MAL-2026-3701 Malicious code in api-request-helpers (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c8e8b70ac4deca30691d583ac6891034222b7458bf5ba9e7b86cf5e6627d8abb During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

Malicious code in solana-wallet-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0fafa4851b72650b6cb905d88ab0e9ac73276e188d44bf1ff2cb010eb6945c59 Code pretends to be a crypto utility but exfiltrates given private key / seed --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: fsnotify: Do not generate ACCESS/MODIFY events for special files in child processes. inotify/fanotify does not allow users who have no read access to a file to subscribe to events e.g., INACCESS/INMODIFY. However, it allows th...

CVE-2026-41060 AVideo's SSRF via same-domain hostname with alternate port bypasses isSSRFSafeURL

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

ACIArena: Toward Unified Evaluation for Agent Cascading Injection

Collaboration and information sharing empower Multi-Agent Systems MAS but also introduce a critical security risk known as Agent Cascading Injection ACI. In such attacks, a compromised agent exploits inter-agent trust to propagate malicious instructions, causing cascading failures across the...

CVE-2026-0397

When the internal webserver is enabled default is disabled, an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard. The root cause of the issue is a misconfiguration o...

MAL-2026-2176 Malicious code in kusto (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0bdb202529b567cdcf3b62e44352186db2cb5defbfbfec0e7646a684838e08d7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2026-4433

Tenable OT contains an SSH misconfiguration that can allow exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could enable an attacker to gather system details and potentially aid host compromise. Affected item is the SSH configuration; the vulnerab...

MAL-2026-2106 Malicious code in dmclc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 895439e6afba407fb85d315e2c99f0d1434905a1ee72b172e62d55abbb8c93a3 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...

Malicious code in requests-ml-min (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 caf988849523549406a61384e2c9f8e01d6edf3ad71e5cba77ca7c3987863f1d During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...

MAL-2026-1240 Malicious code in requests-ml-min (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 caf988849523549406a61384e2c9f8e01d6edf3ad71e5cba77ca7c3987863f1d During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...

CVE-2026-2452

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained a security-relevant bug: It was possible to exfiltrate information...

CVE-2026-2415

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained two security-relevant bugs: It was possible to exfiltrate information...

MAL-2026-505 Malicious code in flask-hookserver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d5afd1538994efa55632d3ed6d7c9fa419fb26c542b641a3efbd7b35501ea58 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

SUSE CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

AZL-74447 CVE-2025-68788 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

UBUNTU-CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

Linux Distros Unpatched Vulnerability : CVE-2025-68788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to even...