Lucene search
K

6200 matches found

OSV
OSV
added 2026/06/24 11:4 p.m.3 views

MAL-2026-6428 Malicious code in leo-cron (npm)

The leo-cron npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.4 views

MAL-2026-6434 Malicious code in serverless-convention (npm)

The serverless-convention npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.12 views

MAL-2026-6431 Malicious code in leo-streams (npm)

The leo-streams npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.9 views

MAL-2026-6430 Malicious code in leo-sdk (npm)

The leo-sdk npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.6 views

MAL-2026-6435 Malicious code in serverless-leo (npm)

The serverless-leo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.5 views

MAL-2026-6425 Malicious code in leo-connector-mysql (npm)

The leo-connector-mysql npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

5.9AI score
Exploits0References3
CVE
CVE
added 2026/06/24 5:32 p.m.11 views

CVE-2026-48720

CVE-2026-48720 affects Warp, the agentic development environment. From 0.2025.03.05.08.02.stable_00 through 0.2026.05.06.15.42.stable_01 Warp accepts non-inline OSC 1337;File payloads from terminal output and materializes the decoded payload as a local file without an extra confirmation step. Thi...

8.8CVSS5.9AI score0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 5:32 p.m.28 views

CVE-2026-48720 Warp: SSH remote output can lead to local file overwrite and persistence

Warp is an agentic development environment. From 0.2025.03.05.08.02.stable00 until 0.2026.05.06.15.42.stable01, Warp accepts non-inline OSC 1337;File payloads from terminal output and materialize the decoded payload as a local file without an additional confirmation step. This vulnerability is...

8.8CVSS0.00247EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 2:0 p.m.2 views

UBUNTU-CVE-2026-9546

A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result, the previous referrer string was erroneously...

5.8AI score0.00206EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 8:0 a.m.11 views

CURL-CVE-2026-9546 sending old referer

A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result, the previous referrer string was erroneously...

5.9AI score0.00206EPSS
Exploits0
OSV
OSV
added 2026/06/24 8:0 a.m.9 views

CURL-CVE-2026-11564 Native CA trust persist

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

5.9AI score0.00196EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 9:53 p.m.6 views

Malicious code in theme-color-picker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a4ba7e8664b9e1d99c4018963a4731d591653d7f2a9b879ba090e7a7f6e7bd Although the package presents itself as a 'theme color picker', package.json identifies the publisher as analysis-chart.io with repository...

5.9AI score
Exploits0References4
OSV
OSV
added 2026/06/23 9:53 p.m.6 views

MAL-2026-6357 Malicious code in theme-color-picker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a4ba7e8664b9e1d99c4018963a4731d591653d7f2a9b879ba090e7a7f6e7bd Although the package presents itself as a 'theme color picker', package.json identifies the publisher as analysis-chart.io with repository...

5.9AI score
Exploits0References4
Cvelist
Cvelist
added 2026/06/23 8:59 p.m.27 views

CVE-2026-41862

Spring Statemachine's Kryo-based persistence backends JPA, MongoDB, Redis and ZooKeeper deserialise persisted state-machine contexts without enforcing a class allowlist CWE-502, deserialisation of untrusted data, which can lead to remote code execution inside the application JVM. Affected version...

8.8CVSS0.00423EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:59 p.m.7 views

CVE-2026-41862

Spring Statemachine's Kryo-based persistence backends JPA, MongoDB, Redis and ZooKeeper deserialise persisted state-machine contexts without enforcing a class allowlist CWE-502, deserialisation of untrusted data, which can lead to remote code execution inside the application JVM. Affected version...

8.8CVSS6.5AI score0.00423EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 8:59 p.m.27 views

CVE-2026-41862

CVE-2026-41862 affects Spring Statemachine Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) which deserialize persisted StateMachineContext without a class allowlist. This can enable a gadget chain leading to remote code execution inside the application JVM. Affected versions a...

8.8CVSS6.5AI score0.00423EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:38 p.m.20 views

CVE-2026-46552

Summary: CVE-2026-46552 affects NocoDB. Before 2026.04.1, shared-base sessions had base-member capabilities equivalent to authenticated viewers, enabling an attacker with only a shared-base UUID (xc-shared-base-id) to enumerate base members and invite arbitrary emails as real members. Invited use...

5.8CVSS6AI score0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:53 p.m.4 views

CVE-2026-11819

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS6.1AI score0.00128EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 3:38 p.m.7 views

MAL-2026-6336 Malicious code in sync-external (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc297a0deaba794fdbfccc280a79c7cc895f21fc4e0122b1fba1bc4759b66c3f The package ships an obfuscated JavaScript file at shim/index.js using hex-style identifier mangling 0x391f3f, 0x3eff0a, 0x534564, etc. characteristi...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/23 6:19 a.m.7 views

MAL-2026-6276 Malicious code in node-core-libs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d33f74e3f73fd5580ecf994b7db0349ee540754d65d4467b8b04b8c79e3d257b scripts/postinstall.js runs automatically on npm install Windows only and behaves as a classic install-time dropper. It XOR-decodes key 0x5A a...

6.4AI score
Exploits0References3
Rows per page
Query Builder