PT-2026-46123

Name of the Vulnerable Software and Affected Versions docling-core versions 1.5.0 through 2.74.0 Description The software does not sufficiently restrict remote request destinations and can resolve a server-provided Content-Disposition to a local path in an unsafe manner. In applications that acce...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation through a crafted Chrome Extension. Chromium security severity: High...

PYSEC-2026-1 A single post-release of dydx-v4-client contained obfuscated multi-stage loader

A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...

CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

UBUNTU-CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

EUVD-2025-36997

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

CVE-2025-39663 Cross Site Scripting through compromised remote site

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

CVE-2025-39663

CVE-2025-39663: XSS in Checkmk’s distributed monitoring allows a compromised remote site to inject malicious HTML into service outputs at the central site. Affected versions: Checkmk older than 2.4.0p14, 2.3.0p39, 2.2.0, and 2.1.0 (eol). Root cause: cross-site scripting via trusted/compromised re...

CVE-2025-39663 Cross Site Scripting through compromised remote site

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.4.0p14, 2.3.0p39, 2.2.0, and 2.1.0 that originates from a remote site that can be injected with malicious HTML code, which could lead to cross-site scripting attacks...

PT-2025-44396

Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.4.0p14 Checkmk versions prior to 2.3.0p39 Checkmk versions 2.2.0 Checkmk version 2.1.0 Description A Cross-Site Scripting XSS issue exists in Checkmk's distributed monitoring functionality. A compromised remote site...

EUVD-2014-6185

Malware in sbrugna...

EUVD-2005-0187

Malware in sbrugna...

EUVD-2024-42778

Malicious code in bioql PyPI...

EUVD-2023-56118

Malicious code in bioql PyPI...

EUVD-2025-12296

Malicious code in bioql PyPI...

CVE-2023-51397

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force WP Remote Site Search allows Stored XSS.This issue affects WP Remote Site Search: from n/a through 1.0.4...

CVE-2023-33254

There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an...