MAL-2026-5799 Malicious code in boardflow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9d5c1524281430272215f48a90b957cf08f76dcb9954cb73945421dff358eb2 package.json declares preinstall: node install.js, which fires automatically on npm install. install.js is heavily obfuscated obfuscator.io...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iowqremovepending function in iowq. This function does not check whether the predecessor has...

MAL-2026-4533 Malicious code in codebuff-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdf777f03e4dc44a9956401136a42f099638025ef7d2197dec630525ad26727d The package name codebuff-cli impersonates the legitimate codebuff npm package; the README is copy-pasted from the official CodebuffAI project it eve...

EUVD-2026-24031

OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction DoS...

CVE-2026-39396

OpenBao is vulnerable to a DoS via a decompression bomb in its OCI plugin extraction. Before version 2.5.3, ExtractPluginFromImage() streams decompressed tar data with no upper bound, using io.Copy without size checks. If an attacker controls the OCI registry, they can serve a crafted image that ...

CVE-2026-39396

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, ExtractPluginFromImage in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via io.Copy with no upper bound on the number of bytes written. ...

PT-2026-33882

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.3 Description The OCI plugin downloader contains an issue in the ExtractPluginFromImage function where plugin binaries are extracted from container images by streaming decompressed tar data via io.Copy without a...

Pickle deserialization RCE via pd.read_pickle() bypasses CVE-2024-24590 fix

Summary The fix for CVE-2024-24590 only hardened the type == "pickle" deserialization branch in Artifact.get. A parallel code path for type == "pandas" with contenttype == "application/pickle" calls pd.readpickle without any integrity or safety check. An attacker who uploads a malicious pickle...

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the handling of LFS object uploads. An attacker can overwrite existing LFS objects across different repositories by uploading objects with the same identifier, potentially leading to...

HSEC-2023-0011 git-annex GPG decryption attack via compromised remote

git-annex GPG decryption attack via compromised remote A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's GPG key. This attack could be used to expose encrypted data that was never stored in git-annex. Daniel Dent discovered this...

The vulnerability in the `front/index.php` script of the NetAlert X network alert infrastructure allows a intruder to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability in the front/index.php script of the NetAlert X network alerting infrastructure is related to incorrect password comparison based on hashes. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected information...

Exploit for CVE-2025-45467

CVE-2025-45467: Insecure Firmware Verification in Unitree Go1...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access...

TCPDF 安全漏洞

TCPDF is an open source library from Tecnick. It is used to generate PDF documents and barcodes. TCPDF version before 6.8.0 has a security vulnerability , the vulnerability stems from unserializeTCPDFtag use "! =" and does not use the constant-time function to compare TCPDF tag hashes...

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

PT-2023-11866 · WordPress · Wordable

Name of the Vulnerable Software and Affected Versions: Wordable plugin for WordPress versions up to, and including, 3.1.1 Description: The issue is related to authentication bypass due to the use of a user-supplied hashing algorithm passed to the hash hmac function and a loose comparison on the...

Insufficient Hash Check

openmeetings is vulnerable to Insufficient Hash Checks. The vulnerability exists due to the improper validation, which allows an attacker to access arbitrary recordings or rooms...

Improper Authentication

org.apache.openmeetings:openmeetings-web is vulnerable to Improper Authentication. An authenticated attacker that has gained access to certain private information is able to use this to impersonate another user because permissions can be incorrectly set during an invitation hash check...

kernel: netfilter: conntrack: fix using __this_cpu_add in preemptible

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using thiscpuadd in preemptible Currently in nfconntrackhashcheckinsert, when it fails in nfctextvalidpre/post, NFCTSTATINC will be called in the preemptible context, a call trace can be triggered: BUG:...

CVE-2020-10539

An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort function that, upon user login, checks the submitted password against the user password's MD5 hash stored in the database. It is also compared to a second MD5 hash, which is the same for every user aka a...