132 matches found
EUVD-2020-19485
Malware in sbrugna...
EUVD-2021-16073
Malware in sbrugna...
EUVD-2021-0816
Malware in sbrugna...
EUVD-2019-6313
Malware in sbrugna...
EUVD-2016-0007
Malware in sbrugna...
EUVD-2021-10017
Malware in sbrugna...
EUVD-2007-5254
Malware in sbrugna...
EUVD-2007-5253
Malware in sbrugna...
EUVD-2023-1043
Malicious code in bioql PyPI...
EUVD-2022-7411
Malicious code in bioql PyPI...
EUVD-2025-31619
Malicious code in bioql PyPI...
EUVD-2023-56908
Malicious code in bioql PyPI...
EUVD-2025-14755
Malicious code in bioql PyPI...
CVE-2025-59956 AgentAPI exposed user chat history via a DNS rebinding attack
AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Versions 0.3.3 and below are susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the /messages endpoint served by the Agent API. This allows for th...
DNS Rebinding
Overview Affected versions of this package are vulnerable to DNS Rebinding when hosted over plain HTTP on localhost. An attacker can access sensitive user data and chat history via the /messages endpoint that may include secret keys, file system contents, and intellectual property by enticing the...
PT-2025-24560 · Caido · Caido
Name of the Vulnerable Software and Affected Versions: Caido versions prior to 0.48.0 Description: Caido is a web security auditing toolkit that lacks protection for DNS rebinding, allowing it to be loaded on an attacker-controlled domain. This enables a malicious website to hijack the...
CVE-2023-26492
Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery SSRF when importing a file from a remote web server POST to /files/import. An attacker can bypass the security controls by performing a DNS rebinding attack and...
CVE-2022-23032
In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Support EoTS are not...
CVE-2020-11003
Oasis before version 2.15.0 has a potential DNS rebinding or CSRF vulnerability. If you're running a vulnerable application on your computer and an attacker can trick you into visiting a malicious website, they could use DNS rebinding and CSRF attacks to read/write to vulnerable applications. Thi...
CVE-2018-1002103
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernetes Deployment...