Lucene search
K

3070 matches found

Cvelist
Cvelist
added 2026/04/30 9:45 p.m.32 views

CVE-2026-2311 IBM i is affected by a privilege escalation vulnerability in Web Administration GUI []

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. A malicious actor could cause user-controlled code to run with administrator privilege...

6.4CVSS0.00198EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/30 8:4 a.m.7 views

Malicious code in sdoihgio9sudghsiudbg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61f008a0a874bc97bef2f5d2c59d64b4ae73b7cdb66970e5f82a5abb8186372d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/30 8:4 a.m.5 views

MAL-2026-3197 Malicious code in sdoihgio9sudghsiudbg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61f008a0a874bc97bef2f5d2c59d64b4ae73b7cdb66970e5f82a5abb8186372d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 5:38 a.m.7 views

Malicious code in timenow-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 773fd03a72216bd0bb09449cddd181ae90da5d456b572592cd493bac39f356f4 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/29 5:38 a.m.7 views

MAL-2026-3146 Malicious code in timenow-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 773fd03a72216bd0bb09449cddd181ae90da5d456b572592cd493bac39f356f4 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 5:37 a.m.10 views

Malicious code in timenow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1f3a9539cc4ef3e4b515404ac4b13179d37a09923c8fd90a06f4b751ed397d9c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/29 5:37 a.m.5 views

MAL-2026-3143 Malicious code in timemcp-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2370fd05b77259c6177d02a019d357a9e7773539588345fe4a5582a9582a1aa3 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/29 5:35 a.m.6 views

MAL-2026-3144 Malicious code in timemcp190825790125120985125 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 41257a3bb20b9b5ffdbeb3a610ddf2159902ebadf5550d87ec3024d880398568 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 5:32 a.m.7 views

Malicious code in timemcp-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e125c901115c73a3467acea1300ccc14f718459dbf54ad11a8baf7c39cc03d9 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/28 8:4 p.m.9 views

Malicious code in timemcp-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7811f1fb547708bc27c15d45ca610ab6c0b30189f111b09666b8933bd59ee754 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/28 8:4 p.m.6 views

MAL-2026-3134 Malicious code in timemcp-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7811f1fb547708bc27c15d45ca610ab6c0b30189f111b09666b8933bd59ee754 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
CVE
CVE
added 2026/04/28 2:0 a.m.15 views

CVE-2026-7215

A CVE-2026-7215 exists in egtai gmx-vmd-mcp up to 0.1.0 affecting the VMD Launch Handler’s mcp_server.py; specifically, the function launch_vmd_gui_tool is vulnerable due to manipulation of the structure_file/trajectory_file arguments, enabling command injection. Access may be remote, and publicl...

7.5CVSS7.1AI score0.01338EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/26 4:29 p.m.8 views

Malicious code in robase-gui-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6c53f61007a9e23f2c47112de5225aa8e364f5aeb45c99d22084d6fb08b2179e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

5.7AI score
Exploits0References9
OSV
OSV
added 2026/04/26 4:29 p.m.6 views

MAL-2026-3048 Malicious code in robase-gui-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6c53f61007a9e23f2c47112de5225aa8e364f5aeb45c99d22084d6fb08b2179e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

5.8AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/26 3:49 p.m.7 views

Malicious code in robase-gui (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffbeda05758af4fb3c32de434df674102718336d499124f08b158271e4a08f7e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

5.7AI score
Exploits0References9
OSV
OSV
added 2026/04/26 3:49 p.m.7 views

MAL-2026-3047 Malicious code in robase-gui (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffbeda05758af4fb3c32de434df674102718336d499124f08b158271e4a08f7e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

5.8AI score
Exploits0References9
Fedora
Fedora
added 2026/04/25 1:54 a.m.8 views

[SECURITY] Fedora 44 Update: dtk6gui-6.7.32-4.fc44

Deepin Tool Kit DtkGui is the development graphical user interface of all C++/Qt Developer work on Deepin...

5.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 11:13 p.m.9 views

Malicious code in process-support (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ba15c5dd66c6282ee21f8ee819191d6fbbbf194845ad231ac7d26856d334db70 During import, the package automatically starts code acting as a RAT. It connects with a hardcoded C2 server and waits for commands, supporting e.g. executing...

6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-46979

Name of the Vulnerable Software and Affected Versions 7-Zip versions 9.34 through 26.00 Description An off-by-one heap out-of-bounds read exists in the WIM Windows Imaging archive handler's security descriptor lookup. In the GetSecurity function within CHandler::GetSecurity...

7.1CVSS5.8AI score0.00225EPSS
Exploits1References31
Packet Storm News
Packet Storm News
added 2026/04/20 12:0 a.m.9 views

Temporal UI State Inconsistency in Desktop GUI Agents: Formalizing and Defending against TOCTOU Attacks on Computer-Use Agents

GUI agents that control desktop computers via screenshot-and-click loops introduce a new class of vulnerability: the observation-to-action gap mean 6.51 s on real OSWorld workloads creates a Time-Of-Check, Time-Of-Use TOCTOU window during which an unprivileged attacker can manipulate the UI state...

5.8AI score
Exploits0
Rows per page
Query Builder