Lucene search
K

4 matches found

OSV
OSV
added 2026/05/21 12:0 a.m.38 views

MAL-2026-4209 Malicious code in polymarket-ai-agent (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 12:57 p.m.11 views

Malicious code in web3-secrets-detector (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

5.9AI score
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.21 views

PT-2026-50805

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.128 Description The software caches tool approval decisions based solely on the tool name rather than the invocation arguments. This allows subsequent calls to the execute command function to bypass approval...

6.8CVSS6AI score0.00116EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2022/10/25 2:3 p.m.6 views

Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. An attacker could spoof historical messages from other users, and use a malicious key backup to the user's account unde...

8.6CVSS7.3AI score0.00872EPSS
Exploits0References5
Rows per page
Query Builder