CVE-2026-27653

The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges...

The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’

Myanmar’s military has been blowing up parts of the KK Park scam compound. Experts say the actions are likely for show...

EUVD-2016-5044

Malware in sbrugna...

EUVD-2016-2036

Malware in sbrugna...

EUVD-2016-5533

Malware in sbrugna...

EUVD-2020-23112

Malware in sbrugna...

EUVD-2025-18323

Malicious code in bioql PyPI...

EUVD-2023-40477

Malicious code in bioql PyPI...

EUVD-2023-50841

Malicious code in bioql PyPI...

EUVD-2025-8605

Malicious code in bioql PyPI...

EUVD-2023-54494

Malicious code in bioql PyPI...

Malicious code in kk-proxy (npm)

The package kk-proxy was found to contain malicious code...

MAL-2025-24683 Malicious code in kk-proxy (npm)

The package kk-proxy was found to contain malicious code...

CVE-2025-6061

The kk Youtube Video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'kkytv' shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-6061

The WordPress plugin kk Youtube Video (kk-youtube-video) is vulnerable to Stored Cross-Site Scripting via the kkytv shortcode in versions up to 0.2. Exploitation requires contributor+ privileges and can cause arbitrary scripts to execute on pages loaded by users. Public disclosures reference CVE-...

CVE-2025-6061 kk Youtube Video <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The kk Youtube Video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'kkytv' shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress kk Youtube Video plugin <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin kk Youtube Video versions = 0.2...

PT-2025-25478 · WordPress · Kk Youtube Video

Name of the Vulnerable Software and Affected Versions: kk Youtube Video plugin for WordPress versions up to, and including, 0.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'kkytv' shortcode due to insufficient input sanitization and output escaping on...

CVE-2023-46639

Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.5...

CVE-2023-36528

Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.3...