aiq-platform-api (>=1.0.17 <=1.0.50), ajpack (>=1.0.13 <=1.29.0) +80 more potentially affected by CVE-2026-44722 via pyzipper (>=0.3.5 <=0.3.6)

pyzipper PYPI version =0.3.5, =1.0.17, =1.0.13, =0.2.0, =0.2.6, =1.0.2, =0.1.5, =0.7.0, =0.2.5, =2.3.1, =2.83.0, =1.0.0, =1.0.0, =2.2.0 and more Source cves: CVE-2026-44722 Source advisory: OSV:GHSA-CRQM-M339-7M2P...

CVE-2026-7112

A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function checkauth of the file gateway/platforms/apiserver.py of the component APISERVERKEY Handler. The manipulation leads to improper authentication. The attack can be initiated remotely. Th...

PT-2025-52673

Name of the Vulnerable Software and Affected Versions GT Edge AI Platform versions prior to 2.0.10-dev Description An access control issue exists in the /api/v1/conversations//messages API of GT Edge AI Platform. This allows unauthorized access to message history with AI agents belonging to other...

Malicious code in platform-api-test-framework (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11420 Malicious code in platform-api-test-framework (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in melio-platform-api-client (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb4e0efafa3bf0645819f2aa88cfdc7778f938470c0984afc5e1f1504df982aa The OpenSSF Package Analysis project identified 'melio-platform-api-client' @ 5.0.0 rubygems as malicious. It is considered malicious because: -...

Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege

Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID formerly Azure Active Directory application by taking advantage of an abandoned reply URL. "An attacker could leverage this abandoned URL to redirect authorization codes to themselves,...

Logitech: Sensitive information disclosure to shared access user via streamlabs platform api

Summary: Hi there, Hope you are doing well and stay safe. Streamlab allows us to invite other users to manage our dashboard and cloudbot functions via following setting which named "Shared Access". https://streamlabs.com/dashboard/settings/shared-access If we invite other users with Moderator rol...

[SECURITY] Fedora 15 Update: apache-commons-daemon-1.0.7-1.fc15

The scope of this package is to define an API in line with the current Java Platform APIs to support an alternative invocation mechanism which could be used instead of the public static void mainString method. This specification covers the behavior and life cycle of what we define as Java daemons...

[SECURITY] Fedora 16 Update: apache-commons-daemon-1.0.7-1.fc16

The scope of this package is to define an API in line with the current Java Platform APIs to support an alternative invocation mechanism which could be used instead of the public static void mainString method. This specification covers the behavior and life cycle of what we define as Java daemons...