128 matches found
org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames
A flaw was found in Apache Log4j Core. This vulnerability allows for log injection through the use of Carriage Return Line Feed CRLF sequences. This occurs because security-related configuration attributes were silently renamed, impacting users who directly configure Rfc5424Layout with stream-bas...
CVE-2026-34429
Vvveb prior to 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media upload and rename permissions to execute arbitrary JavaScript by bypassing MIME type validation and renaming uploaded files to executable extensions. Attackers can prepend a GIF8...
Apache Log4j 2.21.0 < 2.25.4 Rfc5424Layout Log Injection (CVE-2026-34478)
The version of Apache Log4j on the remote host is 2.21.0 through 2.25.3. It is, therefore, affected by a vulnerability: - The Rfc5424Layout is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. The newLineEscape attribute was...
SUSE CVE-2026-34478
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.htmlRFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two distinct issues affect user...
CVE-2026-34478
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.htmlRFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two distinct issues affect user...
CVE-2026-34478
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.htmlRFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two distinct issues affect user...
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script VBS files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persistence and enabling...
WhatsApp malware campaign delivers VBScript and MSI backdoors
In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script VBS files. Once execute...
WhatsApp malware campaign delivers VBScript and MSI backdoors
In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script VBS files. Once execute...
CLSA-2026-1773784132 Update of alt-php
Port to Debian 10 buster with renamed libraries to avoid conflicts with system PostgreSQL packages. Rename library packages to allow coexistence with other PostgreSQL versions: - libpq5 - libpq5-9.6 library: libpq-9.6.so.5 - libpq-dev - libpq-dev-9.6 - libecpg6 - libecpg6-9.6 library:...
Malicious code in teate-thy-sonic-nozume (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fcf19f5d103bb31c9e09b97a6b3b3ff1111d13bdd403e453d684efbe89851d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mufabafgi-sufafni-cabai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7979dbfbe4b709c164005b0ae0639273110cb29809a4ddc02df530ec835fefb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kaka-poke15 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d197d46f12af0ef7ea500418b958da3021e4ebb13e7ba48a7806e463457e44f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-158808 Malicious code in lookingan-namala91 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb79124788f62ea78df365c48ea7b9af5b93b4d0fc7e8b5cef724f7576f7bf0c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in avminh-afaais-ifaffofda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0023551169380428bbd5feb40c3479aa902c210efa3c41181fb6c896b322f0f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-160196 Malicious code in masioaluan-ofai-doikubato (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 419ef5432e6c5d27b50c6fbf40d4dda2a6de429455de664453fc07626580c71e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sunden-diak-n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40132fe292c6ced8f8b02b1b856651fa8049ff8563cf392d64a3fd1479f70252 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141791 Malicious code in draco-cosmos-restart-thuban (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd876bcb4ef1111bfcc1273681247b5e97e52ba912fa39284cfd0f37f70ddf3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in riana-toge43-sumpek (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3a561e0bdd68ed1055a31837cba4e2c73cd22b39e4e61033ba9290a8fc1a2ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-100817 Malicious code in concrete_wildcat-toolteadev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36a29502ebc8ce830bf0a23303a1d5689c4e0cf99b0ed323c3162c82087ed30e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...