85 matches found
API Security Based on Automatic OpenAPI Mapping
This paper presents Map Reduce Graph MRG, a novel unsupervised method for modeling and securing HTTP REST APIs. MRG learns API structure from real-world traffic without prior knowledge or labels, automatically generating OpenAPI-compliant documentation by reconstructing routes, methods, and...
MAL-2026-2747 Malicious code in cloud-run-microservice-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4c636a68869426b4befc9af7d044d9643686691165d52263cee9b1075b437f4 The package cloud-run-microservice-template was found to contain malicious code...
Malicious code in cloud-run-microservice-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4c636a68869426b4befc9af7d044d9643686691165d52263cee9b1075b437f4 The package cloud-run-microservice-template was found to contain malicious code...
PT-2026-32512
Apache SkyWalking CVE-2025-54057: Stored XSS https://t.co/U4ZzTJS7iT CVE-2026-34476: SSRF via SW-URL Header in MCP Server https://t.co/zPXOQv1Xff CVE-2026-34884: SSRF via set skywalking url Tool and GraphQL Expression Injection in MCP Server https://t.co/5H4PWKYENG...
SpringBlade - Information Leakage
SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a SpringCloud distributed microservice architecture and a SpringBoot monolithic microservice architecture. The SpringBlade framework has a default SIGNKEY, which can be exploited by...
tom-microservice (=3.2.28) potentially affected by CVE-2025-62380 via mailgen (=2.0.20)
mailgen NPM version =2.0.20 is affected by a known vulnerability. The following packages have a transitive dependency on mailgen and may be impacted: - tom-microservice =3.2.28 Source cves: CVE-2025-62380 Source advisory: SNYK:JS-MAILGEN-13559301...
tom-microservice (=3.2.28) potentially affected by CVE-2025-62366 via mailgen (=2.0.20)
mailgen NPM version =2.0.20 is affected by a known vulnerability. The following packages have a transitive dependency on mailgen and may be impacted: - tom-microservice =3.2.28 Source cves: CVE-2025-62366 Source advisory: SNYK:JS-MAILGEN-13552209...
EUVD-2019-2968
Malware in sbrugna...
EUVD-2022-1817
Malicious code in bioql PyPI...
EUVD-2022-33890
Malicious code in bioql PyPI...
EUVD-2025-30256
Malicious code in bioql PyPI...
tom-microservice (=3.2.28) potentially affected by CVE-2025-59526 via mailgen (=2.0.20)
mailgen NPM version =2.0.20 is affected by a known vulnerability. The following packages have a transitive dependency on mailgen and may be impacted: - tom-microservice =3.2.28 Source cves: CVE-2025-59526 Source advisory: SNYK:JS-MAILGEN-13004540...
tom-microservice (=3.2.28) potentially affected by CVE-2025-59526 via mailgen (=2.0.20)
mailgen NPM version =2.0.20 is affected by a known vulnerability. The following packages have a transitive dependency on mailgen and may be impacted: - tom-microservice =3.2.28 Source cves: CVE-2025-59526 Source advisory: OSV:GHSA-J2XJ-H7W5-R7VP...
CVE-2025-34199
Vasion Print Virtual Appliance Host (pre-22.0.1049) and Vasion Print Application (pre-20.0.2786) expose insecure TLS usage due to disabling verification. Specifically, the code disables CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER and uses environment variables (e.g., API_*_VERIFYSSL=false) ...
PT-2025-38598
Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1049 Vasion Print formerly PrinterLogic Application versions prior to 20.0.2786 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and...
MAL-2025-21287 Malicious code in generator-ikom-microservice (npm)
The package generator-ikom-microservice was found to contain malicious code...
MAL-2025-21267 Malicious code in generator-accelerate-node-microservice (npm)
The package generator-accelerate-node-microservice was found to contain malicious code...
Malicious code in generator-accelerate-node-microservice (npm)
The package generator-accelerate-node-microservice was found to contain malicious code...
Malicious code in generator-ikom-microservice (npm)
The package generator-ikom-microservice was found to contain malicious code...
Network Hexagons under Attack: Secure Crowdsourcing of Geo-Referenced Data
A critical requirement for modern-day Intelligent Transportation Systems ITS is the ability to collect geo-referenced data from connected vehicles and mobile devices in a safe, secure and anonymous way. The Nexagon protocol, which builds on the IETF Locator/ID Separation Protocol LISP and the...