7445 matches found
CVE-2026-55187
Mailpit is an email testing tool and API for developers. Prior to 1.30.2, the remediation shipped for CVE-2026-27808 is incomplete because the tools.IsInternalIP deny-list in internal/tools/net.go relies on Go's standard library classification helpers and does not block IPv6 transition mechanisms...
FTP Fetch, Linux Execute Command
Fetch and execute an MIPSLE payload from an FTP server. A very small shellcode for executing commands. This module is sometimes helpful for testing purposes as well as on targets with extremely limited buffer space. Module Options msf use payload/cmd/linux/ftp/mipsle/exec msf payloadexec show...
FTP Fetch, Linux Reboot
Fetch and execute an RISC-V 64-bit payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/ftp/riscv64le/reboot msf...
FTP Fetch, Linux Reboot
Fetch and execute an MIPSLE payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/ftp/mipsle/reboot msf payloadreboot sh...
[SECURITY] Fedora 43 Update: kind-0.31.0-4.fc43
Kubernetes IN Docker - local clusters for testing Kubernetes...
CVE-2026-54695
CVE-2026-54695 - Pipecat Telephony WebSocket /ws Unauthenticated Call-Control Abuse Pipecat prior to v1.4.0 registers a /ws WebSocket endpoint for telephony testing that accepts connections without authentication. An attacker can send a crafted handshake containing a caller-supplied callSid, whic...
Malicious code in testing-d3do (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c008bcf9a72a02f11c556396a39d6de999bfad0cfa389ddac01929d19bb34d8 On npm install, this package's postinstall script collects host identifiers os.hostname, os.userInfo, current working directory, and external IPv4...
Malicious code in rony-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be1a5728b472335e46d1df74becaf6355424f1f32d068bb517c079d88cacc03c The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo.username, hostname...
MAL-2026-6968 Malicious code in rony-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be1a5728b472335e46d1df74becaf6355424f1f32d068bb517c079d88cacc03c The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo.username, hostname...
[SECURITY] Fedora 44 Update: os-autoinst-5^20260601git6ee8da2-1.fc44
The OS-autoinst project aims at providing a means to run fully automated tests. Especially to run tests of basic and low-level operating system components such as bootloader, kernel, installer and upgrade, which can not easily and safely be tested with other automated testing frameworks. However,...
[SECURITY] Fedora 44 Update: openqa-5^20260604git6376095-3.fc44
openQA is a testing framework that allows you to test GUI applications on one hand and bootloader and kernel on the other. In both cases, it is difficult to script tests and verify the output. Output can be a popup window or it can be an error in early boot even before init is executed. openQA is...
SUSE-SU-2026:22459-1 Security update for pcr-oracle
This update for pcr-oracle fixes the following issues Update to 0.6.3: Security issue: - integer underflow vulnerability in parsesbatlevelsection bsc1265042. Non security issue: - Lockout Authorization error for libvirt-emulated TPM bsc1265871. Changes for pcr-oracle: + Relax TPM self-test...
PT-2026-54008
Name of the Vulnerable Software and Affected Versions Picklescan versions prior to 0.0.25 Description Picklescan fails to detect unsafe global functions within the Numpy library, which allows attackers to bypass static analysis. This issue enables the execution of arbitrary code during...
OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
OpenAI on Friday released three versions of GPT-5.6 , called Sol, Terra, and Luna , as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful, Terra strikes a balance between efficien...
CVE-2026-54844
Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...
CVE-2026-54844 WordPress CheckView Automated Testing plugin <= 2.1.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...
EUVD-2026-39371
Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...
CVE-2026-54844
The CVE-2026-54844 entry concerns WordPress CheckView Automated Testing plugin (versions
CVE-2026-11379 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under...
PT-2026-52421
Name of the Vulnerable Software and Affected Versions CheckView Automated Testing versions prior to 2.1.1 Description An unauthenticated broken access control issue exists, allowing unauthorized users to bypass security restrictions. Recommendations Update CheckView Automated Testing to version...