claude-security-scanner

🇨🇳 ⚡ bash git clone https://github.com/290298661...

Malicious code in swift-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c54f35da6df5cef65715d49fb7942aff442ee9a0cb486862031e5009277db3a On npm install, [email protected] runs scripts/install-binary.js as a postinstall hook. The script is a hand-rolled JavaScript bytecode VM 123 KB...

CVE-2026-27082

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

EUVD-2026-15791

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

CVE-2026-27082

CVE-2026-27082 describes a PHP object-injection/Deserialization of Untrusted Data vulnerability in WordPress Theme Love Story (ThemeREX Love Story) versions n/a through 1.3.12. The issue arises from deserializing untrusted data, enabling object injection. Reported impact includes high confidentia...

CVE-2026-27082 WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

CVE-2026-27082 WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

CVE-2026-27082

Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through = 1.3.12...

WordPress plugin Love Story 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-27981

Name of the Vulnerable Software and Affected Versions ThemeREX Love Story versions n/a through 1.3.12 Description An issue exists in ThemeREX Love Story that allows for object injection due to deserialization of untrusted data. This impacts the application's ability to securely handle data input...

WordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Love Story versions = 1.3.12...

LLMs Generate Predictable Passwords

LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven ­ for example, L , 9, m, 2, $ and...

@deno/sandbox (>=0.0.9 <=0.6.0), @ekairos/dataset (>=1.21.56-beta.0 <=1.22.34-beta.development.0) +45 more potentially affected by unknown CVE via devalue (>=5.0.0 <=5.6.2)

devalue NPM version =5.0.0, =0.0.9, =1.21.56-beta.0, =1.22.4-beta.development.0, =1.21.56-beta.0, =1.21.67-beta.0, =1.21.88-beta.0, =0.0.0-dev-20260121145510, =0.0.0-dev-20260115183047, =0.0.0-dev-20260115183047, =0.0.0-dev-20260115183047, =2.3.65, =1.1.27, =1.1.21, =1.2.263, =2.2.3, =4.0.1 and...

@deno/sandbox (>=0.0.9 <=0.6.0), @ekairos/dataset (>=1.21.56-beta.0 <=1.22.34-beta.development.0) +45 more potentially affected by unknown CVE via devalue (>=5.0.0 <=5.6.2)

devalue NPM version =5.0.0, =0.0.9, =1.21.56-beta.0, =1.22.4-beta.development.0, =1.21.56-beta.0, =1.21.67-beta.0, =1.21.88-beta.0, =0.0.0-dev-20260121145510, =0.0.0-dev-20260115183047, =0.0.0-dev-20260115183047, =0.0.0-dev-20260115183047, =2.3.65, =1.1.27, =1.1.21, =1.2.263, =2.2.3, =4.0.1 and...

CVE-2023-29748

Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the...

CVE-2019-20592

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. There is local SQL injection in the Story Video Editor Content Provider. The Samsung ID is SVE-2019-14062 July 2019...

EUVD-2025-198546

Malicious code in airbnb-story-constants npm...

Malicious code in airbnb-story-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ee587585b5d6ce7a559b01b7ca42796dcd026647cce38e2056a0893bd4c7429 The package airbnb-story-constants was found to contain malicious code. Source: ossf-package-analysis...

MAL-2025-190606 Malicious code in airbnb-story-constants (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ee587585b5d6ce7a559b01b7ca42796dcd026647cce38e2056a0893bd4c7429 The package airbnb-story-constants was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2019-11132

Malware in sbrugna...