58378 matches found
CVE-2025-54322
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used...
EUVD-2025-205471
Malicious code in extrazip PyPI...
MAL-2025-192948 Malicious code in extrazip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
EUVD-2025-205472
Malicious code in crypo PyPI...
Malicious code in crypo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3a0850548e71807fb514fcd1943f55f7c3bd6408086ff7a495d7df628a083db9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
EUVD-2025-205473
Malicious code in crpto PyPI...
MAL-2025-192946 Malicious code in crpto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8d63e95f77927edecca2696ce60ea5c069170b051adc651f425a42b2f27f384c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
EUVD-2025-205470
Malicious code in flaask PyPI...
Exploit for CVE-2025-68664
--- 📑 Table of Contents - 🎯 Executive Summary-executive...
Xspeeder SXZOS 安全漏洞
Xspeeder SXZOS is an embedded network device firmware from China-based Xspeeder. A security vulnerability exists in Xspeeder SXZOS versions 2025-12-26 and earlier, which stems from the presence of base64-encoded Python code in the chkid parameter in vLogin.py, which could lead to remote code...
PT-2025-53622
Name of the Vulnerable Software and Affected Versions XSpeeder SXZOS through 2025-12-26 Description XSpeeder SXZOS through 2025-12-26 contains a critical flaw allowing unauthenticated attackers to achieve root remote code execution. The issue stems from the unsafe evaluation of base64-decoded inp...
CVE-2025-54322
XSpeeder SXZOS firmware (CVE-2025-54322) is affected. The vulnerability resides in the Django-based web interface where unsafe use of Python eval() on base64-decoded input from the chkid parameter (along with title and oIP) enables unauthenticated remote code execution with root privileges. Affec...
CVE-2025-54322
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used...
CVE-2025-54322
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used...
CVE-2025-68668
n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands...
CVE-2025-68668 n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node
n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands...
CVE-2025-68668
CVE-2025-68668 affects n8n 1.x (1.0.0 up to
CVE-2025-68668 n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node
n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands...
EUVD-2025-205457
Malicious code in telebot-bot PyPI...
EUVD-2025-205458
Malicious code in telegrem PyPI...