CVE-2026-26003

CVE-2026-26003 affects FastGPT versions 4.14.0–4.14.5, where an unauthenticated attacker can access the plugin system via FastGPT/api/plugin/xxx, potentially crashing the plugin system and causing loss of plugin installation status. The impact on confidentiality/integrity is limited, with availab...

New Advanced Linux VoidLink Malware Targets Cloud and container Environments

Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that's specifically designed for long-term, stealthy access to Linux-based cloud environments According to a new report from Check Point Research, the cloud-native...

EUVD-2019-7057

Malware in sbrugna...

mitmf

This is a Python-based framework for Man-In-The-Middle MITM attacks, called MITMf. It is designed to provide a one-stop-shop for various network attacks and techniques. The framework contains a built-in SMB, HTTP, and DNS server that can be controlled and used by various plugins. It also includes...

MAL-2025-45995 Malicious code in semantic-release-metalsmith-mini-css-extract-plugin-framework (npm)

The package semantic-release-metalsmith-mini-css-extract-plugin-framework was found to contain malicious code...

Malicious code in semantic-release-metalsmith-mini-css-extract-plugin-framework (npm)

The package semantic-release-metalsmith-mini-css-extract-plugin-framework was found to contain malicious code...

[SECURITY] Fedora 42 Update: mingw-gstreamer1-plugins-base-1.26.3-1.fc42

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

CVE-2019-16251

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes...

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Plugin Framework for Java (PF4J)

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Plugin Framework for Java PF4J. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-40828 DESCRIPTION: Plugin Framework for Java PF4J coul...

Fedora: Security Advisory for laf-plugin (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: laf-plugin-1.0-35.fc40

The goal of this project is to provide a generic plugin framework for look-and-feels and define the interface of a common kind of plugins - the component plugins...

care.better.pf4j:pf4j-kotlin-symbol-processing (>=1.0.0-RC1 <=2.3.21-1.0.4), cn.sliew:carp-dist (>=0.0.1 <=0.0.34) +832 more potentially affected by CVE-2023-40828 via org.pf4j:pf4j (>=2.0.0 <=3.9.0)

org.pf4j:pf4j MAVEN version =2.0.0, =1.0.0-RC1, =0.0.1, =0.0.42, =0.0.63, =0.0.64, =0.0.66, =0.0.63, =0.0.49, =0.0.61, =0.0.61, =0.0.13, =0.0.1, =0.0.33, =0.0.33, =0.0.33, =0.0.34 and more Source cves: CVE-2023-40828 Source advisory: OSV:GHSA-CJ8W-V588-P8WX...

UBUNTU-CVE-2023-40827

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter...

Plugin Framework for Java 路径遍历漏洞

Plugin Framework for Java PF4J is a Java plugin framework open source by PF4J. A security vulnerability exists in Plugin Framework for Java v.3.9.0 and earlier versions, which originated from a vulnerability that could allow a remote attacker to obtain sensitive information and execute arbitrary...

Plugin Framework for Java 路径遍历漏洞

Plugin Framework for Java PF4J is a Java plugin framework open source by PF4J. A security vulnerability exists in Plugin Framework for Java v.3.9.0 and earlier versions, which originated from a vulnerability that allows remote attackers to obtain sensitive information and execute arbitrary code v...

Plugin Framework for Java 路径遍历漏洞

Plugin Framework for Java PF4J is a Java plugin framework open source by PF4J. A security vulnerability exists in Plugin Framework for Java v.3.9.0 and earlier versions, which originated from a vulnerability that allows remote attackers to obtain sensitive information and execute arbitrary code v...

Community Plugin Framework 跨站脚本漏洞

Community Plugin Framework is a plugin framework. A security vulnerability exists in Community Plugin Framework, which stems from an unknown function in the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java, where manipulation of the parameter baseUrl can lead to...

CaptfEncoder - An Extensible Cross Platform Network Security Tool Suite

Captfencoder is an extensible cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, special coding, miscellaneous tools, and aggregating all kinds of online tools. CaptfEncoder all functions...

WordPress YIT Plugin Framework Unauthorized Modification Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.YIT Plugin Framework is one of the YIT plugin frameworks used in it. A security vulnerability exists in the...

CVE-2019-16251

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes...