110593 matches found
Astra Linux – Vulnerability in Jackson-Databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...
Astra Linux - уязвимость в openssl
Issue Summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use DHcheckpubkey,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: devlink: The issue “report devlinkporttypewarn source device” should be reported for the devlink port. This warning is scheduled to appear when the port type is not set. However, it is not easy to determine which device driver do...
Astra Linux - уязвимость в openssl
Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the key or parameters are obtained from an untrusted source, this ca...
Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
Grafana Labs, on May 19, 2026, said an investigation into its recent breach found no evidence of customer production systems or operations being compromised. It said the scope of the incident is limited to the Grafana Labs GitHub environment, which includes public and private source code along wi...
CVE-2026-29518
creationtimestamp| type| source ---|---|--- 2026-05-20 04:18:43+00:00| seen| https://vulnerability.circl.lu/bundle/98dfc241-f74a-4ad3-9b5d-a312ab6e6c87 2026-05-20 09:58:23+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mmbnf2tq3f22 2026-05-20 15:11:50+00:00| seen|...
CVE-2026-34744
creationtimestamp| type| source ---|---|--- 2026-05-20 03:32:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaxtnq2ck2t...
CVE-2026-34970
creationtimestamp| type| source ---|---|--- 2026-05-20 03:22:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaxbqvapn2r...
Malicious code in @tailwind-core/oxide-win32-x64-msvc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d93cb69a6f12f5739ab03d78641f2a79179750b6182f65ba5b8fb8ec4a1399bc The package name @tailwind-core/oxide-win32-x64-msvc impersonates the legitimate Tailwind CSS scope @tailwindcss published by tailwindlabs. The READM...
CVE-2026-43619
creationtimestamp| type| source ---|---|--- 2026-05-20 03:03:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaw6p2mn32p 2026-05-20 04:18:43+00:00| seen| https://vulnerability.circl.lu/bundle/98dfc241-f74a-4ad3-9b5d-a312ab6e6c87 2026-05-20 09:58:24+00:00| seen|...
CVE-2026-35593
creationtimestamp| type| source ---|---|--- 2026-05-20 02:53:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmavmn245y2r...
CVE-2026-34754
creationtimestamp| type| source ---|---|--- 2026-05-20 02:45:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmav74vm632k...
CVE-2026-6095
creationtimestamp| type| source ---|---|--- 2026-05-20 02:43:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmav3bxamm2h...
CVE-2026-6871
creationtimestamp| type| source ---|---|--- 2026-05-20 02:39:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmauud2jhc2i...
Malicious code in stripe-internal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e7a911f1602bed2fda7cbacff6567286433df29592c24839ae9980c7fff0e6b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2026-8491
creationtimestamp| type| source ---|---|--- 2026-05-20 02:34:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaulcoeo72i...
CVE-2026-8495
creationtimestamp| type| source ---|---|--- 2026-05-20 02:32:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmauimk56x2v 2026-06-03 11:01:11+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mnexgahs4r2j...
CVE-2026-4883
creationtimestamp| type| source ---|---|--- 2026-05-20 00:32:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mmanqicipo2u 2026-06-01 11:02:59+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mn7wllwb4z2b 2026-06-22 01:31:58+00:00| seen|...
CVE-2026-44790
creationtimestamp| type| source ---|---|--- 2026-05-20 00:16:19+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3mmamu5rnds2m 2026-06-27 10:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpbbbc4iiu2n...
PhoenixStorybook 安全漏洞
PhoenixStorybook is an open-source component display and interaction debugging UI tool developed by Phenix Digital. Versions of PhoenixStorybook from 0.2.0 to 1.1.0 contained security vulnerabilities. These vulnerabilities stemmed from the unauthorized conversion of user-provided string parameter...