CVE-2025-14821

A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH Secure Shell connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an...

CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

rsync security update

3.4.1-2.2 - Resolves: RHEL-152885 - CVE-2025-10158 Out of bounds array access via negative index 3.4.1-2.1 - Resolves: RHEL-152878 - clearing DISPLAY breaks SSHASKPASS expectations...

PT-2026-30900

Name of the Vulnerable Software and Affected Versions libssh affected versions not specified Description A flaw exists in libssh that allows local man-in-the-middle attacks, security downgrades of SSH Secure Shell connections, and manipulation of trusted host information. This poses a risk to the...

CVE-2026-35452 WWBN AVideo has Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...

EUVD-2026-19353

Ferret is a declarative system for working with web data. Prior to 2.0.0-alpha.4, a path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a...

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local AI agents. In March 2026, the TeamPCP threat actor proved just how...

Malicious code in nerite-security-audit (npm)

Collects and exfiltrates sensitive data env vars, SSH keys, keystores, history via HTTPS and DNS. Suspicious domain and disabled SSL validation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87776a4e480d244c862e76238cd498aa49bd919403dad6de21a85326d6b451ed The...

Oracle Linux 9 : openssh (ELSA-2026-6462)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6462 advisory. 8.7p1-48.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug:...

Fedora 45 : NetworkManager-ssh (2026-87e30fe05b)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-87e30fe05b advisory. Automatic update for NetworkManager-ssh-1.4.3-1.fc45. Changelog Fri Apr 3 2026 Dan Fruehauf - 1.4.3-1 - Always run autoreconf -fvi - Fix file access for...

MAL-2026-2486 Malicious code in gangomodule (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8117683c90fb188f9fc013b3b3006dc5e31269d2511dd7c80eea9ac7b6892d09 During installation, obfuscated code validates the environment against typical sandboxing signs and attempts to download the next stages from remote sources. T...

Malicious code in gangomodule (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8117683c90fb188f9fc013b3b3006dc5e31269d2511dd7c80eea9ac7b6892d09 During installation, obfuscated code validates the environment against typical sandboxing signs and attempts to download the next stages from remote sources. T...

GHSA-99J6-HJ87-6FCF AVideo: Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php

Summary The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesystem paths, remote server URLs, and SSH connection metadata. Details...

SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2026:1169-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1169-1 advisory. Update Wireshark to version 4.6.4 jscPED-15400. - CVE-2024-9780: ITS dissector crash bsc1231475. -...

SUSE CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

RHSA-2026:6463 Red Hat Security Advisory: openssh security update

Bulletin has no description...

Security update for keybase-client (important)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2026:0117-1 Rating: important References: 1253563 1253864 1254023 Cross-References: CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVSS scores: CVE-2025-47913 SUSE: 8.7...

Cisco Catalyst SD-WAN Controller Authentication Bypass

This module exploits an authentication bypass vulnerability CVE-2026-20127 in the Cisco Catalyst SD-WAN Controller vSmart. The vdaemon DTLS control-plane service fails to properly validate the verifystatus byte in CHALLENGEACKACK msgtype=10 messages. The vbondprocchallengeackack handler reads an...

CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

DEBIAN-CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...