4 matches found
MAL-2026-6095 Malicious code in oem-agentic-shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f612eb2fa947323c936a0bb1becc602f0f837f9023edac22a945470566386a8c [email protected] is a hollow stub: index.js exports an empty object and package.json has empty author, empty description, and no real...
CVE-2026-1992
The ExactMetrics – Google Analytics Dashboard for WordPress plugin is vulnerable to Insecure Direct Object Reference in versions 8.6.0 through 9.0.2. This is due to the storesettings method in the ExactMetricsOnboarding class accepting a user-supplied triggeredby parameter that is used instead of...
PT-2026-1125
Name of the Vulnerable Software and Affected Versions Bagisto versions prior to 2.3.10 Description Bagisto, an open source Laravel eCommerce platform, has an issue where API routes remain active even after the initial installation is complete. The API endpoints /install/api/ are directly accessib...
Mozilla Firefox and Firefox ESR Security Bypass Vulnerability
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A security vulnerability exists in the add-on installation feature of Mozilla Firefox versions...