Malicious Package

Overview @fb-deposit/form-deposit-auth is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview @cloudplatform-single-spa/iam is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview @cloudplatform-single-spa/vpc-endpoint is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

Exploit for Improper Authentication in Google Android

DEDSECBKIF DEDSECBKIF is a keystroke injection tool for Androi...

Exploit for CVE-2022-25765

CVE-2022-25765 — Command Injection in pdfkit Descripción...

Exploit for Improper Access Control in Fortinet Forticlientems

CVE-2026-35616 - Fortinet FortiClientEMS 7.4.5 Unauthenticated...

Exploit for CVE-2026-3891

███████╗██████╗ ██╗███████╗███╗ ██╗██████╗ ███████╗ ██╔═...

CVE-2026-10176 Aider-AI Aider Code Generation Workflow sql injection

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob

...

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

HackTheBox — DevHub CVE-2026-23744 | MCPJam Inspector Unaut...

Exploit for CVE-2026-48800

CVE-2026-48800 — Notepad++ Arbitrary Code Execution PoC Sev...

CVE-2026-10164

A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument ShareName/SelectName results in buffer overflow. The attack can be executed remotely. The exploit ha...

CVE-2026-10158

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument servername results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released t...

MAL-2026-5093 Malicious code in h4xupdate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0de4da975d7b071824607be751a9ea0fb13e409eaef58d1cc0628263d5dea700 Package contains a remote control tool taking orders from a hardcoded Telegram bot. The authorship impersonate legitimate company. --- Category: MALICIOUS - Th...

PT-2026-45175

🔒 CyberSecurity CVE-2024-36791: Flowise RCE Exploitation — Detection and Hardening Guide "Flowise servers face critical RCE via malicious chatflow imports. Immediate patching required to…" 🔗 https://t.co/VV0BIHRBy9 CyberSecurity ThreatIntel cve zeroday patchtuesday...

Aider 代码注入漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a code injection vulnerability. This vulnerability arises from the operation editorcoder.run in the Architect Mode component, allowing for code injection. Attackers can launch attacks...

ManageEngine ADSelfService Plus < Build 6525 Authenticated RCE

According to its self-reported version, the ManageEngine ADSelfService Plus application running on the remote host is prior to build 6525. It is, therefore, affected by an authenticated remote code execution vulnerability. This vulnerability stems from improper access controls to the service used...

Exploit for Improper Access Control in Papercut Papercut_Mf

CVE-2023-27350 — PaperCut NG/MF Authentication Bypass & RCE S...

RLSA-2026:19176 Important: python3.14 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

python3.14 security update

An update is available for python3.14. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...