create-poc-template-skills

create-poc-template 中文 A skill for AI coding...

Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

MAL-2026-6254 Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

MAL-2026-6252 Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

Exploit for Infinite Loop in Pypdf_Project Pypdf

CVE-2026-24688 - pypdf - Circular Reference DoS Vulnerability...

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

Exploit for Eval Injection in Xwiki

CVE-2025-24893 - XWiki Unauthenticated RCE Exploit POC ⚠️ U...

elevate-kit

elevate-kit Local privilege escalation enumeration scripts fo...

Malicious code in jsonschema-viewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3692022b4caf5ac51d868aaae58e793520ac3bd36703841eb615942baf85bb87 The package's only function — main in src/jsonschemaviewer/main.py, registered as the jsonschema-viewer console script — invokes os.system to fetch a...

MAL-2026-6248 Malicious code in jsonschema-viewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3692022b4caf5ac51d868aaae58e793520ac3bd36703841eb615942baf85bb87 The package's only function — main in src/jsonschemaviewer/main.py, registered as the jsonschema-viewer console script — invokes os.system to fetch a...

github-trending-xss-vulnerability-scanner

XSS Vulnerability Scanner Plugin Comprehensive cross-site scr...

nuclei-template-creator

Nuclei Template Creator English | 中文 A c...

CVE-2026-MSIAPService

MSI Center — MSI NBFoundation Service Vulnerability Advisory...

Exploit for CVE-2026-11561

CVE-2026-11561 — Apinizer SSTI / RCE Version Check Infra Nu...

Fedora 44 : strongswan (2026-284c049f7f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-284c049f7f advisory. Addresses CVE-2026-47895 which is a theoretical RCE Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Debian dsa-6356 : imagemagick - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6356 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6356-1 [email protected] https://www.debian.org/securit...

Fedora 44 : 389-ds-base (2026-6d00814a85)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d00814a85 advisory. Resolves: CVE-2026-9064 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

MiracleLinux 8 : [security - medium] mysql:8.4, rapidjson-1.1.0-3.module+el8+1990+5ba0b90f (AXSA:2026-810:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-810:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001...

Fedora 43 : webkitgtk (2026-1557aaef26)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1557aaef26 advisory. Add support for half-width fonts. Improve content filter compilation by avoiding file copies. Improve handling of out of disk space conditions when...