CVE-2026-26009

Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating system as root via bash -c, with no sandboxing or containerization. Any user with template.create or...

CVE-2026-26009 Catalyst Affected by Remote Code Execution as Root via Containerized Install Script Execution

Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating system as root via bash -c, with no sandboxing or containerization. Any user with template.create or...

CVE-2026-26009 Catalyst Affected by Remote Code Execution as Root via Containerized Install Script Execution

Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating system as root via bash -c, with no sandboxing or containerization. Any user with template.create or...

CVE-2026-26009

CVE-2026-26009 affects the Catalyst platform used for enterprise game server hosting, game communities, and billing panel integrations. The issue arises because install scripts defined in server templates run on the host OS via bash -c without sandboxing or containerization. Any user with templat...

PT-2026-7439

Name of the Vulnerable Software and Affected Versions Catalyst versions prior to 11980aaf3f46315b02777f325ba02c56b110165d Description The platform allows users with template.create or template.update permissions to define arbitrary shell commands within server templates. These commands are execut...

Strengthening supply chain security: Preparing for the next malware campaign

The open source ecosystem continues to face organized, adaptive supply chain threats that spread through compromised credentials and malicious package lifecycle scripts. The most recent example is the multi-wave Shai-Hulud campaign. While individual incidents differ in their mechanics and speed,...

CVE-2025-13014

Use-after-free in the Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5...

CVE-2011-10035 Nagios XI < 2011R1.9 Race Conditions in Crontab Install Scripts LPE

Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Due to time-of-check/time-of-use race conditions and missing synchronization or final-path validation, a local low-privileged user could manipulate...

CVE-2011-10035

Nagios XI before 2011R1.9 is affected by privilege-escalation race conditions in the crontab install/update scripts. A local, low-privilege user could manipulate filesystem state during crontab installation to execute commands with elevated privileges. The issue arises from time-of-check/time-of-...

MAL-2025-48690 Malicious code in hyatt-avatar (npm)

Package collects system info and sends to untrusted server, plus suspicious install scripts indicate malicious behavior. The package communicates with a domain associated with malicious activity...

MAL-2025-48689 Malicious code in hyatt-album (npm)

Malicious package does system info exfiltration, arbitrary code execution via install scripts, and a suspicious version number. The package communicates with a domain associated with malicious activity...

MAL-2025-48691 Malicious code in hyatt-residential-roster (npm)

Package is malware. Collects and exfiltrates sensitive data to an external server. Suspicious install scripts execute the same script multiple times. The package communicates with a domain associated with malicious activity...

EUVD-2019-0774

Malware in sbrugna...

EUVD-2010-1001

Malware in sbrugna...

EUVD-2019-0805

Malware in sbrugna...

EUVD-2022-3868

Malicious code in bioql PyPI...

EUVD-2025-8824

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-16775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of...

Malicious code in pre-and-postinstall-scripts-example (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4994e0104f427d4e6ac062c0ec26e609127db5c43b703a286194e39d36ae9e9 Any computer that has this package installed or running should be considered...

Embedded Malicious Package

Overview @xene/core is a malicious package. through the preinstall and postinstall scripts. A potentially compromised account operating in Toptal's GitHub organization exposed an AWS token, leading to the account being taken over. This allowed the attackers to expose private repositories, delete...