PINA: Prompt Injection Attack against Navigation Agents

Navigation agents powered by large language models LLMs convert natural language instructions into executable plans and actions. Compared to text-based applications, their security is far more critical: a successful prompt injection attack does not just alter outputs but can directly misguide...

CVE-2024-34218

TOTOLINK outdoor CPE CP450 v4.1.0cu.747B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter...

CVE-2023-29236

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Cththemes Outdoor theme = 3.9.6 versions...

ZTE MF258K Pro 安全漏洞

The ZTE MF258K Pro is a 4G outdoor bridge kit from ZTE China. The ZTE MF258K Pro suffers from a configuration flaw vulnerability that stems from improperly set directory permissions, which can be exploited by an attacker to cause a write operation to be performed...

WordPress Outdoor plugin <= 1.3.2 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by John Lee in WordPress Theme Outdoor versions = 1.3.2...

Command Execution Vulnerability in RG-EST350 V2 of Beijing StarNet Ruijie Network Technology Co.

Ruijie EST350-V2 is a wireless outdoor bridge product supporting 802.11ac protocol, which is designed for the business of video transmission or data transmission in the scenarios of tower crane, factory, scenic spot, park, planting base, fishpond aquaculture base, construction site, etc. Ruijie...

MAL-2025-98856 Malicious code in outdoor_wren_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dffd9a4ca631d1e2804e46f6090304b799b0e3f7c7ebf6b91367b3550fb9d68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-71434

Malicious code in outdoorwrenz3n npm...

EUVD-2025-62751

Malicious code in outdoorsailfishz3n npm...

MAL-2025-95802 Malicious code in outdoor_guppy_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6986300174d5f8930d6b9a23f7a57f5321cdd50b2a1a44c16033bb5364be9eb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in outdoor_guppy_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6986300174d5f8930d6b9a23f7a57f5321cdd50b2a1a44c16033bb5364be9eb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-52883

Malicious code in outdoor-coral-flamingo npm...

Malicious code in outdoor-coral-flamingo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 746386bf4b1fe81a823dd6d40dffb40f5a5236eec10249297ad05f8718c00777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-52885

Malicious code in outdoor-amber-smelt npm...

EUVD-2025-52884

Malicious code in outdoor-black-pigeon npm...

MAL-2025-69765 Malicious code in outdoor-black-pigeon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bc717a222e72e3f47f2ea983b530f8b61facc63e782c371c64081182e56f40e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-52882

Malicious code in outdoor-maroon-lemming npm...

EUVD-2025-52886

Malicious code in outdoor-amaranth-galliform npm...

Louvre Jewel Heist

I assume I don't have to explain last week's Louvre jewel heist. I love a good caper, and have like many others eagerly followed the details. An electric ladder to a second-floor window, an angle grinder to get into the room and the display cases, security guards there more to protect patrons tha...

WordPress Outdoor plugin SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Outdoor plugin suffers from a SQL injection vulnerability that stems from a lack of validation of the edit parameter. An attacker can exploit this vulnerability to...