UAT-8837 targets critical infrastructure sectors in North America

Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat APT actor based on overlaps in tactics, techniques, and procedures TTPs with those of other known China-nexus threat actors. Based on UAT-8837's TTPs and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002370)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002370 advisory. Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or...

EUVD-2026-2684

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

CVE-2022-50937 Ametys CMS v4.4.1 - Cross Site Scripting (XSS)

Ametys CMS v4.4.1 contains a persistent cross-site scripting vulnerability in the link directory's input fields for external links. Attackers can inject malicious script code in link text and descriptions to execute persistent attacks that compromise user sessions and manipulate application modul...

CVE-2022-50937 Ametys CMS v4.4.1 - Cross Site Scripting (XSS)

Ametys CMS v4.4.1 contains a persistent cross-site scripting vulnerability in the link directory's input fields for external links. Attackers can inject malicious script code in link text and descriptions to execute persistent attacks that compromise user sessions and manipulate application modul...

Important: Red Hat Security Advisory: VolSync v0.14 security fixes and container updates

VolSync v0.14 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

MAL-2026-244 Malicious code in helium-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 643f63c743fd06fb24cb2d488e001ce0efab3f0d82014801ea2eebad96041692 The package helium-module was found to contain malicious code. Source: ghsa-malware d34558c0d1e56c0103ad087e485e142f3918050a1b0bdc15fc7e7b46c1a2ae1f...

PT-2026-2413

Name of the Vulnerable Software and Affected Versions Ametys CMS version 4.4.1 Description Ametys CMS version 4.4.1 has a persistent cross-site scripting issue in the link directory’s input fields for external links. An attacker can inject malicious script code into the link text and descriptions...

KryptoPilot: An Open-World Knowledge-Augmented LLM Agent for Automated Cryptographic Exploitation

Capture-the-Flag CTF competitions play a central role in modern cybersecurity as a platform for training practitioners and evaluating offensive and defensive techniques derived from real-world vulnerabilities. Despite recent advances in large language models LLMs, existing LLM-based agents remain...

Malicious code in simple-string-utils3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13d9f9db863d718f528caa234dfa722b2631eb76195f504f47670898aeb0634a The package simple-string-utils3 was found to contain malicious code. Source: ghsa-malware...

Malicious code in llamaindex-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1049a24d3b448f16e3c35acfe33ee0f28346e3a3e4908d0a033e58b0758bf4ef The package llamaindex-js was found to contain malicious code. Source: ghsa-malware 7f3515bafa1614c3bea7c792295bd9574fdf82e263b87963b347e4f082d0dc3f...

MAL-2026-210 Malicious code in @workleap-ai/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2800f2cfba8ac6e7a16ef977484e4da4d360c859848daedb5220c7d3595653e1 The package @workleap-ai/shared was found to contain malicious code. Source: ghsa-malware...

CVE-2023-50810

In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability exists in the U-Boot component of the firmware that allow persistent arbitrary code execution with Linux kernel privileges. A failure to correctly handle the return value of the setenv command can be used...

CVE-2018-18631

mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 before 8.7.11 Patch 7, and 8.8 before 8.8.10 Patch 2 has Persistent XSS...

CVE-2018-4339

This issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier...

CVE-2022-23051

PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an 'Attack Tree' by modifying the 'svgfile' parameter...

CVE-2022-23045

PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. The "Site title" setting is injected in several locations which triggers the XSS...

CVE-2022-35251

A cross-site scripting vulnerability exists in Rocket.chat...

CVE-2017-18563

The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...

CVE-2019-18834

Persistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCSAdminPostTypes in class-wcs-admin-post-types.php...