6 matches found
CVE-2026-9402
The CVE-2026-9402 entry concerns Edimax BR-6675nD firmware 1.12. The vulnerability is in the POST Request Handler’s formWlanMP function (/goform/formWlanMP). Manipulating parameters such as ateFunc, ateGain, ateRate, ateChan, ateTxCount, various e2pTx/e2pTxPower and readE2P fields results in comm...
Malicious code in @item-shop-data/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3931756a8f0da8b385e1c2b974c51fef803ddf8c0c6cb84ed0dacf3b3e6c1bd The package @item-shop-data/client was found to contain malicious code...
MAL-2025-49104 Malicious code in @item-shop-data/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3931756a8f0da8b385e1c2b974c51fef803ddf8c0c6cb84ed0dacf3b3e6c1bd The package @item-shop-data/client was found to contain malicious code...
EUVD-2025-37189
Malicious code in @item-shop-data/client npm...
Malicious code in item-shop-data-client (npm)
--- -= Per source details. Do not edit below this line.=-...
Shopify: Bypass report #416983 - Removed Staff members who had "Apps" permission can still modify flow app connections
The following report intends to disclose a bypass for 416983. It's been found that removed staff members who had "Apps" permission can still modify flow app connection settings due to improper authorization. Description Signed URLs generated by Shopify Flow https://apps.shopify.com/flow use a...