Lucene search
+L

10 matches found

attackerkb
attackerkb
added 2026/07/06 7:41 p.m.5 views

CVE-2026-14898

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

6.1AI score0.00221EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.9 views

PT-2026-55971

Name of the Vulnerable Software and Affected Versions OpenAI Codex for macOS affected versions not specified Description The desktop application renders remote images from Markdown within model responses. An attacker can use indirect prompt injection—a technique where malicious instructions are...

6.5CVSS6AI score0.00221EPSS
Exploits0References3
github
github
added 2026/06/08 6:21 p.m.22 views

actual Allows Electron to Run As Node

Summary A electron run as node vulnerability was identified in actual macOS application, version 25.x Electron 39.2.7. Vulnerability Type: Electron Run As Node Description ELECTRONRUNASNODE fuse enabled Electron 39.2.7 — app can be converted to Node.js REPL for arbitrary code execution Impact An...

4.8CVSS6AI score0.00126EPSS
Exploits0References4Affected Software1
thn
thn
added 2026/04/13 6:50 a.m.9 views

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised. "Out of an abundance of caution, we are taking steps to protect the process that certifies our macO...

9.4CVSS6.2AI score0.60368EPSS
Exploits2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-48734

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00284EPSS
Exploits0References1
packetstorm
packetstorm
added 2025/07/24 12:0 a.m.189 views

📄 Computer Mouse: Remote Control 1.1.6 Remote Code Execution

Computer Mouse: Remote Control version 1.1.6 for macOS is vulnerable to unauthenticated remote code execution via TCP port 9999. An attacker on the same network can inject simulated keyboard input, allowing arbitrary command execution without user interaction or authentication. Exploit Title:...

8.6AI score
Exploits0
packetstorm
packetstorm
added 2025/05/26 12:0 a.m.193 views

📄 Remote for Mac 2025.6 Remote Code Execution

Remote for Mac version 2025.6 suffers from an unauthenticated remote code execution vulnerability. Exploit Title: Remote for Mac 2025.6 - Unauthenticated RCE Date: 2025-05-26 Exploit Author: Chokri Hammedi Vendor Homepage: https://cherpake.com/ Software Link: https://cherpake.com/latest.php?os=ma...

8.6AI score
Exploits0
ptsecurity
ptsecurity
added 2024/07/05 12:0 a.m.4 views

PT-2024-28930 · Openai · Openai Chatgpt

Name of the Vulnerable Software and Affected Versions: OpenAI ChatGPT app versions prior to 2024-07-05 for macOS Description: The issue concerns the OpenAI ChatGPT app for macOS, which opts out of the sandbox and stores conversations in cleartext in a location accessible to other apps. This could...

2.3CVSS7AI score0.00141EPSS
Exploits0References7
cve
cve
added 2023/05/16 12:0 a.m.45 views

CVE-2023-25394

CVE-2023-25394 affects the Videostream macOS app (versions 0.4.3–0.5.0). The root cause is a race condition in the Updater privileged script that runs every 5 hours, during which a low-privileged attacker could influence the update process and replace update files. CERT/CC corroborates a root-pri...

7CVSS6.6AI score0.00347EPSS
Exploits1References3Affected Software1
carbonblack
carbonblack
added 2019/01/09 3:1 p.m.44 views

TAU Threat Intelligence Notification: LamePyre (OSX)

Summary MalwareBytes researcher Adam Thomas recently discovered a malicious MacOS application masquerading as the chat app Discord that they have named “LamePyre." Although it is made to look like a typical application installer, it does not attempt to appear legitimate by running a decoy install...

0.6AI score
Exploits0
Rows per page
Query Builder