Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.9 views

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

6.5CVSS5.5AI score0.00281EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24754

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

6.5CVSS5.8AI score0.00281EPSS
Exploits0References5
NVD
NVD
added 2026/04/22 2:16 p.m.4 views

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

6.5CVSS0.00281EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/22 12:0 a.m.29 views

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

0.00281EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/22 12:0 a.m.3 views

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

5.8AI score0.00281EPSS
Exploits0References4
CVE
CVE
added 2026/04/22 12:0 a.m.8 views

CVE-2026-31192

The vulnerability CVE-2026-31192 affects Raindrop.io Bookmark Manager Web App version 5.6.76.0. The root cause is insufficient validation of Chrome extension identifiers, leading to potential exposure of sensitive user data via a crafted request. Documents confirm the affected component and the u...

6.5CVSS5.8AI score0.00281EPSS
Exploits0References4Affected Software1
Openbugbounty
Openbugbounty
added 2022/03/20 5:53 a.m.13 views

raindroptraining.com Cross Site Scripting vulnerability OBB-2437365

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
The Hacker News
The Hacker News
added 2021/05/28 11:24 a.m.79 views

SolarWinds Hackers Target Think Tanks With New 'NativeZone' Backdoor

Microsoft on Thursday disclosed that the threat actor behind the SolarWinds supply chain hack returned to the threat landscape to target government agencies, think tanks, consultants, and non-governmental organizations located across 24 countries, including the U.S. Some of the entities that were...

6.1CVSS0.2AI score0.07082EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/03/05 9:20 a.m.61 views

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a "sophisticated second-stage backdoor," as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/05 9:20 a.m.6 views

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a "sophisticated second-stage backdoor," as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat...

6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/02/16 5:0 a.m.14 views

SolarWinds Hack and the Case of DNS Security

It's not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it's the reason I didn't have a smoother transition back into work-life following a long vacation. As I understand it, the breaches happened after...

3.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/03 12:10 p.m.37 views

More SolarWinds News

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot, was deployed in September 2019, at the time hackers breached SolarWinds...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/21 11:59 a.m.47 views

Here's How SolarWinds Hackers Stayed Undetected for Long Enough

Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures TTPs adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/21 11:59 a.m.5 views

Here's How SolarWinds Hackers Stayed Undetected for Long Enough

Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures TTPs adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated...

6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/01/20 5:30 p.m.206 views

Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop

More than a month into the discovery of Solorigate, investigations continue to unearth new details that prove it is one of the most sophisticated and protracted intrusion attacks of the decade. Our continued analysis of threat data shows that the attackers behind Solorigate are skilled campaign...

0.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/01/20 5:30 p.m.309 views

Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop

More than a month into the discovery of Solorigate, investigations continue to unearth new details that prove it is one of the most sophisticated and protracted intrusion attacks of the decade. Our continued analysis of threat data shows that the attackers behind Solorigate are skilled campaign...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/01/19 4:40 p.m.50 views

SolarWinds Malware Arsenal Widens with Raindrop

An additional piece of malware, dubbed Raindrop, has been unmasked in the sprawling SolarWinds supply-chain attacks. It was used in targeted attacks after the effort’s initial mass Sunburst compromise, researchers said. The SolarWinds espionage attack, which has affected several U.S. government...

0.1AI score
Exploits0References19
The Hacker News
The Hacker News
added 2021/01/19 3:4 p.m.37 views

Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack

Cybersecurity researchers have unearthed a fourth new malware strain—designed to spread the malware onto other computers in victims' networks—which was deployed as part of the SolarWinds supply chain attack disclosed late last year. Dubbed "Raindrop" by Broadcom-owned Symantec, the malware joins...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/19 3:4 p.m.4 views

Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack

Cybersecurity researchers have unearthed a fourth new malware strain—designed to spread the malware onto other computers in victims' networks—which was deployed as part of the SolarWinds supply chain attack disclosed late last year. Dubbed "Raindrop" by Broadcom-owned Symantec, the malware joins...

5.9AI score
Exploits0
Rows per page
Query Builder