CVE-2026-10591

Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions that cause writes to execution-sensitive paths such as .vscode/tasks.json, enabling auto-executio...

Closing the Security Gap in the Age of Agentic Coding

AI agents are writing more and more code. Ensure it's secure. Learn how Wiz Code plugins and the Green Agent bring machine-speed remediation to your AI-IDE...

CVE-2026-30309

CVE-2026-30309 affects InfCode’s terminal auto-execution module. The predefined blocklist fails to cover native high-risk commands in Windows PowerShell (e.g., powershell), and the matching algorithm lacks dynamic semantic parsing, failing to recognize string concatenation, variable assignment, o...

CVE-2025-8386 AVEVA Application Server IDE Basic Cross-site Scripting

The vulnerability, if exploited, could allow an authenticated miscreant with privilege of "aaConfigTools" to tamper with App Objects' help files and persist a cross-site scripting XSS injection that when executed by a victim user, can result in horizontal or vertical escalation of privileges. The...

CVE-2025-8386

CVE-2025-8386 relates to AVEVA Application Server IDE: an authenticated user with the privileges of “aaConfigTools” can tamper App Objects’ help files to inject persistent cross-site scripting (XSS). This is described as exploitable only during config-time operations in the IDE component; run-tim...

[SECURITY] Fedora 42 Update: qt-creator-16.0.2-3.fc42

Qt Creator is a cross-platform IDE integrated development environment tailored to the needs of Qt developers...

EUVD-2005-3068

Malware in sbrugna...

[SECURITY] Fedora 42 Update: qt-creator-16.0.1-2.fc42

Qt Creator is a cross-platform IDE integrated development environment tailored to the needs of Qt developers...

Unspecified Vulnerability in JetBrains Rider

JetBrains Rider is a cross-platform .NET integrated development environment IDE from the Czech company JetBrains. A security vulnerability exists in JetBrains Rider that stems from a custom archive unpacker allowing arbitrary file overwrites during a remote debugging session, which can be exploit...

Unspecified vulnerability in JetBrains rubymine

JetBrains rubymine is an integrated development environment IDE for Ruby development, providing code editing, debugging, and more. JetBrains rubymine suffers from a security vulnerability that originates from a remote interpreter overriding the port that listens to all interfaces. An attacker can...

Microchip MPLAB 安全漏洞

Microchip MPLAB Net is an integrated development environment from Microchip Corporation. A security vulnerability exists in Microchip MPLAB that stems from the presence of a data validation issue...

[SECURITY] Fedora 40 Update: rstudio-2023.12.1+402-2.fc40

RStudio is an integrated development environment IDE for R. It includes a console, syntax-highlighting editor that supports direct code execution, as well as tools for plotting, history, debugging and workspace management. This package provides common files for rstudio-desktop and rstudio-server...

Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2023-100311)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion cross-site scripting vulnerability, the vulnerability stems from the lack of effective...

Adobe ColdFusion Input Validation Error Vulnerability (CNVD-2023-91796)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has an input validation error vulnerability that can be exploited by an attacker to...

Adobe ColdFusion Improper Access Control Vulnerability (CNVD-2023-100305)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a security vulnerability that can be exploited by attackers to bypass security...

Adobe ColdFusion Path Traversal Vulnerability (CNVD-2023-100303)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. A path traversal vulnerability exists in Adobe ColdFusion. The vulnerability arises from a failure of a...

Adobe ColdFusion buffer overflow vulnerability

Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. Adobe ColdFusion is vulnerable to buffer overflow, which can be exploited by attackers to execute arbitrary code in the context of the current user...

Adobe ColdFusion XML External Entity Injection Vulnerability

Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. The platform includes an integrated development environment and scripting language.Adobe ColdFusion has an XML external entity injection...

JetBrains IntelliJ IDEA Code Injection Vulnerability

JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Jetbrains, a Czech company.A code injection vulnerability exists in versions of JetBrains IntelliJ IDEA prior to 2022.1, which stems from the execution of native code via a link in Quick...

Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23933)

Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...