CVE-2026-25905

CVE-2026-25905 describes a lack of isolation between Python code executed by runPython/runPythonAsync and the surrounding JavaScript environment. This lets Python code access Pyodide APIs to modify the JS context, which could enable an attacker to hijack the MCP server and shadow MCP tooling. The...

PT-2026-7090

Name of the Vulnerable Software and Affected Versions MCP affected versions not specified Description The Python code executed by the 'runPython' or 'runPythonAsync' functions lacks isolation from other JavaScript code. This allows Python code to utilize Pyodide APIs to alter the JavaScript...

Pydantic 安全漏洞

Pydantic is an open-source library developed by Pydantic developers. It allows for data validation using Python type hints. Pydantic has a security vulnerability that stems from the lack of isolation between Python code and JavaScript code. This vulnerability could potentially lead to the hijacki...

多款Schneider Electric产品代码问题漏洞

Schneider Electric EVlink City and others are a charging solution for electric vehicle charging stations from Schneider Electric, a French company. A security vulnerability exists in several Schneider Electric products that allows an attacker to gain unauthorized access to the charging station we...

Trump Campaign Website Left Open to Email Server Hijack

A mistake made by website developers left an official re-election website for President Donald Trump open to attack. The error, impacting hundreds of other websites as well, is tied to a website development tool called Laravel, used to test sites before they go live. The tool, accidentally left...

Pak Cyber Army Site Hacked by TriCk ( TeaMp0isoN )

Pak Cyber Army Site Hacked by TriCk TeaMp0isoN TeaMp0isoN Hack Pakistan cyber army website ie. https://pakcyberarmy.net Its a 'Name Server Hijack' Hack, After that PCA site is down ! Zone-H mirror : News Source : TeamPoison...

Apache 2.0.4x mod_perl - File Descriptor Leakage (3)

source: https://www.securityfocus.com/bid/9471/info A vulnerability has been reported to exist in the Apache modperl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker to hijack a vulnerable server daemon. Other attack...

CVE-2003-0740

Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen, which allows local users to hijack the Stunnel server...

CVE-2003-0740

Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen, which allows local users to hijack the Stunnel server...

CVE-2003-0740

Stunnel versions 4.00 and 3.24 and earlier are vulnerable due to leaking a privileged file descriptor returned by listen(), enabling local users to hijack the stunnel server. The issue is described across multiple advisories (Mandrake, Red Hat, SUSE) and CVE-2003-0740, with remediation guidance t...