CVE-2026-24899

CVE-2026-24899 affects Fleet Windows MDM enrollment. Before 4.82.0, Fleet validates JWTs with Microsoft’s multi-tenant JWKS but does not enforce aud or iss, allowing any Microsoft-signed Azure AD access token with the expected scopes to authenticate to Fleet’s MDM endpoints. If Windows MDM is ena...

GHSA-37J4-88RP-2F6H Electerm's full process.env exposed to renderer via window.pre.env

Impact The getConstants IPC handler in src/app/lib/ipc-sync.js serialises the entire process.env object and sends it to the renderer. The data is stored as window.pre.env and is accessible from any JavaScript running in the renderer e.g., via the DevTools console or a compromised webview context...

EUVD-2026-24515

nesquena hermes-webui contains an environment variable leakage vulnerability where profile switching does not clear environment variables from the previously active profile before loading the next profile. Attackers or users can exploit additive dotenv reload behavior to access provider API keys...

Insertion of Sensitive Information Into Sent Data

Overview apache-airflow is a platform to programmatically author, schedule, and monitor workflows. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the form of connection secrets handled by buildmetrics being logged in the audit log. A user...

EUVD-2015-0006

Malware in sbrugna...

EUVD-2023-54034

Malicious code in bioql PyPI...

EUVD-2024-52852

Malicious code in bioql PyPI...

EUVD-2025-23669

Malicious code in bioql PyPI...

CVE-2025-54594

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

CVE-2025-54594

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

CVE-2025-54594 react-native-bottom-tabs: Arbitrary code execution in GitHub Actions canary workflow leads to secret exfiltration

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

CVE-2025-54594 react-native-bottom-tabs: Arbitrary code execution in GitHub Actions canary workflow leads to secret exfiltration

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

PT-2025-32002

Name of the Vulnerable Software and Affected Versions: react-native-bottom-tabs versions 0.9.2 and earlier Description: The react-native-bottom-tabs library improperly used the pull request target event trigger in the github/workflows/release-canary.yml GitHub Actions workflow. This allowed...

CVE-2025-47928

Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using pullrequesttarget on .github/workflows/integrationtests.yml followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be execute...

CVE-2025-24977 OpenCTI has remote code execution and sensitive secrets exposed through web hook

OpenCTI is an open cyber threat intelligence CTI platform. Prior to version 6.4.11 any user with the capability manage customizations can execute commands on the underlying infrastructure where OpenCTI is hosted and can access internal server side secrets by misusing the web-hooks. Since the...

CVE-2025-24977 OpenCTI has remote code execution and sensitive secrets exposed through web hook

OpenCTI is an open cyber threat intelligence CTI platform. Prior to version 6.4.11 any user with the capability manage customizations can execute commands on the underlying infrastructure where OpenCTI is hosted and can access internal server side secrets by misusing the web-hooks. Since the...

CVE-2024-4254

The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main' branch, is vulnerable to secrets exfiltration due to improper authorization. The vulnerability arises from the workflow's explicit checkout and execution of code from a fork, which is unsafe as it...

Moodle admin presets export tool includes some secrets that should not be exported

A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party...

CVE-2024-43427

A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party...

Information Exposure

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Information Exposure due to the inclusion of sensitive secrets and keys in the exported site administration presets. Remediation Upgrade moodle/moodle to version 4.4.2, 4.3.6, 4.2.9, 4.1.12 or highe...