Malicious code in lynx-keeper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc28f02ae68bf5a1a57af8662180d7a8a040e6f32ad87abde9acdae508070189 On require, dist/index.js executes a hex-obfuscated harvester that reads /.aws/credentials, /.aws/config, /.ssh/idrsa, /.ssh/ided25519, /.ssh/config,...

Security update for cockpit

This update for cockpit fixes the following issues CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. CVE-2026-4802: remote command execution via unsanitized...

SUSE-SU-2026:2019-1 Security update for cockpit

This update for cockpit fixes the following issues - CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. - CVE-2026-4802: remote command execution via unsanitized...

Astra Linux - уязвимость в libssh

A flaw was discovered in the libssh API function sshscpnew, in versions prior to 0.9.3 and prior to 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a path provided by the user, is executed on the server side. If the library is used in a way that allows user...

MAL-2026-4654 Malicious code in qazaq-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31fa15731b4c683297d550bb3157dff08f2bfa3db01c14952cd35c7c61407d0a The package's default AI provider hardcodes the destination opengateway.gitlawb.com/v1/chat/completions with header api-key: 'not-needed'...

Amazon Linux 2023 : rclone (ALAS2023-2026-1658)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1658 advisory. Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can muta...

GHSA-2Q4C-3MRW-63C3 Kopia: RCE via SSH ProxyCommand Injection

Summary Kopia's HTTP server, when started with --without-password , accepts unauthenticated requests to /api/v1/repo/exists. The handler forwards an attacker-supplied storage configuration to blob.NewStorage. For SFTP backends with externalSSH: true, that path constructs a process command line by...

OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username

A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...

CVE-2026-36827

A command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helper /usr/sbin/pappiw and passes user-controlled parameters to it. The helper performs unsafe argument processing using eval, which allows command injection...

EUVD-2026-30939

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user...

MLflow: Improper Origin Validation in MLflow Assistant /ajax-api Endpoints Enables Browser-Mediated Local Command Execution

In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...

EUVD-2026-30853

In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...

Security update for cockpit

This update for cockpit fixes the following issues CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. CVE-2026-4802: remote command execution via unsanitized...

SUSE-SU-2026:2005-1 Security update for cockpit

This update for cockpit fixes the following issues - CVE-2026-0775: npm: loading of modules from an unsecured location can be used for local privilege escalation and arbitrary code execution in the context of a target user bsc1256521. - CVE-2026-4802: remote command execution via unsanitized...

zenshin 安全漏洞

Zenshin is an animation list management and media streaming tool developed by Hitarth. Versions of Zenshin prior to 2.7.0 contained security vulnerabilities. These vulnerabilities stemmed from OS command injection in the /stream-to-vlc Express route, which could allow remote attackers to execute...

PT-2026-41946

Name of the Vulnerable Software and Affected Versions hitarth-gg Zenshin versions prior to 2.7.0 Description An OS command injection flaw exists in the '/stream-to-vlc' Express route. This allows remote attackers to execute arbitrary commands on the host operating system by manipulating the url...

CVE-2026-37281

An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter...

MAL-2026-3829 Malicious code in pyenvprep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

Exploit for Server-Side Request Forgery in Apache Axis

Axis1.4 CVE-2019-0227 Remote Command Execution Vulnerability E...

CVE-2026-8634

Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward local secrets such as API tokens, cloud credentials, and broker tokens into the remote command environment. Attackers can exploit...