Lucene search
+L

1135920 matches found

Microsoft Secure
Microsoft Secure
added 1 hour ago1 views

Microsoft at Black Hat USA 2026: Defending trust in the age of AI and supply chain attacks

In this article 1. Weston on the future of defense 2. Our latest intelligence and response on npm supply chain attacks 3. Follow the research in the Black Hat Briefings 4. Go deeper in Microsoft sessions 5. Visit booth 2144 for research, community, and hands-on defense 6. Plan your week with...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 3 hours ago3 views

Malicious code in govpkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 736ef874636ee77d0a5007dea41ad6329e0d5523bfeb5254930985f451a6f6f6 When using the provided functionality, the package silently downloads a malicious executable and ensures its persistence disguised as a system service. The...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago4 views

Malicious code in easyway2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b70fe150bb8d389d4b3f437dff96763448359cafed12db8139236f3d40b88565 The OpenSSF Package Analysis project identified 'easyway2' @ 1.0.3 npm as malicious. It is considered malicious because: - The package...

5.3AI score
Exploits0
OSV
OSV
added 4 hours ago2 views

MAL-2026-10769 Malicious code in easyway2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b70fe150bb8d389d4b3f437dff96763448359cafed12db8139236f3d40b88565 The OpenSSF Package Analysis project identified 'easyway2' @ 1.0.3 npm as malicious. It is considered malicious because: - The package...

5.3AI score
Exploits0
OSV
OSV
added 5 hours ago2 views

RLSA-2026:40895 Important: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update

The general-purpose data-binding functionality and tree-model for Jackson Data Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. Security Fixes: jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution...

8.1CVSS6.3AI score0.00695EPSS
Exploits1References3
Rockylinux
Rockylinux
added 5 hours ago3 views

jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update

An update is available for jackson-modules-base, jackson-databind, jackson-jaxrs-providers, jackson-annotations, jackson-core. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS6.3AI score0.00695EPSS
Exploits1
OSV
OSV
added 5 hours ago3 views

ROOT-OS-DEBIAN-11-CVE-2026-27171 CVE-2026-27171 in rootio-zlib - Patched by Root

Root has patched CVE-2026-27171 in the rootio-zlib package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS5AI score0.00204EPSS
Exploits1
OSV
OSV
added 5 hours ago2 views

ROOT-OS-DEBIAN-11-CVE-2023-45853 CVE-2023-45853 in rootio-zlib - Patched by Root

Root has patched CVE-2023-45853 in the rootio-zlib package for Root:Debian:11. Multiple fixed versions available...

9.8CVSS5.4AI score0.03179EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in trongridev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2db83ccb7d07bdacd1bdf7c32fbaa2a7fb40d7bd599e315f25265ca4bb9d3c03 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

5.3AI score
Exploits0References2
OSV
OSV
added 5 hours ago2 views

MAL-2026-10768 Malicious code in trongridev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2db83ccb7d07bdacd1bdf7c32fbaa2a7fb40d7bd599e315f25265ca4bb9d3c03 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

5.3AI score
Exploits0References2
OSV
OSV
added 5 hours ago12 views

ROOT-APP-PYPI-CVE-2026-32274 CVE-2026-32274 in rootio-black - Patched by Root

Root has patched CVE-2026-32274 in the rootio-black package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.8AI score0.00572EPSS
Exploits0
OSV
OSV
added 5 hours ago3 views

ROOT-APP-PYPI-CVE-2024-21503 CVE-2024-21503 in rootio-black - Patched by Root

Root has patched CVE-2024-21503 in the rootio-black package for Root:PyPI. Multiple fixed versions available...

5.3CVSS6.3AI score0.00971EPSS
Exploits0
OSV
OSV
added 6 hours ago4 views

ROOT-APP-NPM-CVE-2026-9595 CVE-2026-9595 in @rootio/webpack-dev-server - Patched by Root

Root has patched CVE-2026-9595 in the @rootio/webpack-dev-server package for Root:npm. Multiple fixed versions available...

5.3CVSS5.2AI score0.00163EPSS
Exploits0
OSV
OSV
added 6 hours ago8 views

ROOT-APP-NPM-CVE-2025-30359 CVE-2025-30359 in @rootio/webpack-dev-server - Patched by Root

Root has patched CVE-2025-30359 in the @rootio/webpack-dev-server package for Root:npm. Multiple fixed versions available...

5.9CVSS5.8AI score0.00427EPSS
Exploits1
OSV
OSV
added 6 hours ago6 views

ROOT-APP-NPM-CVE-2025-30360 CVE-2025-30360 in @rootio/webpack-dev-server - Patched by Root

Root has patched CVE-2025-30360 in the @rootio/webpack-dev-server package for Root:npm. Multiple fixed versions available...

6.5CVSS5.8AI score0.00289EPSS
Exploits1
OSV
OSV
added 6 hours ago10 views

ROOT-APP-NPM-CVE-2026-6402 CVE-2026-6402 in @rootio/webpack-dev-server - Patched by Root

Root has patched CVE-2026-6402 in the @rootio/webpack-dev-server package for Root:npm. Multiple fixed versions available...

6.5CVSS5.3AI score0.00216EPSS
Exploits0
OSV
OSV
added 6 hours ago3 views

ROOT-APP-MAVEN-CVE-2021-47621 CVE-2021-47621 in io.root.io.github.classgraph:classgraph - Patched by Root

Root has patched CVE-2021-47621 in the io.root.io.github.classgraph:classgraph package for Root:Maven. Multiple fixed versions available...

7.5CVSS6.8AI score0.00556EPSS
Exploits0
OSV
OSV
added 6 hours ago8 views

ROOT-APP-NPM-CVE-2026-41907 CVE-2026-41907 in @rootio/uuid - Patched by Root

Root has patched CVE-2026-41907 in the @rootio/uuid package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00337EPSS
Exploits1
OSV
OSV
added 7 hours ago3 views

ROOT-APP-MAVEN-CVE-2023-6481 CVE-2023-6481 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2023-6481 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

7.1CVSS7AI score0.00682EPSS
Exploits0
OSV
OSV
added 7 hours ago13 views

ROOT-APP-MAVEN-CVE-2025-11226 CVE-2025-11226 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2025-11226 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

6.4CVSS5.2AI score0.00181EPSS
Exploits0
Rows per page
Query Builder