EUVD-2026-25209

Borg SPM 2007 Sales Ended in 2008 developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

MAL-2026-2883 Malicious code in ts-lint-builds (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b5b6d9da5acae076b81860b7c119f9b61dd48b9b5360e56b582fdae563f96d8 The package ts-lint-builds was found to contain malicious...

Malicious code in cjs-biginteger (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad18a38aa59b5edbd05dbdf229f4d013446f970fe18b41e54ffc1c24a926d2bd The package cjs-biginteger was found to contain malicious...

Malicious code in bjs-lint-builders (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93ff31ee3bf86e4aecefc3ed40ae1647028f7fd482df4c617731ebfd75cad027 The package bjs-lint-builders was found to contain maliciou...

MAL-2026-2880 Malicious code in bjs-lint-builder (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de4578f36842f930e2a5e6a4129c10eb87bf1005fe8cbdf05ffb9fdc2fe43ad8 The package bjs-lint-builder was found to contain malicious...

MAL-2026-2879 Malicious code in bjs-biginteger (npm)

big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce3bc89babfc42de2e7df569ebf26d41dcc13469a19895aa4144c2625ddbd87b The package bjs-biginteger was found to contain malicious...

CVE-2026-2097

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2026-1331

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2026-1222

PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2026-1222 BROWAN COMMUNICATIONS ｜PrismX MX100 AP controller - Arbitrary File Upload

PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

PT-2026-1235

Name of the Vulnerable Software and Affected Versions QOCA aim AI Medical Cloud Platform affected versions not specified Description The QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload issue. Authenticated remote attackers can upload and execute web...

CVE-2025-15228

BPMFlowWebkit by WELLTEND TECHNOLOGY is affected by an Arbitrary File Upload vulnerability that enables unauthenticated remote attackers to upload and execute a Web Shell backdoor, leading to arbitrary code execution on the server. Affected component is BPMFlowWebkit; root cause is an arbitrary f...

CVE-2025-15226

CVE-2025-15226 concerns WMPro by Sunnet, where an Arbitrary File Upload vulnerability allows unauthenticated remote attackers to upload and execute a web shell on the server, enabling arbitrary code execution . The vulnerability is described in multiple feeds (NVD/Red Hat/CIRCL/etc.) with no spec...

Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed Xurum by Akamai, leverage a now-patched critical security flaw CVE-2022-24086, CVSS score: 9.8 in Adobe Commerce and Magento Open Source...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PwnKit-go-LPE CVE-2021-4034 A golang based exp for CVE-2021...

Exploit for Argument Injection in Phpmailer_Project Phpmailer

This is a Python script that exploits a vulnerability in PHPMailer version 5.2.18. The script is designed to be run on a vulnerable environment, and it will spawn a vulnerable web application on the host on port 8080. The exploit will drop a shell where commands can be sent to the backdoor. The...

ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI on Wednesday issued a joint advisory warning of active exploitation of vulnerabilities in Microsoft Exchange on-premises products by nation-state actors and cybercriminals. "CISA and FBI...

Grandstream HT800 series Encryption Problem Vulnerability

The Grandstream HT800 series is an HT800 series analog phone adapter from Grandstream. The Grandstream HT800 series is vulnerable to an encryption issue that originates from a backdoor in the SSH service. The vulnerability can be exploited by an attacker to obtain a root shell by correctly...

DarkCrewFriends Returns with Botnet Strategy

The hackers-for-hire group DarkCrewFriends has resurfaced and is targeting content management systems to build a botnet. The botnet can be marshalled into service to carry out a variety of criminal activities, including distributed denial-of-service DDoS attacks, command execution, information...

SSH Authentication Backdoor Vulnerability in Fortigate Firewalls

FortiGate Fita Firewall is a network firewall product from Fortinet Fita for defense against attacks such as network and malicious code at the network and content layers. Fortigate Firewall has an SSH authentication backdoor vulnerability. FortiGate firewall FortimanagerAccess user's password is...