CVE-2026-25010

Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through = 2.09...

CVE-2026-25010 WordPress Share This Image plugin <= 2.09 - Broken Access Control vulnerability

Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through = 2.09...

CVE-2026-25010 WordPress Share This Image plugin <= 2.09 - Broken Access Control vulnerability

Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through = 2.09...

Malicious Package

Overview @uselagoon/ui-library is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

PT-2026-6244

Name of the Vulnerable Software and Affected Versions ILLID Share This Image versions through 2.09 Description An authorization issue exists in ILLID Share This Image’s ‘share-this-image’ functionality. This allows exploitation due to incorrectly configured access control security levels...

WordPress plugin Share This Image 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Share This Image plugin <= 2.09 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Share This Image versions = 2.09...

Malicious code in do-not-install-this-package-002 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dc0f1ed2645f37e4b8df59ccca64288a02f6cc07009489c54565dfc5b0089f19 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

MAL-2026-163 Malicious code in do-not-install-this-package-002 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dc0f1ed2645f37e4b8df59ccca64288a02f6cc07009489c54565dfc5b0089f19 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

EUVD-2026-1619

Malicious code in do-not-install-this-package-002 PyPI...

PT-2026-27739

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc1lblk+ 84 Description The Linux kernel's blktrace component contains an issue where this cpu read and this cpu write are used in a preemptible context. Specifically, tracing record cmdline utilizes these...

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

WordPress Translate This plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via base_lang Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via baselang Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Translate This gTranslate Shortcode versions = 1.0...

CVE-2022-50771 rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix thiscpuread lockdep warning in rcuforcequiescentstate Running rcutorture with non-zero fqsduration module parameter in a kernel built with CONFIGPREEMPTION=y results in the following splat: BUG: using thiscpuread in...

PT-2025-53137

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc1-yoctodev-standard+ Description The Linux kernel contains an issue where the rcu force quiescent state function uses this cpu read in preemptible code instead of raw cpu read. This can lead to a lockdep...

Malicious Package

Overview teswewewewted is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-201914

Malicious code in do-not-install-this-package-001 PyPI...

MAL-2025-192387 Malicious code in do-not-install-this-package-001 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27c17335ba5378258efc5d22274e8104e45a493eec51d60d0adbeb9c4f627714 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

Cross-site Scripting (XSS)

librenms/librenms is vulnerable to reflected cross-site scripting XSS. The vulnerability is due to improper filtering in the reportthis function in librenms/includes/functions.php, specifically incorrect use of htmlentities in an href context, which allows an attacker to inject malicious script v...

CVE-2025-59371

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...