Lucene search
K

599661 matches found

CVE
CVE
added 10 hours ago14 views

CVE-2026-59674

CVE-2026-59674 affects openSUSE Tumbleweed surfacing a local privilege escalation in suricata packaging due to a symlink follow vulnerability in the post-install script. Connected details indicate the issue involves the libsuricata8 package (version 8.0.5-2.1 and earlier) and is fixed in 8.0.5-2....

8.5CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 10 hours ago9 views

CVE-2026-59674 LPE from suricata user to root due to chown in %post in suricata packaging

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1...

8.5CVSS
Exploits0References1
EUVD
EUVD
added 10 hours ago3 views

EUVD-2026-43633

A UNIX Symbolic Link Symlink Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1...

8.5CVSS6.1AI score
Exploits0References1
Nuclei
Nuclei
added 11 hours ago12 views

Jan v0.4.12 'readFileSync' - Path Traversal

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface. id: CVE-2024-36857 info: name: Jan v0.4.12 'readFileSync' - Path Traversal author: Yusuf Amr severity: high description: | Jan v0.4.12 was discovered to contain an arbitrary file rea...

7.5CVSS6.2AI score0.02054EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 12 hours ago5 views

Malicious code in akshajrawat.utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 105157af41712b64f8b36ec1cb01e28958e4ad828a0c08d0979a1f6e22d1f13d The package's package.json declares a postinstall lifecycle hook that runs automatically on npm install: node -e...

6.1AI score
Exploits0References2
OSV
OSV
added 12 hours ago3 views

MAL-2026-10558 Malicious code in akshajrawat.utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 105157af41712b64f8b36ec1cb01e28958e4ad828a0c08d0979a1f6e22d1f13d The package's package.json declares a postinstall lifecycle hook that runs automatically on npm install: node -e...

6.1AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 12 hours ago6 views

Important: Red Hat Security Advisory: kernel-rt update

Please update Please update...

8.8CVSS6.7AI score0.00176EPSS
Exploits15References9
OSSF Malicious Packages
OSSF Malicious Packages
added 12 hours ago4 views

Malicious code in eth-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f051957ac6f91e8567df873978b45c0c81a170f94decbd735d329f312ff1bb On require, index.js schedules a 37-second delayed routine that reads test/fixtures/keypairs.dat, base64-decodes it into /.cache-db/.node-sync/syncd....

6.1AI score
Exploits0References4
OSV
OSV
added 13 hours ago3 views

MAL-2026-10556 Malicious code in @cw-ui/asio-neon-themes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd2366d31cefc8f66861e0e65c782a88c46dc9232d11d463a9fa2869c73dcaa On npm install, postinstall.js reads os.hostname and embeds it as a query parameter in a plain-HTTP GET to a bare IPv4 address...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 13 hours ago4 views

Malicious code in @cw-ui/micro-ui-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b558c8d90850ea9817e236b445ba2bc1020a35a81a099a5e1575ef705b00bd39 On npm install, postinstall.js reads the installer's hostname via os.hostname and sends it as a query parameter to a hardcoded bare-IP HTTP endpoint:...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 13 hours ago6 views

Malicious code in micro-ui-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be44655a47177f3740201ddb9dc66db080b9f665354c78bcebeb9a2da3b11b7f On npm install, the package's postinstall script postinstall.js reads os.hostname and sends it as a query parameter in a plain-HTTP GET to a hardcode...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 13 hours ago19 views

Malicious code in @cw-ui/asio-neon-themes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd2366d31cefc8f66861e0e65c782a88c46dc9232d11d463a9fa2869c73dcaa On npm install, postinstall.js reads os.hostname and embeds it as a query parameter in a plain-HTTP GET to a bare IPv4 address...

6.2AI score
Exploits0References2
OSV
OSV
added 13 hours ago3 views

MAL-2026-10557 Malicious code in @cw-ui/micro-ui-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b558c8d90850ea9817e236b445ba2bc1020a35a81a099a5e1575ef705b00bd39 On npm install, postinstall.js reads the installer's hostname via os.hostname and sends it as a query parameter to a hardcoded bare-IP HTTP endpoint:...

6.1AI score
Exploits0References2
OSV
OSV
added 13 hours ago4 views

MAL-2026-10564 Malicious code in micro-ui-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be44655a47177f3740201ddb9dc66db080b9f665354c78bcebeb9a2da3b11b7f On npm install, the package's postinstall script postinstall.js reads os.hostname and sends it as a query parameter in a plain-HTTP GET to a hardcode...

6.1AI score
Exploits0References3
OSV
OSV
added 14 hours ago2 views

MAL-2026-10548 Malicious code in @amedit/vercel-builder-probe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe0b29ddff65cbd65167ea905c448d928fc6da661d69df415993635bf1bd3bc When wired in as a @vercel/build-utils Builder and the exported build runs in a Vercel deployment pipeline, index.js reads the installer's...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 14 hours ago4 views

Malicious code in @amedit/vercel-builder-probe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe0b29ddff65cbd65167ea905c448d928fc6da661d69df415993635bf1bd3bc When wired in as a @vercel/build-utils Builder and the exported build runs in a Vercel deployment pipeline, index.js reads the installer's...

6.1AI score
Exploits0References3
OSV
OSV
added 15 hours ago3 views

MAL-2026-10522 Malicious code in flick-test-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67f05e70375ac31032fb4fc3abf302d1c1122bf01504f810aa74d9fe59066d36 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 15 hours ago3 views

MAL-2026-10521 Malicious code in @flcik/flick.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d31c087b34f156cf2b5ae7070222a57e2d760d68f9c4c73721c2800eb7b6bf62 @flcik/[email protected] replicates the discord.js public API surface FlickClient, GatewayIntentBits, SlashCommandBuilder, ButtonStyle, MessageFlags, th...

6.1AI score
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 15 hours ago8 views

Malicious code in flick-test-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67f05e70375ac31032fb4fc3abf302d1c1122bf01504f810aa74d9fe59066d36 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 15 hours ago7 views

Malicious code in @flcik/flick.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d31c087b34f156cf2b5ae7070222a57e2d760d68f9c4c73721c2800eb7b6bf62 @flcik/[email protected] replicates the discord.js public API surface FlickClient, GatewayIntentBits, SlashCommandBuilder, ButtonStyle, MessageFlags, th...

6.1AI score
Exploits0References10
Rows per page
Query Builder