13 matches found
Malicious code in solana-mev-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65516d3e042858742ebfee878ff2de6361994ce0155dcbf53c8e0f24cd5fafb bot.js performs a hardcoded HTTPS GET to api.telegram.org's bot sendMessage endpoint, transmitting host fingerprint data collected via os.hostname,...
MAL-2026-5861 Malicious code in solana-mev-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65516d3e042858742ebfee878ff2de6361994ce0155dcbf53c8e0f24cd5fafb bot.js performs a hardcoded HTTPS GET to api.telegram.org's bot sendMessage endpoint, transmitting host fingerprint data collected via os.hostname,...
MAL-2026-4215 Malicious code in polymarket-trade (npm)
A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...
EUVD-2025-5082
Malicious code in bioql PyPI...
CVE-2025-27106
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106 Code injection in binance-trading-bot
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106 Code injection in binance-trading-bot
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106
Summary: The vulnerability CVE-2025-27106 affects binance-trading-bot. Authenticated users can trigger a command injection via the "/restore" endpoint, where the uploaded file name is passed to shell.exec without sufficient sanitization, enabling Remote Code Execution on the host. Root cause: Ina...
CVE-2025-27106 Code injection in binance-trading-bot
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
PT-2025-7632 · Unknown · Binance-Trading-Bot
Name of the Vulnerable Software and Affected Versions: binance-trading-bot versions prior to 0.0.100 Description: The binance-trading-bot is an automated Binance trading bot with a trailing buy/sell strategy. Authenticated users can achieve Remote Code Execution on the host system due to a comman...
Binance Trading Bot 安全漏洞
Binance Trading Bot is an automated trading bot by Chris Lee, a personal developer. A security vulnerability exists in Binance Trading Bot that stems from a command injection vulnerability contained in the /restore port...
The Anatomy of Trading Bot Scams: Strategies for Secure Investments
By Uzair Amir In the exciting world of investment, there are malicious actors who peddle trading bot scams, preying on the aspirations of eager investors. This is a post from HackRead.com Read the original post: The Anatomy of Trading Bot Scams: Strategies for Secure Investments...