Lucene search
K

57 matches found

Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.13 views

The End of Trust: How Agentic AI Breaks Security Assumptions

For decades, the security of digital interaction has rested on an unacknowledged economic constraint. Attackers faced a tradeoff between the fidelity of a deception and the scale at which it could be deployed. Convincing impersonation required sustained human effort and was confined to a narrow s...

5.8AI score
Exploits0
NVD
NVD
added 2026/02/19 4:27 p.m.7 views

CVE-2026-26345

SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...

8.6CVSS0.00187EPSS
Exploits0References3
OSV
OSV
added 2026/02/19 4:27 p.m.4 views

CVE-2026-26345

SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...

8.6CVSS5.2AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/19 4:27 p.m.5 views

CVE-2026-26345

SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...

8.6CVSS5.8AI score0.00187EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/19 3:25 p.m.23 views

CVE-2026-26345 SPIP < 4.4.8 Cross-Site Scripting in Public Area

SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...

8.6CVSS0.00187EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/19 3:25 p.m.4 views

CVE-2026-26345 SPIP < 4.4.8 Cross-Site Scripting in Public Area

SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...

8.6CVSS5.1AI score0.00187EPSS
Exploits0References3
CVE
CVE
added 2026/02/19 3:25 p.m.23 views

CVE-2026-26345

SPIP CVE-2026-26345 is a stored XSS in SPIP

8.6CVSS5.1AI score0.00187EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/19 2:58 p.m.24 views

CVE-2025-71246

...

Exploits0
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

SPIP 安全漏洞

SPIP is an open-source software developed by SPIP for creating Internet websites. Versions of SPIP prior to 4.4.8 contained a security vulnerability caused by insufficient cleanup of the echapperhtmlsuspect function, which could lead to stored-xss attacks...

8.6CVSS5.8AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20844

SPIP before 4.4.8 allows Cross-Site Scripting XSS in the public area for certain edge-case usage patterns. The echapper html suspect function does not adequately detect all forms of malicious content, permitting an attacker to inject scripts that execute in a visitor's browser. This vulnerability...

4.7CVSS5.6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-20854

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.8 Description SPIP before version 4.4.8 contains a Cross-Site Scripting XSS issue in the public area due to insufficient detection of malicious content by the echapper html suspect function. This allows an attacker t...

5.4CVSS5.4AI score0.00187EPSS
Exploits0References8
HackRead
HackRead
added 2025/11/13 3:58 p.m.16 views

Operation Endgame Hits Rhadamanthys, VenomRAT, Elysium Malware, seize 1025 servers

Europol-led Operation Endgame seizes 1,025 servers and arrests a key suspect in Greece, disrupting three major global malware and hacking tools, including Rhadamanthys, VenomRAT and Elysium botnet...

7AI score
Exploits0
HackRead
HackRead
added 2025/10/31 11:34 a.m.4 views

Ukrainian Conti Ransomware Suspect Extradited to US from Ireland

Ukrainian man accused of helping run Conti ransomware extradited from Ireland to the U.S. to face charges over global cyberattacks and $150M in ransom payments...

7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2025/09/12 2:36 p.m.6 views

Charlie Kirk Shooting Suspect Identified as 22-Year-Old Utah Man

Authorities have named Tyler Robinson as a suspect in the murder of right-wing influencer Charlie Kirk, citing Discord messages as evidence of his alleged role...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in callisto-subscription-selenology-cybernetics (npm)

The package callisto-subscription-selenology-cybernetics was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in project-w5hfn-india (npm)

The package project-w5hfn-india was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-25900 Malicious code in mantheon (npm)

The package mantheon was found to contain malicious code...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/13 6:33 a.m.13 views

Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies in 2021. "He is wanted internationally for committing several cybercrimes ransomware attacks, blackmail, and money laundering against...

7.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/12/09 8:33 p.m.7 views

Police Arrest UnitedHealthcare CEO Shooting Suspect, App Developer Luigi Mangione

Luigi Mangione, a 26-year-old graduate of the University of Pennsylvania, was apprehended on Monday after visiting a McDonald's in Altoona, Pennsylvania...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/07/04 12:0 a.m.4 views

The vulnerability of the ApexOne Security Agent for antivirus software from Trend Micro’s Apex One and Apex One as a Service allows attackers to execute arbitrary code and gain elevated privileges.

The vulnerability of the ApexOne Security Agent in antivirus software products Trend Micro Apex One and Apex One as a Service is related to deficiencies in access control for the Suspect folder. Exploiting this vulnerability can allow attackers to execute arbitrary code and increase their...

7.8CVSS7.6AI score0.00629EPSS
Exploits0References5
Rows per page
Query Builder