CVE-2026-9860

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

EUVD-2026-37840

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cfimagesdosetup AJAX handler, which require...

CVE-2026-9860

The CVE-2026-9860 entry concerns the WordPress plugin “Offload, AI & Optimize with Cloudflare Images” (versions

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

In this article 1. Attack chain overview 1. Discovery and initial indicators 2. Dependency injection: the poisoned package.json 3. Typosquat analysis: easy-day-js 4. Staged delivery pattern 5. Obfuscation and payload analysis 6. TLS bypass to self-deletion 7. Timeline analysis 2. Who is Sapphire...

binary-exploitation-writeup

Binary Exploitation — Buffer Overflow & Format String Attack...

Malicious code in string-tools-be6c (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c725b56cc7e80c178e8d0fca3eceb069e811b979427b6ec99deab6b6f6cab8f7 Package ships a postinstall lifecycle hook node run.js that runs automatically on npm install. The executed script imports os, https, http, and...

Malicious Package

Overview string-tools-be6c is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-6100 Malicious code in string-tools-be6c (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c725b56cc7e80c178e8d0fca3eceb069e811b979427b6ec99deab6b6f6cab8f7 Package ships a postinstall lifecycle hook node run.js that runs automatically on npm install. The executed script imports os, https, http, and...

marimo contains a reflected cross-site scripting vulnerability in the notebook page

marimo before 0.23.9 contains a reflected cross-site scripting vulnerability in the notebook page that allows unauthenticated attackers to inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query parameter reflected into an inline JavaScript string literal...

EUVD-2026-37809

marimo before 0.23.9 contains a reflected cross-site scripting vulnerability in the notebook page that allows unauthenticated attackers to inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query parameter reflected into an inline JavaScript string literal...

GHSA-8M59-7XV8-735H marimo contains a reflected cross-site scripting vulnerability in the notebook page

marimo before 0.23.9 contains a reflected cross-site scripting vulnerability in the notebook page that allows unauthenticated attackers to inject arbitrary JavaScript by exploiting improper escaping of single quotes in the file query parameter reflected into an inline JavaScript string literal...

Credential Exposure

Overview Affected versions of this package are vulnerable to Credential Exposure due to an incorrect transformation string in the encryption configuration process. An attacker can compromise the confidentiality of encrypted data by exploiting the unintended use of weaker padding when OAEP is...

Cleartext Transmission of Sensitive Information

Overview Steeltoe.Management.Endpoint is a package that provides building blocks for development of .NET applications that integrate with Spring and Spring Boot environments, as well as Cloud Foundry and Kubernetes with first-party support for Tanzu. Affected versions of this package are vulnerab...

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information in the Sanitizer function of the Environment actuator, which fails to redact sensitive information from configuration keys matching standard .NET patterns such as ConnectionStrings: or...

CVE-2026-48764

TypeBot is a chatbot builder tool. In versions prior to 3.17.2, SSRF validation is implemented by resolving a hostname once and checking whether the resolved IP belongs to a forbidden range allowing for DNS rebinding bypass. The root cause is a time-of-check to time-of-use gap in the SSRF guard...

Cisco Identity Services Engine (cisco-sa-ise-multi-G5WP8vv)

According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute... CVE-2026-20181 Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

Siemens RuggedCom Rox Integer Underflow (Wrap or Wraparound) (CVE-2019-14199)

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an udppackethandler call. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23238)

"In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by setti...

Siemens RuggedCom Rox Path Traversal (CVE-2025-6020)

A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. This plugin only works with Tenable.ot. Please visit...

HP LaserJet Improper Access Control (CVE-2014-7875)

Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. This plugin only works with Tenable.ot. Please visit...