, enabling arbitrary code execution with SYSTEM privileges. Affected software: Pupsman, versions prior to 3.9.0. Root cause: default permissions misco...

8.5CVSS7.6AI score0.0011EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago10 views

Malicious code in pyqt6darktheme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8cd6d16792d681b160ae1e11b3f698d8fd3004cd6019704008ad1c649fbe6f67 Package downloads and runs a remote executable, which was found to downloads further exes and starting coine mining --- Category: MALICIOUS - The campaign has...

6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-56549

Name of the Vulnerable Software and Affected Versions Composer versions prior to 2.2.29 Composer versions prior to 2.10.2 Description A flaw in the binary installation flow allows a package bin entry containing .. path segments to resolve outside the package installation directory. This can lead ...

6.1CVSS6.2AI score0.00136EPSS
Exploits0References10
NVD
NVD
added last week9 views

CVE-2026-55647

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, dashboard text components render stored component content with Vue v-html without server-side HTML sanitization, allowing an authenticated user who can edit dashboard component data to inject HTML with executable...

5.1CVSS0.00269EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added last week5 views

CVE-2026-55647

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, dashboard text components render stored component content with Vue v-html without server-side HTML sanitization, allowing an authenticated user who can edit dashboard component data to inject HTML with executable...

5.1CVSS6AI score0.00269EPSS
Exploits0References4Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/04 6:5 p.m.12 views

Malicious code in httpprobe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb46b890b54f51f3a98c1935dbd50e143430757c5daf4080039d32865b04c1d5 The package advertises itself as an 'HTTP probing tool for security researchers' but contains no HTTP-probing functionality. Its only behavior is to...

6.5AI score
Exploits0References2
OSV
OSV
added 2026/07/04 6:5 p.m.10 views

MAL-2026-6758 Malicious code in httpprobe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb46b890b54f51f3a98c1935dbd50e143430757c5daf4080039d32865b04c1d5 The package advertises itself as an 'HTTP probing tool for security researchers' but contains no HTTP-probing functionality. Its only behavior is to...

6.5AI score
Exploits0References2
Rows per page
Query Builder