Lucene search
K

1781 matches found

Malwarebytes
Malwarebytes
added 2026/05/06 12:50 p.m.9 views

Attackers adopt JavaScript runtime Bun to spread NWHStealer

In our previous research, we analyzed a Windows infostealer we track as NWHStealer. The attackers behind this stealer are continuously finding new methods to distribute the stealer. During our hunting activities, we noticed how attackers are using a JavaScript runtime called Bun to help distribut...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/05 6:33 p.m.13 views

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-35192 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-35192 Source advisory: OSV:GHSA-7H2M-M8VJ-598H...

6.5CVSS5.4AI score0.00544EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/05 5:30 p.m.13 views

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-6907 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-6907 Source advisory: SNYK:PYTHON-DJANGO-16425745...

5.3CVSS5.4AI score0.00358EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/05 5:30 p.m.9 views

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-5766 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-5766 Source advisory: SNYK:PYTHON-DJANGO-16425762...

6.3CVSS5.4AI score0.00423EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/05 10:20 a.m.10 views

kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration

A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/01 9:27 p.m.7 views

CVE-2026-31734

A flaw was found in the Linux kernel's schedext component. An incorrect check for migration-disabled tasks on systems without CONFIGPREEMPTRCU enabled could lead to a task being dispatched to a remote CPU. This can trigger an scxerror in taskcanrunonremoterq, resulting in a Denial of Service...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2026/04/30 12:36 p.m.21 views

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEPDOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. "The intrusion chain begins with execution of a batc...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.16 views

Medoid Prototype Alignment for Cross-Plant Unknown Attack Detection in Industrial Control Systems

Deploying an intrusion detector trained in one industrial plant to another remains difficult because Industrial Control System ICS traffic is highly site-dependent, labels are scarce, and unseen attacks often appear after deployment. To address this challenge, this paper introduces a medoid...

5.2AI score
Exploits0
NVD
NVD
added 2026/04/24 3:16 a.m.10 views

CVE-2026-33076

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the haproxysectionsave interface presents a vulnerability that could lead to remote code execution due to path traversal and writing into scheduled tasks. Version 8.2.6.4 fixes the iss...

9.8CVSS0.0082EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/24 1:52 a.m.6 views

EUVD-2026-25375

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the haproxysectionsave interface presents a vulnerability that could lead to remote code execution due to path traversal and writing into scheduled tasks. Version 8.2.6.4 fixes the iss...

9.3CVSS6.4AI score0.0082EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the preexit callback in the wireguard device obtaining the rtnllock manually, potentially causing...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.13 views

hackage-server 跨站请求伪造漏洞

hackage-server is a Haskell open-source package repository server. hackage-server has a cross-site request forgery vulnerability. This vulnerability stems from the lack of protection against cross-site request forgery attacks, which may allow external scripts to trigger requests, enabling the abu...

9.6CVSS5.7AI score0.00137EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011237 advisory. In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.11 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the reliance on static MD5 hashes for the...

9.8CVSS5.8AI score0.00571EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013061)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013061 advisory. In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which...

5.8AI score0.00177EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.4 views

CVE-2026-40337

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

5.1CVSS5.8AI score0.00155EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/18 12:0 a.m.19 views

False Security Confidence in Benign LLM Code Generation

Prior work has demonstrated that functionally correct yet vulnerable outputs arise systematically in threat-oriented settings, where adversarial or implicit channels are used to induce security failures in code agents and automated patching workflows. This note introduces a complementary but...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/04/17 8:35 p.m.12 views

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On th...

9.8CVSS6.5AI score0.05648EPSS
Exploits6
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.15 views

WordPress plugin Canto 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00282EPSS
Exploits0References1
Fedora
Fedora
added 2026/04/16 11:42 p.m.7 views

[SECURITY] Fedora 44 Update: kf6-kded-6.25.0-1.fc44

KDED stands for KDE Daemon which isn't very descriptive. KDED runs in the background and performs a number of small tasks. Some of these tasks are built in, others are started on demand. Custom KDED modules can be provided by 3rd party frameworks and applications...

5.8AI score
Exploits0
Rows per page
Query Builder