@keep-network/tbtc-v2 revealing P2PKH deposit with a wrapped P2SH script

Overview P2PKH has 20 bytes just like P2SH. We protect against revealing P2PKH deposits by manually assembling the expected P2SH script in the smart contract and comparing hashes. However, we missed the case when the attacker embeds a valid P2SH inside of P2PKH as an output script. bitcoin-spv...

Malicious Package

Overview chai-as-pause is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-1013 Malicious code in chai-as-pause (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6bc450b711e5bfeca160d6a4836ce78f7da759812438fbf0701cf8c2f95e38d The package chai-as-pause was found to contain malicious code. Source: ghsa-malware 58583a4b9f33e23b3cafb853c51539fbe79e149a4d6e5cdfafa98713d32e64cd...

Malicious code in chai-as-pause (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6bc450b711e5bfeca160d6a4836ce78f7da759812438fbf0701cf8c2f95e38d The package chai-as-pause was found to contain malicious code. Source: ghsa-malware 58583a4b9f33e23b3cafb853c51539fbe79e149a4d6e5cdfafa98713d32e64cd...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect setting of the pause state for the calctarget component. This vulnerability may cau...

CVE-2025-71104

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expiration is in the past...

CVE-2025-71104 KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expiration is in the past...

CVE-2025-52435

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange...

CVE-2025-52435

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange...

CVE-2025-52435 Apache Mynewt NimBLE: Invalid error handling in pause encryption procedure in NimBLE controller

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange...

CVE-2025-52435

CVE-2025-52435 affects Apache NimBLE (Mynewt NimBLE) up to version 1.8.0. The issue is caused by improper handling of the Pause Encryption procedure on the Link Layer, which can leave a previously encrypted connection in an unencrypted state and allow an eavesdropper to observe the remainder of t...

EUVD-2026-1854

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange...

CVE-2025-52435 Apache Mynewt NimBLE: Invalid error handling in pause encryption procedure in NimBLE controller

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange...

Apache NimBLE 安全漏洞

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. A security vulnerability exists in Apache NimBLE versions 1.8.0 and earlier, whi...

PT-2026-1813

Name of the Vulnerable Software and Affected Versions Apache NimBLE versions through 1.8.0 Description A configuration issue exists where data transmission occurs without encryption. Specifically, improper handling of the Pause Encryption procedure on the Link Layer can result in a previously...

SUSE CVE-2025-67819

An issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer logic, an attacker who can call the GetFile method while a shard is in the "Pause file activity" state and the FileReplicationService is reachable can read arbitrary files...

SUSE CVE-2023-54023

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:465 ------------ cut here ------------...

CVE-2023-54023

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:465 ------------ cut here ------------...

CVE-2023-54023

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:465 ------------ cut here ------------...

UBUNTU-CVE-2023-54023

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:465 ------------ cut here ------------...