MAL-2026-3043 Malicious code in rosolver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0904af239ce7e030d9cde78de066412fb3942a4b12ea8be5c5d45681417230fc During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

CVE-2026-43901

creationtimestamp| type| source ---|---|--- 2026-04-25 13:59:39+00:00| published-proof-of-concept| https://github.com/bx33661/Wireshark-MCP/security/advisories/GHSA-3r68-x3xc-rxpg...

GHSA-28JG-CGG7-J4WC vulnerabilities

Vulnerabilities for packages: debezium-connector-ibmi, apache-nifi, debezium-connector-informix, debezium, debezium-connector-spanner...

CVE-2026-43877

creationtimestamp| type| source ---|---|--- 2026-04-25 01:06:24+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-jw8g-5j46-44rp...

GHSA-PMWG-CVHR-8VH7

creationtimestamp| type| source ---|---|--- 2026-04-24 22:53:42+00:00| seen| Telegram/Vx6nINpqXkyN9lWmYzg7wzzb7SobZ66OCYhgiINimz-nM3E 2026-05-05 05:40:29+00:00| seen| https://gist.github.com/alon710/1fe74fd0f0234822bdcb48ade706690f...

Gemini CLI: Remote Code Execution via workspace trust and tool allowlisting bypasses

Summary Gemini CLI @google/gemini-cli and the run-gemini-cli GitHub Action are being updated to harden workspace trust and tool allowlisting, in particular when used in untrusted environments like GitHub Actions. This update introduces a breaking change to how non-interactive headless environment...

GHSA-6CHQ-WFR3-2HJ9

creationtimestamp| type| source ---|---|--- 2026-04-24 19:23:26+00:00| seen| Telegram/FGivxNz61ghqDj4ER4orUo942MC3d41x9N89ngSi7socZnE...

CVE-2026-41414

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

EUVD-2026-25596

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

CVE-2026-41414

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

CVE-2026-41414 Skim: Arbitrary code execution via pull_request_target fork checkout in pr.yml

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

CVE-2026-41414

CVE-2026-41414 affects Skim. The vulnerability allows arbitrary code execution via the generate-files workflow in .github/workflows/pr.yml, where the workflow checks out code from an attacker-controlled fork and runs it with access to SKIM_RS_BOT_PRIVATE_KEY and GITHUB_TOKEN (contents:write). No ...

CVE-2026-41414

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

coordinated-disclosure

coordinated-disclosure A Claude Code skill + plugin marketpla...

CVE-2026-42856

creationtimestamp| type| source ---|---|--- 2026-04-24 14:05:57+00:00| published-proof-of-concept| https://github.com/Jovancoding/Network-AI/security/advisories/GHSA-fj4g-2p96-q6m3...

GHSA-WG36-WVJ6-R67P vulnerabilities

Vulnerabilities for packages: composer...

SecScan

SecScan Local-LLM-powered security scanner for GitHub repos...

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code VS Code tunnels for remote access. Zscaler ThreatLabz, which...

GHSA-RP42-5VXX-QPWR

creationtimestamp| type| source ---|---|--- 2026-04-24 05:19:04+00:00| seen| Telegram/cyG2ZGhRnNebdsiXH3f8wG9rKkH4KFMg55z2RECZJhW1k7c...

GHSA-CVQ5-HHX3-F99P

creationtimestamp| type| source ---|---|--- 2026-04-24 05:18:58+00:00| seen| Telegram/kIuLSWSF-lSSH53f04z2OEjKv8ykvXtTNiYc9dOAOt4c...