81833 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: Fixed a potential use of the object “link” after it is freed in the function iwlmldremovelink. This code releases the “link” by calling kfreerculink, rcuhead, and then dereferes “link” to obtain “link-fwid”. The...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Check for rtd == NULL in sndsocremovepcmruntime The function sndsocremovepcmruntime might be called with rtd == NULL, which will lead to a null pointer derefrence. This issue was reproduced when topology loading was...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A issue was discovered in the Linux kernel through version 6.3.8. A use-after-free was found in ravbremove in drivers/net/ethernet/renesas/ravbmain.c...
CVE-2026-8424
The Remove Yellow BGBOX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'rybbapisettings' page. This makes it possible for unauthenticated attackers to reset the plugin's stored...
MAL-2026-4242 Malicious code in foundy-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d117fe522ec0aee9271963b02fb9a61b7e5005b5494331368b58f46c05c944cd On npm install, the package's postinstall script runs an inline node -e that shells out to curl -fsSL against an ephemeral Pinggy free-tier tunnel ho...
Malicious code in foundy-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d117fe522ec0aee9271963b02fb9a61b7e5005b5494331368b58f46c05c944cd On npm install, the package's postinstall script runs an inline node -e that shells out to curl -fsSL against an ephemeral Pinggy free-tier tunnel ho...
CVE-2026-8424
The Remove Yellow BGBOX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'rybbapisettings' page. This makes it possible for unauthenticated attackers to reset the plugin's stored...
Malicious code in etherjs-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 335b4f699510e2bb1171a9137655f6977d5554f508e612eab97b4239c1249be1 package.json declares a postinstall script that performs an HTTPS GET to an ephemeral pinggy-free.link tunnel URL...
MAL-2026-4244 Malicious code in hardhat-gas-profiler-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21e0ec3571fccc81c8e047835e84f75b6f0d95e2e4ee7e3d11537b99eab8115 Package impersonates the Hardhat plugin ecosystem real Hardhat plugins are published under @nomicfoundation/; the referenced github.com/hardhat/...
Malicious code in chainlink-price-feed-aggregator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 557bc05b86e81155a6305c13693641f32ca21520bac827af82b2a785f4f669d4 Package name impersonates Chainlink branding while being published by an unrelated identity author 'Web3 Developer Tools ', repo github.com/web3/...
Malicious code in ganache-cli-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 144bbaf975156b3114f5526a7e9a8ffbe8eb411a541c7e457b7bf444200a02c5 Package name impersonates the widely-used ganache-cli Ethereum development tool but ships only a 138-byte index.js stub that wraps...
Malicious code in solna-web3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6076f4236301f997d420c7daba9b12c035fe2866fa9fa42f59be230b5e90350a Package name 'solna-web3' is a one-character typosquat of the popular '@solana/web3.js' drops the 'a' from 'solana'. The package's only real...
MAL-2026-4247 Malicious code in solana-pda-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 932b19a77a3ac634909a0f284df48d9b2a8b28f9c5370bd50306d7ba5a1335e9 On npm install, package.json's postinstall hook runs node -e to issue an https.get against...
Malicious code in foundry-deploy-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14ad9106b013b6e68056e1afe40a833d89b1c2037aab7b67d4b24bba1dbf4c77 package.json declares a postinstall hook that runs node -e with an inline childprocess.execSync invoking curl -fsSL...
Malicious code in ethers-multicall-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe5e969b4ca41dbbd6ef1c04c12d48906ea4477b39493e766045effd4939d748 On npm install, the package's postinstall script spawns node -e to run an inline childprocess.execSync that curls a binary from...
MAL-2026-4240 Malicious code in ethers-multicall-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe5e969b4ca41dbbd6ef1c04c12d48906ea4477b39493e766045effd4939d748 On npm install, the package's postinstall script spawns node -e to run an inline childprocess.execSync that curls a binary from...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021632)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021632 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using exit for the remove...
WordPress plugin Remove Yellow BGBOX 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
MAL-2026-4362 Malicious code in @arbocollab/arbo-web-people (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f007c3da95aa64e4c2ed5b51b736900ddc444499f2f678d749603fab516a0c3 The published tarball ships npmjs.npmrc containing a live npm-prefixed authToken for registry.npmjs.org scoped to @arbocollab. package.json declares...
MAL-2026-4173 Malicious code in is-really-odd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f205432fff885dce7a6dee0e8d1267c65944d3e486abd566683caeaad833692 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...