Lucene search
K

932 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added yesterday9 views

Malicious code in postcss-processor-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0253c4f750443ba47f0ab61347fa85a1659b847190a85757575e904966636da On require, src/index.js loads src/token-loader.js, which reads data/design-tokens.json, XOR-decodes the base64 blobs under encrypted.chunks using a...

6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-58858

Name of the Vulnerable Software and Affected Versions jadx versions 1.5.2 through 1.5.5 Description A path traversal issue exists where a malicious .xapk file can cause the application to write attacker-controlled archive entry contents outside the intended XAPK plugin temporary unpack directory...

7CVSS6.3AI score
Exploits0References5
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42893

n8n before 2.28.0 and before 1.123.58 on the 1.x branch contains a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota check does not account for files already written to the shared temporary directory, allowing an authenticated user to repeatedly...

5.3CVSS6.1AI score0.00225EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 9:54 a.m.18 views

CVE-2026-49297

Apache Airflow Google provider contains a path traversal flaw in GCSToSFTPOperator and GCSTimeSpanFileTransformOperator: GCS object names from bucket listings are joined to a destination path without normalisation or containment checks. A user with write access to a source GCS bucket could create...

8.1CVSS6.1AI score0.01058EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/07/05 4:0 a.m.34 views

CVE-2026-14702 zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS0.00108EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/05 4:0 a.m.8 views

CVE-2026-14702

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS5.2AI score0.00108EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/07/02 8:32 p.m.10 views

EUVD-2026-37820

Steeltoe: TLS private keys written to /tmp with default permissions, never deleted...

4.7CVSS5.8AI score0.00065EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 2:21 p.m.21 views

CVE-2026-58034

The CVE describes a stored XSS in Wikimedia Foundation CheckUser, specifically in the file modules/ext.CheckUser.TempAccounts/components/blockConnectedTempAccountsField.Vue. Affected product: CheckUser; versions from 1.46.0-rc.0 before 1.46.0 are vulnerable. Root cause: improper neutralization of...

4.8CVSS5.8AI score0.00142EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/07/01 2:21 p.m.8 views

EUVD-2026-41011

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/blockConnectedTempAccountsField.Vue. This issue affects...

5.8AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/30 1:37 p.m.8 views

CVE-2026-46406

A flaw was found in Claude Code. The /copy command created responses in a predictable, world-readable temporary file without proper isolation or symlink protection. This allowed a local unprivileged user to read sensitive information from a privileged user's Claude response, potentially containin...

6.8CVSS6AI score0.00149EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53255

Name of the Vulnerable Software and Affected Versions GNU gzip affected versions not specified Description The gzexe utility handles temporary files insecurely. If the mktemp utility is missing from the user's PATH, gzexe generates a temporary file path using only the process ID PID. Because this...

4.7CVSS5.9AI score0.00105EPSS
Exploits0References18
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 7:21 a.m.6 views

Malicious code in subsearch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04245cd013e6aa9edb766cf14249c9dd6abd19d6beb9671c22a1a8bbbff3d511 The package's main entry index.js is the only file of substance and is wrapped in obfuscator.io string-array + RC4 obfuscation that hides every liter...

6AI score
Exploits0References3
NVD
NVD
added 2026/06/23 8:16 p.m.9 views

CVE-2026-54328

Pi is a minimal terminal coding harness. From 0.74.0 until 0.78.1, Pi versions with temporary npm or git extension package installs used predictable paths under the operating system temporary directory. On Linux-based multi-user systems, a local attacker who can write to the shared temporary...

7.3CVSS0.00115EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 4:16 p.m.4 views

DEBIAN-CVE-2026-12479

A path traversal vulnerability exists in keras-team/keras version 3.14.0, specifically in the DiskIOStore.make method within the Keras 3 model saving and loading library. This vulnerability arises from the improper handling of user-provided layer names, which are used to construct directory paths...

6.1CVSS5.9AI score0.00263EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:2 p.m.14 views

Malicious code in @antoncarlos1/nodelamp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d930df8b6392b3bbfe3b591d90226374d31fb246e06018521f3f673a815b618a @antoncarlos1/[email protected] ships a single obfuscated index.js that runs a dropper on require. The top-level IIFE constructs a hardcoded IPv4 URL by...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/19 3:2 p.m.6 views

MAL-2026-6209 Malicious code in @antoncarlos1/nodelamp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d930df8b6392b3bbfe3b591d90226374d31fb246e06018521f3f673a815b618a @antoncarlos1/[email protected] ships a single obfuscated index.js that runs a dropper on require. The top-level IIFE constructs a hardcoded IPv4 URL by...

5.9AI score
Exploits0References3
EUVD
EUVD
added 2026/06/18 11:1 a.m.11 views

EUVD-2026-37877

Local privilege escalation by loading DLLs from a shared temporary directory in ANSSI’s DFIR-ORC, versions 10.2.7 and prior. An attacker with prior access to the system, can place a malicious DLL in C:\Windows\Temp and wait for the application to be executed. Because DFIR-ORC is extracted and...

7.3CVSS5.3AI score0.00102EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:1 a.m.7 views

CVE-2026-11958

Local privilege escalation by loading DLLs from a shared temporary directory in ANSSI’s DFIR-ORC, versions 10.2.7 and prior. An attacker with prior access to the system, can place a malicious DLL in C:\Windows\Temp and wait for the application to be executed. Because DFIR-ORC is extracted and...

7.3CVSS5.3AI score0.00102EPSS
Exploits0References3
CVE
CVE
added 2026/06/18 11:1 a.m.24 views

CVE-2026-11958

ANSSI DFIR-ORC (versions up to 10.2.7) is affected by local privilege escalation via DLLs loaded from a shared temporary directory. An attacker with prior system access can drop a malicious DLL in C:\Windows\Temp and wait for the DFIR-ORC process, which is extracted and executed from that locatio...

7.3CVSS5.3AI score0.00102EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 10:18 p.m.9 views

Malicious code in package-uploader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69b86134d9cd019c2d8ad172eed54cd4a48839d69ed2c6af52b79ef5080da765 [email protected] ships an install-hook.js that runs automatically as the npm postinstall script package.json declares "postinstall": "node...

5.8AI score
Exploits0References2
Rows per page
Query Builder