Linux Distros Unpatched Vulnerability : CVE-2026-48821

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a DOM-based Cross-Site Scripting XSS vulnerability in the Thumbnail Synchronizer...

CVE-2026-48821

Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a DOM-based Cross-Site Scripting XSS vulnerability in the Thumbnail Synchronizer feature. When an administrator runs the thumbnail update process, malicious bookmark titles are returned via an AJAX response and inserted...

CVE-2026-48821

Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a DOM-based Cross-Site Scripting XSS vulnerability in the Thumbnail Synchronizer feature. When an administrator runs the thumbnail update process, malicious bookmark titles are returned via an AJAX response and inserted...

CVE-2026-40987

CVE-2026-40987 affects Spring Integration across multiple tracked branches (7.0.0–7.0.4, 6.5.0–6.5.8, 6.4.0–6.4.11, 6.3.0–6.3.14, 5.5.0–5.5.20). The connected documents describe a vulnerability where a malicious or compromised FTP/SFTP/SMB server can cause the client to write arbitrary files anyw...

CVE-2026-40987 Remote-file synchronizer in Spring Integration writes server-supplied filename under localDirectory without canonicalization

A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywhere on the client filesystem outside the configured local-directory with attacker-controlled content. Affected versions: Spring Integration 7.0.0 through 7.0.4; 6.5.0 through 6.5.8; 6.4.0 through 6.4.11; 6.3.0 through...

CVE-2026-40987: Remote-file synchronizer in Spring Integration writes server-supplied filename under localDirectory without canonicalization

A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywhere on the client filesystem outside the configured local-directory with attacker-controlled content...

Devolutions Server < 2026.1.20 Multiple Vulnerabilities (DEVO-2026-0014)

The version of Devolutions Server installed on the remote host is prior to 2026.1.20. It is, therefore, affected by multiple vulnerabilities, including: - Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without...

EUVD-2011-1711

Malware in sbrugna...

EUVD-2015-7727

Malware in sbrugna...

EUVD-2011-2212

Malware in sbrugna...

EUVD-2011-2211

Malware in sbrugna...

EUVD-2011-2210

Malware in sbrugna...

EUVD-2014-4135

Malware in sbrugna...

EUVD-2011-2213

Malware in sbrugna...

EUVD-2011-2982

Malware in sbrugna...

EUVD-2011-2981

Malware in sbrugna...

EUVD-2010-5312

Malware in sbrugna...

EUVD-2024-22364

Malicious code in bioql PyPI...

EUVD-2025-10595

Malicious code in bioql PyPI...

CVE-2010-20107

A stack-based buffer overflow exists in FTP Synchronizer Professional = v4.0.73.274. When the client connects to an FTP server and issues a LIST command—typically during sync preview or profile creation—the server’s response containing an overly long filename triggers a buffer overflow. This...