Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

GHSA-WGX6-G857-JJF7 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence

Summary The OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid session token instead. In assumed breach scenarios, this behaviour can be exploited by an attacker who has already obtained a valid session token, to ga...

CVE-2026-4281

The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 7.5.21. This is due to missing capability checks on the connect and listenfortokens methods of the FormLiftInfusionsoftManager class, both of which are hooked ...

EUVD-2026-16100

The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 7.5.21. This is due to missing capability checks on the connect and listenfortokens methods of the FormLiftInfusionsoftManager class, both of which are hooked ...

CVE-2026-4281

The FormLift for Infusionsoft Web Forms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 7.5.21. This is due to missing capability checks on the connect and listenfortokens methods of the FormLiftInfusionsoftManager class, both of which are hooked ...

CVE-2025-34291 Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration alloworigins='' with allowcredentials=True combined with a refresh token cookie configured as SameSite=None allows a malicio...

CVE-2025-34291

Summary: Langflow AI

CVE-2025-34291 Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration alloworigins='' with allowcredentials=True combined with a refresh token cookie configured as SameSite=None allows a malicio...

Rocket.Chat Cross Site Scripting

Title: Rocket.Chat - Cross Site Scripting Exploit Token Hijack + Product: Rocket.Chat + Vendor: https://rocket.chat/ + Vulnerable Versions: Rocket.Chat 2. Open a chat session 3. Send payload with your web server url 4. Token will be written in logs.txt when target seen your message...

CVE-2019-1020010

Misskey before 10.102.4 allows hijacking a user's token...

tendrl-api: Improper cleanup of session token can allow attackers to hijack user sessions

Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. Session tokens remain active for a few minutes allowing attackers to replay tokens acquired via sniffing/MITM attacks and authenticate as the target user...

Ansible Tower Cross-Site Request Forgery Vulnerability

Ansible is a computer system configuration manager from Ansible, Inc. that can be used to publish, manage, and orchestrate computer systems.Ansible Tower a.k.a. Ansible UI is one of the task control applications that provides a user interface UI, dashboard, and REST API. A cross-site request...

Cisco Multiple Product Session Fixation Vulnerability

Cisco 3000 Series Industrial Security Appliances ISA are different series of security firewall appliances from Cisco.AnyConnect Secure Mobility Client, Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software are the software used in them.AnyConnect Secure Mobility Clien...

CVE-2018-0229

A vulnerability in the implementation of Security Assertion Markup Language SAML Single Sign-On SSO authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance ASA Software, and Cisco Firepower Threat Defense FTD Software could allow an...

On (OAuth) token hijacks for fun and profit part #2 (Microsoft/xxx integration)

In a previous blogpost we have already analyzed a token hijack on one OAuth integration between some Microsoft and Google service and seen what went wrong. Now it is time to see yet another integration between Microsoft and xxxx unluckily I can't disclose the name of the other company due the fac...