EUVD-2025-32879

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

Improper Warning Message Handling

@anthropic-ai/claude-code is vulnerable to improper warning message handling. The vulnerability is due to an unclear trust prompt that failed to inform users that selecting “Yes, proceed” would execute files in the folder without further confirmation, which allows an attacker to trick users into...

CVE-2025-58590 Path traversal

It's possible to brute force folders and files, what can be used by an attacker to steal sensitve information...

EUVD-2024-21221

Malicious code in bioql PyPI...

EUVD-2023-12364

Malicious code in bioql PyPI...

EUVD-2022-32969

Malicious code in bioql PyPI...

EUVD-2022-52383

Malicious code in bioql PyPI...

EUVD-2023-58783

Malicious code in bioql PyPI...

EUVD-2022-15620

Malicious code in bioql PyPI...

EUVD-2022-52376

Malicious code in bioql PyPI...

EUVD-2023-35714

Malicious code in bioql PyPI...

EUVD-2024-27300

Malicious code in bioql PyPI...

EUVD-2025-3953

Malicious code in bioql PyPI...

EUVD-2025-2210

Malicious code in bioql PyPI...

EUVD-2025-31598

Malicious code in bioql PyPI...

EUVD-2022-2539

Malicious code in bioql PyPI...

EUVD-2022-48320

Malicious code in bioql PyPI...

EUVD-2024-37138

Malicious code in bioql PyPI...

EUVD-2024-23260

Malicious code in bioql PyPI...

EUVD-2025-1556

Malicious code in bioql PyPI...