PT-2026-39901

Name of the Vulnerable Software and Affected Versions GitHub Copilot CLI versions prior to 1.0.43 Description An issue exists where a malicious bare git repository nested inside a project directory can lead to arbitrary code execution when the agent performs git operations. By exploiting git's...

Comment and Control: Hijacking Agentic Workflows Via Context-Grounded Evolution

Automation platforms such as GitHub Actions and n8n are increasingly adopting so-called agentic workflows, which integrate Large Language Model LLM agents for tasks such as code review and data synchronization. While bringing convenience for developers, this integration exposes a new risk: An...

CVE-2026-36980

creationtimestamp| type| source ---|---|--- 2026-05-10 21:00:04+00:00| seen| https://t.me/GithubRedTeam/83710 2026-05-10 23:00:14+00:00| seen| Telegram/4E6rSRxwI8rbj53U5V5E-Exh2Wmlv2Bw5SwE4GoCs4Wb5U 2026-05-11 03:00:06+00:00| seen| Telegram/mGI2CRHqQCjyvA6ju1XF5IWDLp0GZA5xrkAMw9kytXRmaE...

CVE-2026-45395

creationtimestamp| type| source ---|---|--- 2026-05-10 19:34:01+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-p4fx-23fq-jfg6...

CVE-2026-45387

creationtimestamp| type| source ---|---|--- 2026-05-10 19:31:55+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-h2cw-7qw9-56xr...

CVE-2026-45385

creationtimestamp| type| source ---|---|--- 2026-05-10 19:29:59+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-wwhq-cx22-f7vv...

CVE-2026-45375

creationtimestamp| type| source ---|---|--- 2026-05-10 15:32:12+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-27qc-m5gf-jv5r...

CVE-2026-45373

creationtimestamp| type| source ---|---|--- 2026-05-10 07:52:37+00:00| published-proof-of-concept| https://github.com/Hmbown/DeepSeek-TUI/security/advisories/GHSA-88gh-2526-gfrr...

GHSA-RQV2-M695-F8J4 vulnerabilities

Vulnerabilities for packages: goreleaser...

GHSA-R48C-V28R-PF6V vulnerabilities

Vulnerabilities for packages: goreleaser...

CVE-2024-25624

creationtimestamp| type| source ---|---|--- 2026-05-10 02:48:32+00:00| seen| https://gist.github.com/khoindq/bded28fd1242788522ce29d279b9d883 2026-05-10 03:58:34+00:00| seen| https://gist.github.com/khoindq/f145db4952e1aa3644b83c964afbf97a...

CVE-2026-45350

creationtimestamp| type| source ---|---|--- 2026-05-09 23:30:56+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-4pcg-253r-rf9w...

CVE-2026-45288

creationtimestamp| type| source ---|---|--- 2026-05-09 21:49:07+00:00| published-proof-of-concept| https://github.com/JasperFx/marten/security/advisories/GHSA-vmw2-qwm8-x84c...

CVE-2026-45339

creationtimestamp| type| source ---|---|--- 2026-05-09 19:38:54+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-57q6-fvp4-pqmm...

GHSA-HWG8-9QF4-VR6J vulnerabilities

Vulnerabilities for packages: linux-gcp, linux-qemu, linux-vmware, linux-aws, linux-azure...

GHSA-J45G-66J9-Q94M vulnerabilities

Vulnerabilities for packages: linux-gcp, linux-qemu, linux-aws, linux-vmware, linux-qemu-melange, linux-azure...

GHSA-PMWQ-PJRM-6P5R vulnerabilities

Vulnerabilities for packages: jfrog-cli, image-factory-fips, docker-compose-fips, guac, kyverno-policy-reporter-plugins-kyverno-fips, docker-compose, neuvector-sigstore-interface, kubescape, buildkitd-fips, rekor, tflint-fips, cloudbeat-fips, cg, gitlab-runner-fips, zot, gitsign, trivy-fips,...

OESA-2026-2239 pdfbox security update

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...

CVE-2026-43979

creationtimestamp| type| source ---|---|--- 2026-05-09 11:08:19+00:00| published-proof-of-concept| https://github.com/LearningCircuit/local-deep-research/security/advisories/GHSA-fj2m-qvh9-jq4q...

CVE-2026-45316

creationtimestamp| type| source ---|---|--- 2026-05-09 08:02:53+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-jx2x-j75f-xq3j...