30 matches found
mcp-tool-poisoning-poc
mcp-tool-poisoning — Educational PoC Demonstrates the Too...
Malicious code in tempo-shared-modules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc05637e4f67c7a00ac3b790680f46174243df9c2740a161a029d4b266a79839 On npm install, the preinstall script poc.js collects host identity hostname, username, OS/platform, network configuration ipconfig / ip a /...
Malicious code in @pluxee-connect/api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f5056dda18e9a9f440db7379d09fa1f9f7ff087ac00d6684170cddd40c240e9 On npm install, postinstall.js collects os.hostname, os.userInfo, and process.version and transmits them over plain HTTP to...
Exploit for CVE-2026-5530
CVE-2026-5530 Ollama SSRF via OCI registry redirect with full...
Malicious code in python-requirements (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...
MAL-2025-5810 Malicious code in dns-exfil-poc (npm)
The package communicates with a domain associated with malicious activity...
CVE-2024-29384
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions...
CVE-2024-33436
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables...
CVE-2024-33437
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...
CVE-2024-33437
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...
CVE-2024-33436
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables...
CVE-2024-33436
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables...
CVE-2024-33437
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...
PT-2024-25258 · Unknown · Css Exfil Protection
Name of the Vulnerable Software and Affected Versions: CSS Exfil Protection version 1.1.0 Description: An issue in CSS Exfil Protection allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules. Recommendations: For CSS Exfil Protection version 1.1.0, at...
CVE-2024-29384
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions...
CVE-2024-33437
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...
CVE-2024-29384
CVE-2024-29384 affects CSS Exfil Protection v1.1.0. The vulnerability resides in the functions content.js and parseCSSRules , enabling a remote attacker to obtain sensitive information. The NVD entry lists CVSSv3.1: 7.5 (High) with NETWORK attack vector, no privileges required, no user interactio...
PT-2024-25257 · Unknown · Css Exfil Protection
Name of the Vulnerable Software and Affected Versions: CSS Exfil Protection version 1.1.0 Description: An issue in CSS Exfil Protection allows a remote attacker to obtain sensitive information due to missing support for CSS variables. Recommendations: For CSS Exfil Protection version 1.1.0, at th...
CVE-2024-33436
CVE-2024-33436 affects CSS Exfil Protection v1.1.0. All connected sources describe an issue where missing support for CSS variables enables a remote attacker to obtain sensitive information. The vulnerability is documented across NVD, Red Hat, CNNVD, CVE.org, and related feeds. Technical specific...
PT-2024-22873 · Unknown · Css Exfil Protection
Name of the Vulnerable Software and Affected Versions: CSS Exfil Protection version 1.1.0 Description: An issue in CSS Exfil Protection allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions. Recommendations: For CSS Exfil Protection version 1.1.0,...