29580 matches found
CVE-2026-24910
In Bun before 1.3.5, the default trusted dependencies list aka trust allow list can be spoofed by a non-npm package in the case of a matching name for file, link, git, or github...
CVE-2026-24910
In Bun before 1.3.5, the default trusted dependencies list aka trust allow list can be spoofed by a non-npm package in the case of a matching name for file, link, git, or github...
CVE-2026-24910
In Bun before 1.3.5, the default trusted dependencies list aka trust allow list can be spoofed by a non-npm package in the case of a matching name for file, link, git, or github...
EUVD-2026-4859
In Bun before 1.3.5, the default trusted dependencies list aka trust allow list can be spoofed by a non-npm package in the case of a matching name for file, link, git, or github...
CVE-2026-24480
QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...
CVE-2026-24480
CVE-2026-24480 affects QGIS’ GitHub Actions workflow named “pre-commit checks.” Before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, the workflow used pull_request_target and checked out/executed untrusted PR code in a privileged context, allowing potential remote code execution and repository...
CVE-2026-24480 QGIS had validated RCE and Repository Takeover via GitHub Actions
QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...
CVE-2026-24480 QGIS had validated RCE and Repository Takeover via GitHub Actions
QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...
CVE-2026-24480 QGIS had validated RCE and Repository Takeover via GitHub Actions
QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...
PT-2026-5032
Name of the Vulnerable Software and Affected Versions Bun versions prior to 1.3.5 Description The default trusted dependencies list in Bun can be manipulated by a non-npm package if the package name matches an existing trusted dependency. This affects dependencies installed via file, link, or...
Exploit for CVE-2023-1234
Poc Hunter A vulnerability/proof of concept PoC search tool...
GHSA-46H3-79WF-XR6C
creationtimestamp| type| source ---|---|--- 2026-01-24 22:43:57+00:00| seen| https://gist.github.com/alon710/7ee39f6ec122b47c7e999fe10f8862fd...
GHSA-FPF5-W967-RR2M
creationtimestamp| type| source ---|---|--- 2026-01-24 22:43:42+00:00| seen| https://gist.github.com/alon710/1a1e3e884ddf0092d23d25d89f05f39b...
GHSA-55R9-5MX9-QQ7R
creationtimestamp| type| source ---|---|--- 2026-01-24 22:43:12+00:00| seen| https://gist.github.com/alon710/54c1ca0ee276425cc5a62776a9963d6b...
GHSA-53VF-C43H-J2X9
creationtimestamp| type| source ---|---|--- 2026-01-24 22:43:02+00:00| seen| https://gist.github.com/alon710/551e19221453d3e1c7b86196d2bc895f...
GHSA-G2J6-57V7-GM8C
creationtimestamp| type| source ---|---|--- 2026-01-24 21:32:18+00:00| seen| https://gist.github.com/alon710/eb849aea819b3774b631ff82f7f2e529...
GHSA-HQF9-8XV5-X8XW
creationtimestamp| type| source ---|---|--- 2026-01-24 21:31:08+00:00| seen| https://gist.github.com/alon710/97491250cd95bc835ebfe51fcfbf1308 2026-01-24 21:31:09+00:00| seen| https://gist.github.com/alon710/6ece0e6f8b35b33d759e8493148369c9 2026-01-24 22:43:01+00:00| seen|...
GHSA-HJR9-WJ7V-7HV8
creationtimestamp| type| source ---|---|--- 2026-01-24 21:30:43+00:00| seen| https://gist.github.com/alon710/08e9fba6aa798716d634e3b78b79aa7f 2026-01-24 21:30:44+00:00| seen| https://gist.github.com/alon710/442846c1654b53e08cd06e03a0540301 2026-01-24 22:42:45+00:00| seen|...
GHSA-RVJX-CFJH-5MC9
creationtimestamp| type| source ---|---|--- 2026-01-24 21:26:47+00:00| seen| https://gist.github.com/alon710/da6bb8e577db094a3a416473defeda29 2026-01-24 22:42:09+00:00| seen| https://gist.github.com/alon710/fa2d5a72e5733840c9c3958327680581...
GHSA-2GQC-6J2Q-83QP
creationtimestamp| type| source ---|---|--- 2026-01-24 21:24:37+00:00| seen| https://gist.github.com/alon710/c5951996d1cad3ddfdf0314481d66b05 2026-01-24 22:32:37+00:00| seen| https://gist.github.com/alon710/122a4775211986e69d62ce1028832f7e 2026-01-24 22:32:40+00:00| seen|...