Lucene search
K

2974 matches found

Microsoft KB
Microsoft KB
added 3 hours ago35 views

June 9, 2026—KB5094041 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.21506EPSS
Exploits2
Microsoft KB
Microsoft KB
added 3 hours ago15 views

May 12, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB5087062)

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
Microsoft KB
Microsoft KB
added 3 hours ago81 views

June 9, 2026—KB5094042 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.21506EPSS
Exploits2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:2 p.m.7 views

Malicious code in rollup-plugin-polyfill-handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fcd05581537eece4993579cb664215a82b87dad2bdb03cae7ba998ba092a79d Package name mimics the rollup-plugin- ecosystem but exposes no Rollup plugin API. Its exported functions getPlugin, setPlugin, and getPluginExten ea...

6.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 3:13 p.m.8 views

Malicious code in postcss-property-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acb8d62cdeb6a2c19937f3d02aa6214a23114e4dbc38373e6107c8345c3f1f9f [email protected] was scanned with no a static rule matches and no behavioral findings. No exfiltration, install-time fetch-and-execute,...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/30 3:13 p.m.9 views

MAL-2026-6684 Malicious code in postcss-property-rollup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acb8d62cdeb6a2c19937f3d02aa6214a23114e4dbc38373e6107c8345c3f1f9f [email protected] was scanned with no a static rule matches and no behavioral findings. No exfiltration, install-time fetch-and-execute,...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 3:58 a.m.11 views

Malicious code in rollup-runtime-polyfill-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90dc8536f81ef2ffbd391877bbe1eefbefc900081ef6eaa9848548177c233167 Package name mimics the legitimate rollup-plugin-polyfill-node and copies its source the repository field in package.json points to...

6.3AI score
Exploits0References4
OSV
OSV
added 2026/06/24 3:58 a.m.20 views

MAL-2026-6372 Malicious code in rollup-runtime-polyfill-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90dc8536f81ef2ffbd391877bbe1eefbefc900081ef6eaa9848548177c233167 Package name mimics the legitimate rollup-plugin-polyfill-node and copies its source the repository field in package.json points to...

6.3AI score
Exploits0References4
OSV
OSV
added 2026/06/04 9:0 p.m.3 views

ROOT-APP-NPM-CVE-2026-27606 CVE-2026-27606 in @rootio/rollup - Patched by Root

Root has patched CVE-2026-27606 in the @rootio/rollup package for Root:npm. Multiple fixed versions available...

9.8CVSS5.9AI score0.01402EPSS
Exploits1
SUSE Linux
SUSE Linux
added 2026/06/03 6:6 p.m.7 views

Security update for golang-github-prometheus-prometheus

This update for golang-github-prometheus-prometheus to version 3.5.3 fixes the following issues: Security issues fixed: CVE-2026-42151: AzureAD remote write: Fixed OAuth clientsecret being exposed in plaintext via /-/config endpoint bsc1263986 CVE-2026-42154: Remote-read: Reject snappy-compressed...

8.8CVSS6.9AI score0.01557EPSS
Exploits2References24
EUVD
EUVD
added 2026/05/21 5:10 p.m.14 views

EUVD-2026-31322

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS5.9AI score0.00218EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.13 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021536)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021536 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References4
Microsoft Security Update
Microsoft Security Update
added 2026/05/12 5:0 p.m.31 views

2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5088860)

2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5088860...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/05/12 2:0 p.m.30 views

May 12, 2026—KB5087471 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.72253EPSS
Exploits32
RedHat Linux
RedHat Linux
added 2026/05/04 2:31 p.m.6 views

rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability

A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface CLI inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences ../...

9.8CVSS7.7AI score0.01402EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2026/05/04 2:10 p.m.22 views

rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability

A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface CLI inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences ../...

9.8CVSS7.7AI score0.01402EPSS
Exploits1References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/23 3:54 a.m.17 views

Malicious code in rollup-plugin-polyfill-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae32c5ba788989f856ede10fa991e6dafa8d9263b0f5fc7384c69fba97e41d4a The package rollup-plugin-polyfill-route was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Snyk
Snyk
added 2026/04/23 3:54 a.m.4 views

Malicious Package

Overview rollup-plugin-polyfill-route is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.4AI score
Exploits0References2
OSV
OSV
added 2026/04/23 3:54 a.m.12 views

MAL-2026-3009 Malicious code in rollup-plugin-polyfill-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae32c5ba788989f856ede10fa991e6dafa8d9263b0f5fc7384c69fba97e41d4a The package rollup-plugin-polyfill-route was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013814)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013814 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...

5.5CVSS5.7AI score0.00146EPSS
Exploits0References4
Rows per page
Query Builder