nimiq-blockchain: Genesis batch set request

Impact A remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates backwards through macro blocks using Policy::macroblockbefore. When it reaches the genesis block number, macroblockbefore panics...

GHSA-VGHX-352F-93JM nimiq-blockchain: Genesis batch set request

Impact A remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates backwards through macro blocks using Policy::macroblockbefore. When it reaches the genesis block number, macroblockbefore panics...

PT-2026-42644

Impact A remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls get epoch chunks which iterates backwards through macro blocks using Policy::macro block before. When it reaches the genesis block number, macro block before...

PT-2026-42671

Impact A remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls get epoch chunks which iterates backwards through macro blocks using Policy::macro block before. When it reaches the genesis block number, macro block before...

EUVD-2025-209294

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2026-34589 via openexr (>=3.4.11 <=3.4.4)

openexr PYPI version =3.4.11, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-34589 Source advisory: SNYK:PYTHON-OPENEXR-15993179...

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2026-34588 via openexr (>=3.4.11 <=3.4.4)

openexr PYPI version =3.4.11, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-34588 Source advisory: OSV:GHSA-588R-CR5C-W6HF...

CVE-2025-14815 Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and...

Mitsubishi Electric多款产品 安全漏洞

Mitsubishi Electric GENESIS64 and other products are developed by Mitsubishi Electric Corporation of Japan. Mitsubishi Electric GENESIS64 is a SCADA suite. Mitsubishi Electric ICONICS Suite is a monitoring system for digital factories and intelligent buildings. Mitsubishi Electric MobileHMI is a...

genesis

No d...

WordPress Genesis Blocks plugin < 3.1.3 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Genesis Blocks versions 3.1.3...

WordPress Genesis Blocks plugin < 3.1.4 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Genesis Blocks versions 3.1.4...

CVE-2025-11774

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...

exordos-core (>=0.0.7 <=0.0.8), genesis-core (>=0.0.2 <=0.0.6) +3 more potentially affected by CVE-2025-68113 via altcha (=0.2.0)

altcha PYPI version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on altcha and may be impacted: - exordos-core =0.0.7, =0.0.2, =5.11.0, =0.1.0, =0.12.0 - wlhosted =2024.11.0 Source cves: CVE-2025-68113 Source advisory: OSV:GHSA-6GVQ-JCMP-8959...

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +64 more potentially affected by CVE-2025-64181 via openexr (=3.4.11)

openexr PYPI version =3.4.11 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...

Malicious Package

Overview genesis-drop-actions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-49258 Malicious code in genesis-drop-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9edb9a242cd3f939420031dd53e6057ae90e644f3a08fdc50bc1f92d1296832e The package genesis-drop-actions was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-37267

Malicious code in genesis-drop-actions npm...

Malicious code in genesis-drop-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9edb9a242cd3f939420031dd53e6057ae90e644f3a08fdc50bc1f92d1296832e The package genesis-drop-actions was found to contain malicious code. Source: ghsa-malware...

CVE-2025-10737

The Open Source Genesis Framework theme for WordPress is vulnerable to Stored Cross-Site Scripting via the theme's shortcodes in all versions up to, and including, 3.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...