CVE-2026-44467

The CVE describes a vulnerability in Claude Desktop (SSH remote development feature) where, from versions 1.2581.0 up to before 1.4304.0, host key verification was bypassed: the system only checked that a hostname existed in ~/.ssh/known_hosts, not that the presented host key matched the stored k...

CVE-2026-0610

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12...

CVE-2026-0610

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12...

CVE-2026-0610

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12...

CVE-2026-0610

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12...

EUVD-2026-3221

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12...

CVE-2026-0610

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12...

CVE-2026-0610

CVE-2026-0610 is a SQL Injection vulnerability in the remote-sessions component of Devolutions Server. Affected versions are 2025.3.1 through 2025.3.12. The issue is caused by unsafely constructed SQL queries in the remote-sessions functionality, enabling an attacker to potentially read or modify...

CVE-2026-0610

SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12...

Devolutions Server security vulnerabilities

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.12 contained a security vulnerability due to SQL injection vulnerabilities...

PT-2026-3441

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.1 through 2025.3.12 Description A SQL Injection issue exists in the remote-sessions component of Devolutions Server. This allows for potential unauthorized access or modification of data. The issue is located...

EUVD-2017-2260

Malware in sbrugna...

EUVD-2024-22968

Malicious code in bioql PyPI...

EUVD-2025-1721

Malicious code in bioql PyPI...

EUVD-2025-1720

Malicious code in bioql PyPI...

Arbitrary File Upload

Mattermost is vulnerable to Arbitrary File Upload. The vulnerability is due to insufficient validation of upload types because remote cluster upload sessions allow system admins to upload non-attachment file types, potentially enabling placement of files in arbitrary filesystem directories...

CVE-2025-49222

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2, 10.10.x = 10.10.0 fail to validate upload types in remote cluster upload sessions which allows a system admin to upload non-attachment file types via shared channels that could potentially be placed in...

CVE-2024-25652

In Delinea PAM Secret Server 11.4, it is possible for a user assigned "Administer Reports" permission and/or with access to Report functionality via UNLIMITED ADMIN MODE with access to the Report functionality to gain unauthorized access to remote sessions created by legitimate users through...

CVE-2025-0501

An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle...

CVE-2025-0501 Issue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)

An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle...