PT-2026-42027

Name of the Vulnerable Software and Affected Versions Kopia versions prior to 0.22.4 Description Kopia's HTTP server, when started with the --without-password flag, accepts unauthenticated requests to the '/api/v1/repo/exists' endpoint. The handler forwards a storage configuration provided by the...

EUVD-2024-48236

Malicious code in bioql PyPI...

EUVD-2023-30106

Malicious code in bioql PyPI...

CVE-2025-26788

StrongKey FIDO Server before 4.15.1 treats a non-discoverable namedcredential flow as a discoverable transaction...

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of...

CVE-2023-31059

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...

SQL Buddy 1.3.3 - Remote Code Execution

Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link: https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Version: SQL...