Lucene search
K

37 matches found

Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.11 views

Smarter Saboteurs, Better Fixers: Scaling and Security in Linear Multi-Agent Workflows

As LLM-based multi-agent systems MAS are deployed in the wild, the resilience of their collaboration structures against adversarial compromise becomes a critical safety concern. Attackers may leverage prompt-injection or jailbreaking to sabotage individual agents within MAS workflows, but the...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/07 12:0 a.m.5 views

Hardening Agent Benchmarks with Adversarial Hacker-Fixer Loops

Agent benchmarks score submissions with outcome verifiers that are typically hand-written and brittle, leaving them open to reward hacking. We audit 1,968 tasks across five terminal-agent benchmarks and find 323 16% hackable by frontier models given only the task description. This corrupts both...

5.5AI score
Exploits0
Cvelist
Cvelist
added 2026/01/07 6:36 a.m.24 views

CVE-2025-14845 NS IE Compatibility Fixer <= 2.1.5 - Cross-Site Request Forgery to Plugin Settings Update

The NS IE Compatibility Fixer plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in all versions up to, and including, 2.1.5. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify the plugin'...

4.3CVSS0.00132EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.3 views

WordPress plugin NS IE Compatibility Fixer 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...

4.3CVSS6.4AI score0.00132EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.5 views

PT-2026-1567

Name of the Vulnerable Software and Affected Versions NS IE Compatibility Fixer plugin for WordPress versions through 2.1.5 Description The software is susceptible to Cross-Site Request Forgery CSRF due to the absence of nonce validation on the settings update functionality. This allows attackers...

4.3CVSS6.5AI score0.00132EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/01/06 9:46 p.m.12 views

WordPress NS IE Compatibility Fixer plugin <= 2.1.5 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin NS Ie Compatibility Fixer versions = 2.1.5...

4.3CVSS6.8AI score0.00132EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/10 4:3 a.m.3 views

EUVD-2025-41740

Malicious code in phantom-fixer npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 4:3 a.m.3 views

Malicious code in phantom-fixer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12a29d0b7233f4c6d8534448b0202eaddc448817008782120ede8110b31b010d The package phantom-fixer was found to contain malicious code. Source: ghsa-malware 08b29349698428ef5ef1924bece07e739b2c0dc4ee6be172dba838e6c5e4dabd...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2025/11/10 4:3 a.m.2 views

Malicious Package

Overview phantom-fixer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/11/10 4:3 a.m.2 views

MAL-2025-50728 Malicious code in phantom-fixer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12a29d0b7233f4c6d8534448b0202eaddc448817008782120ede8110b31b010d The package phantom-fixer was found to contain malicious code. Source: ghsa-malware 08b29349698428ef5ef1924bece07e739b2c0dc4ee6be172dba838e6c5e4dabd...

6.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:40 p.m.3 views

CVE-2021-26275

The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted...

10CVSS7AI score0.03039EPSS
Exploits1References1
NVD
NVD
added 2025/01/31 6:15 a.m.15 views

CVE-2025-0809

The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.2CVSS0.00297EPSS
Exploits0References2
CVE
CVE
added 2025/01/31 5:22 a.m.62 views

CVE-2025-0809

CVE-2025-0809 covers the WordPress plugin Link Fixer (permalink-finder) with a Stored Cross-Site Scripting (XSS) vulnerability reported for versions up to and including 3.4. The root cause is described as insufficient input sanitization and output escaping, enabling unauthenticated attackers to i...

7.2CVSS6.3AI score0.00297EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/31 5:22 a.m.15 views

CVE-2025-0809 Link Fixer <= 3.4 - Unauthenticated Stored Cross-Site Scripting

The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.2CVSS0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/31 5:22 a.m.9 views

CVE-2025-0809 Link Fixer <= 3.4 - Unauthenticated Stored Cross-Site Scripting

The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.2CVSS6.3AI score0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/31 12:0 a.m.3 views

PT-2025-4063 · WordPress · Link Fixer

Name of the Vulnerable Software and Affected Versions: The Link Fixer plugin for WordPress versions up to, and including, 3.4 Description: The issue is related to Stored Cross-Site Scripting via broken links due to insufficient input sanitization and output escaping. This allows unauthenticated...

7.2CVSS8.3AI score0.00297EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.2 views

WordPress plugin Link Fixer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.2CVSS8.2AI score0.00297EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/30 7:19 p.m.1 views

WordPress Link Fixer plugin <= 3.4 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by omstaendlig in WordPress Plugin Link Fixer versions = 3.4...

7.2CVSS5.8AI score0.00297EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2024/05/20 2:57 p.m.6 views

eu.europa.ec.joinup.sd-dss:dss-cookbook (=6.0), eu.europa.ec.joinup.sd-dss:dss-jacoco-coverage (=6.0) +7 more potentially affected by CVE-2024-28109 via org.verapdf:core-jakarta (=1.24.1)

org.verapdf:core-jakarta MAVEN version =1.24.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.verapdf:core-jakarta and may be impacted: - eu.europa.ec.joinup.sd-dss:dss-cookbook =6.0 - eu.europa.ec.joinup.sd-dss:dss-jacoco-coverage =6.0 -...

8.1CVSS7.2AI score0.01033EPSS
Exploits0
GithubExploit
GithubExploit
added 2024/03/29 11:36 p.m.319 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 XZ-Utils Vulnerability Checker and Fixer Th...

10CVSS9.9AI score0.85974EPSS
Exploits39
Rows per page
Query Builder