SUSE-SU-2026:2380-1 Security update for hplip

This update for hplip fixes the following issues Update to HPLIP 3.26.4: Security issues: - CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation bsc1266031. - CVE-2026-8631: escalation of privileges and/or...

Astra Linux – Vulnerability in Tiff

A vulnerability was discovered in the libtiff library. This flaw causes a heap buffer overflow issue due to the TIFFTAGINKNAMES and TIFFTAGNUMBEROFINKS values...

CVE-2026-2627

A security flaw has been discovered in Softland FBackup up to 9.9. This impacts an unknown function in the library C:\Program Files\Common Files\microsoft shared\ink\HID.dll of the component Backup/Restore. The manipulation results in link following. The attack needs to be approached locally. The...

CVE-2025-62123

Cross-Site Request Forgery CSRF vulnerability in inkthemes WP Gmail SMTP wp-gmail-smtp allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through = 1.0.7...

CVE-2025-62123

Cross-Site Request Forgery CSRF vulnerability in inkthemes WP Gmail SMTP wp-gmail-smtp allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through = 1.0.7...

CVE-2025-62123 WordPress WP Gmail SMTP plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ink themes WP Gmail SMTP allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through 1.0.7...

PT-2025-54396

Cross-Site Request Forgery CSRF vulnerability in Ink themes WP Gmail SMTP allows Cross Site Request Forgery.This issue affects WP Gmail SMTP: from n/a through 1.0.7...

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. Check Point Research is tracking the cluster under the name Ink Dragon. It's also referenced by t...

EUVD-2021-21608

Malware in sbrugna...

EUVD-2014-7632

Malware in sbrugna...

EUVD-2024-43527

Malicious code in bioql PyPI...

EUVD-2023-1743

Malicious code in bioql PyPI...

MAL-2025-3258 Malicious code in ink-web-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7d7d7be1f1ae1e0b29b9c5187d8041c62c44f247b62c7a071b67a0e821fbac8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-23530

Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Lockdown custom-post-type-lockdown allows Privilege Escalation.This issue affects Custom Post Type Lockdown: from n/a through = 1.11...

CVE-2024-56204

Cross-Site Request Forgery CSRF vulnerability in yonisink Sinking Dropdowns sinking-dropdowns allows Privilege Escalation.This issue affects Sinking Dropdowns: from n/a through = 1.25...

CVE-2024-49669

Unrestricted Upload of File with Dangerous Type vulnerability in Alexander De Ridder INK Official ink-official allows Upload a Web Shell to a Web Server.This issue affects INK Official: from n/a through = 4.1.2...

CVE-2024-49669

CVE-2024-49669 concerns the WordPress INK Official plugin. The Initial Description identifies an Unrestricted Upload of File with Dangerous Type allowing an attacker to upload a Web Shell to the web server, affecting INK Official versions from n/a through 4.1.2. Connected sources corroborate the ...

CVE-2024-49669 WordPress INK Official plugin <= 4.1.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Alexander De Ridder INK Official ink-official allows Upload a Web Shell to a Web Server.This issue affects INK Official: from n/a through = 4.1.2...

CVE-2024-49669 WordPress INK Official plugin <= 4.1.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Alexander De Ridder INK Official ink-official allows Upload a Web Shell to a Web Server.This issue affects INK Official: from n/a through = 4.1.2...

WordPress plugin INK Official 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...