MAL-2026-3573 Malicious code in @uipath/rpa-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27baf6f8e722fd9803bff5f0d455ae5867fcf87135864df02a6f269cccf659fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @uipath/rpa-legacy-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d4b6219eecb1a7c42be7dd373aba1a49cc25afcadaabb38d6ebf90522094568 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3572 Malicious code in @uipath/rpa-legacy-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d4b6219eecb1a7c42be7dd373aba1a49cc25afcadaabb38d6ebf90522094568 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MiracleLinux 8 : dovecot-2.3.8-2.el8.2 (AXSA:2020-546:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-546:03 advisory. dovecot: Resource exhaustion via deeply nested MIME parts CVE-2020-12100 dovecot: Out of bound reads in dovecot NTLM implementation CVE-2020-12673...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001342 advisory. In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device...

CVE-2023-31902

RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution RCE...

EUVD-2020-4970

Malware in sbrugna...

EUVD-2024-42854

Malicious code in bioql PyPI...

EUVD-2022-34174

Malicious code in bioql PyPI...

EUVD-2023-36191

Malicious code in bioql PyPI...

CLSA-2025-1758896552 dovecot: Fix of CVE-2020-12674

CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash...

CLSA-2025-1758820840 dovecot: Fix of CVE-2020-12674

CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash...

PT-2025-30104 · Ооо 'Шерпа Роботикс' · Sherpa Rpa

Уязвимость компонента Sherpa Orchestrator платформы для автоматизации процессов Sherpa RPA связана с непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить межсайтовый скриптинг XSS путём отправки специально...

CVE-2022-29856

A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages...

Security Bulletin: IBM Robotic Process Automation is vulnerable to disclosure of chatbot credentials (CVE-2022-33954))

Summary Security Bulletin: IBM Robotic Process Automation is vulnerable to disclosure of chatbot credentials CVE-2022-33954 Vulnerability Details CVEID:CVE-2022-33954 DESCRIPTION: IBM Robotic Process Automation could allow a user with psychical access to the system to obtain sensitive information...

Security Bulletin: IBM Robotic Process Automation is vulnerable to insufficiently protected credential for users created via bulk upload (CVE-2022-33169)

Summary Security Bulletin: IBM Robotic Process Automation is vulnerable to insufficiently protected credential for users created via bulk upload CVE-2022-33169 Vulnerability Details CVEID:CVE-2022-33169 DESCRIPTION: IBM Robotic Process Automation is vulnerable to insufficiently protected...

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Summary LibTIFF is used by IBM Robotic Process Automation for Cloud Pak as part of the .NET Core and Watson NLP CVE-2022-48281, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, . ncurses is used by IBM Robotic Process Automation for Cloud Pak as part of base container...

Security Bulletin: IBM Robotic Process Automation for Cloud Pak is vulnerable to broken access control. A user is not correctly redirected to the platform log out screen when logging out of IBM RPA for Cloud Pak (CVE-2022-43844)

Summary IBM Robotic Process Automation for Cloud Pak is vulnerable to broken access control. A user is not correctly redirected to the platform log out screen when logging out of IBM RPA for Cloud Pak. This bulletin identifies the security fixes to apply to address this vulnerability. Vulnerabili...

Security Bulletin: A vulnerability in IBM Robotic Process Automation may result in exposure of the name and email for the creator/modifier of platform level objects (CVE-2022-43573)

Summary There is a vulnerability in IBM Robotic Process Automation. Accessing specific platform level objects created in RPA may expose the creator or modifiers email address. This bulletin identifies the security fixes to apply to address this vulnerability. Vulnerability Details...

Security Bulletin: IBM Robotic Process Automation is vulnerable to exposure of tenant credentials (CVE-2022-22505)

Summary Security Bulletin: IBM Robotic Process Automation is vulnerable to exposure of tenant credentials CVE-2022-22505 Vulnerability Details CVEID:CVE-2022-22505 DESCRIPTION: IBM Robotic Process Automation contains a vulnerability that could allow IBM tenant credentials to be exposed. CVSS Base...