EUVD-2026-17883

A reflected cross-site scripting XSS vulnerability in the dashboard search functionality of the VertiGIS FM solution allows attackers to craft a malicious URL, that if visited by an authenticated victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered...

CVE-2026-22768

creationtimestamp| type| source ---|---|--- 2026-04-01 15:26:09+00:00| seen| Telegram/LPiyqtmOsuMBSJ4TiscGzigzJ0idlnzzivv75bN9d93RTXE 2026-04-01 15:38:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migzkafryn27 2026-04-01 16:10:13+00:00| seen|...

CVE-2026-29014

creationtimestamp| type| source ---|---|--- 2026-04-01 15:26:09+00:00| seen| Telegram/LPiyqtmOsuMBSJ4TiscGzigzJ0idlnzzivv75bN9d93RTXE 2026-04-01 15:28:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migyydiyl327 2026-04-01 16:29:53+00:00| seen|...

CVE-2026-22767

creationtimestamp| type| source ---|---|--- 2026-04-01 15:23:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migypf3ceh2n 2026-04-01 15:25:59+00:00| seen| Telegram/4u6pNJfi3nLv5HBYbkAVRO5hA7CasKnKFj2guWNAP2iZfQ 2026-04-01 16:09:03+00:00| seen|...

CVE-2026-30526

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The application reflects the content of the msg parameter back to the user without proper HTML encoding or...

CVE-2026-28805

creationtimestamp| type| source ---|---|--- 2026-04-01 15:13:27+00:00| published-proof-of-concept| https://github.com/devcode-it/openstamanager/security/advisories/GHSA-3gw8-3mg3-jmpc 2026-04-02 15:21:07+00:00| published-proof-of-concept| Telegram/613aY007LGHyW6rIrja4BsrlzuBvUbPzSCrjge10VR5WoE...

CVE-2026-2948

creationtimestamp| type| source ---|---|--- 2026-04-01 15:03:43+00:00| seen| https://bsky.app/profile/eta.kyte.wtf/post/3migxlxa2ls2g 2026-05-05 06:21:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml3kbmoild2o...

CVE-2026-30332

creationtimestamp| type| source ---|---|--- 2026-04-01 15:00:14+00:00| published-proof-of-concept| Telegram/Qn5Ivb0hYRRFbz3smbJhwPSq3L1UkRwhbZcM0sFXYUsHw 2026-04-01 21:00:05+00:00| published-proof-of-concept| Telegram/j2onnxQ1Fqx2dtpkdZpGp58tMloA5XzqGptfLdZNpVfehhw 2026-04-02 18:49:58+00:00| seen...

CVE-2026-3877

A reflected cross-site scripting XSS vulnerability in the dashboard search functionality of the VertiGIS FM solution allows attackers to craft a malicious URL, that if visited by an authenticated victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered...

CVE-2026-22767

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

CVE-2026-3877 Reflected Cross-Site Scripting in Dashboard Search

A reflected cross-site scripting XSS vulnerability in the dashboard search functionality of the VertiGIS FM solution allows attackers to craft a malicious URL, that if visited by an authenticated victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered...

CVE-2026-3877 Reflected Cross-Site Scripting in Dashboard Search

A reflected cross-site scripting XSS vulnerability in the dashboard search functionality of the VertiGIS FM solution allows attackers to craft a malicious URL, that if visited by an authenticated victim, will execute arbitrary JavaScript in the victim's context. Such a URL could be delivered...

CVE-2026-22767

Dell AppSync 4.6.0 is affected by a UNIX symbolic link (symlink) following vulnerability. A low-privileged local attacker could potentially exploit this to tamper information. Root cause details are not explicitly provided beyond the symlink following descriptor in the sources. Remediation/patch/...

CVE-2026-22767

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

CVE-2026-22767

Dell AppSync, versions 4.6.0, contains an UNIX Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

CVE-2026-23406

creationtimestamp| type| source ---|---|--- 2026-04-01 11:46:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migmm4p6aq23 2026-04-02 17:36:35+00:00| seen| Telegram/iLkahKLtHBTXrPbdzPdcuEMJtP6ph5Cfo4EzqcCLMOd2c4 2026-04-07 18:00:00+00:00| seen|...

CVE-2026-34889

creationtimestamp| type| source ---|---|--- 2026-04-01 11:38:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migm5etyi42i...

CVE-2024-53828

creationtimestamp| type| source ---|---|--- 2026-04-01 11:35:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miglxgwxgj2d...

CVE-2026-5261

creationtimestamp| type| source ---|---|--- 2026-04-01 11:16:06+00:00| published-proof-of-concept| Telegram/or2m3WCYby8bXskMQzpfDu1qBTJahou7yZRDnRXRdJQw8o 2026-04-01 11:54:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migmysow6x24...

Malicious Package

Overview base58-engine is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...