Lucene search
K

5 matches found

Snyk
Snyk
added 2026/06/06 9:0 p.m.13 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

9.8CVSS5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/06/02 9:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/02/26 2:58 p.m.8 views

CVE-2026-26077 Discourse doesn't ensure webhooks require a token

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints SendGrid, Mailjet, Mandrill, Postmark, SparkPost in the WebhooksController accepted requests without a valid authentication token when no token was configured. This...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/26 2:58 p.m.7 views

EUVD-2026-8854

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints SendGrid, Mailjet, Mandrill, Postmark, SparkPost in the WebhooksController accepted requests without a valid authentication token when no token was configured. This...

6.5CVSS5.3AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/28 12:0 a.m.6 views

Cloud Foundry UAA代码问题漏洞

Cloud Foundry UAA is a U.S. Cloud Foundry Foundation authentication and managed service endpoint for the CloudFoundry cloud platform. A security vulnerability exists in all supported versions of UAA, which stems from the fact that the system does not revoke IDP tokens even if they are deactivated...

4.3CVSS5.1AI score0.00404EPSS
Exploits0References2
Rows per page
Query Builder