Malicious code in swampo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7b8e193e75e6ca7d387f21b53c251e6ee8791d9ec4ca3f37099e765415d36157 Multi-stage dropper. The "analytics" functionality fetches fake updates information that should contain the next URL. From it, a yet another URL is downloaded,...

MAL-2026-3031 Malicious code in swampo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7b8e193e75e6ca7d387f21b53c251e6ee8791d9ec4ca3f37099e765415d36157 Multi-stage dropper. The "analytics" functionality fetches fake updates information that should contain the next URL. From it, a yet another URL is downloaded,...

CVE-2026-41067

Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace o...

CVE-2026-41067 Astro: XSS via incomplete `</script>` sanitization in `define:vars` allows case-insensitive and whitespace-based bypass

Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace o...

CVE-2026-41067

Summary: CVE-2026-41067 affects Astro’s SSR pipeline, where defineScriptVars sanitizes inline script values using a case-sensitive //g regex. This fails to match closing script tags when payloads use case variants (e.g., ), whitespace before &gt; (), or self-closing forms (), allowing injected HT...

EUVD-2026-25573

Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace o...

CVE-2026-41067 Astro: XSS via incomplete `</script>` sanitization in `define:vars` allows case-insensitive and whitespace-based bypass

Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize values injected into inline tags via the define:vars directive. HTML parsers close elements case-insensitively and also accept whitespace o...

BIT-PYTHON-MIN-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

BIT-PYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

BIT-LIBPYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

CVE

Vulnerability Report: Unauthenticated SQL Injection in Hospita...

SUSE CVE-2026-6019

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

EUVD-2026-25344

OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local scripts before execution without invalidating the approval plan, allowing execution of modified script...

VulnCheck KEV: CVE-2025-69985

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

openSUSE 16 Security Update : erlang (openSUSE-SU-2026:20607-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20607-1 advisory. Security issues fixed: - CVE-2026-21620: improper isolation and compartmentalization can lead to TFTP relative path traversal and remote arbitra...

📄 OpenClaw 2026.3.13 MEDIA Protocol File Disclosure

This Python script is a security exploitation tool targeting the OpenClaw system integrated with Discord. It attempts to exfiltrate sensitive files from a victim environment by abusing a MEDIA: prompt injection mechanism...

WordPress plugin ITERAS 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2026-41360

OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local scripts before execution without invalidating the approval plan, allowing execution of modified script...

CVE-2026-41360

OpenClaw

CVE-2026-41360 OpenClaw < 2026.4.2 - Approval Integrity Bypass in pnpm dlx Local Script Binding

OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local scripts before execution without invalidating the approval plan, allowing execution of modified script...