Lucene search
K

13 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 3:0 a.m.12 views

Malicious code in solana-mev-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65516d3e042858742ebfee878ff2de6361994ce0155dcbf53c8e0f24cd5fafb bot.js performs a hardcoded HTTPS GET to api.telegram.org's bot sendMessage endpoint, transmitting host fingerprint data collected via os.hostname,...

5.3AI score
Exploits0References1
OSV
OSV
added 2026/06/16 3:0 a.m.9 views

MAL-2026-5861 Malicious code in solana-mev-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65516d3e042858742ebfee878ff2de6361994ce0155dcbf53c8e0f24cd5fafb bot.js performs a hardcoded HTTPS GET to api.telegram.org's bot sendMessage endpoint, transmitting host fingerprint data collected via os.hostname,...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/05/21 12:0 a.m.11 views

MAL-2026-4215 Malicious code in polymarket-trade (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

5.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-5082

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.01874EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/23 9:22 p.m.15 views

CVE-2025-27106

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

8.8CVSS8.1AI score0.01874EPSS
Exploits0References1
NVD
NVD
added 2025/02/21 10:15 p.m.12 views

CVE-2025-27106

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

8.8CVSS0.01874EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/21 9:18 p.m.8 views

CVE-2025-27106 Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

7.7CVSS9.2AI score0.01874EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/21 9:18 p.m.27 views

CVE-2025-27106 Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

7.7CVSS0.01874EPSS
Exploits0References3
CVE
CVE
added 2025/02/21 9:18 p.m.57 views

CVE-2025-27106

Summary: The vulnerability CVE-2025-27106 affects binance-trading-bot. Authenticated users can trigger a command injection via the "/restore" endpoint, where the uploaded file name is passed to shell.exec without sufficient sanitization, enabling Remote Code Execution on the host. Root cause: Ina...

8.8CVSS7.8AI score0.01874EPSS
Exploits0References3
OSV
OSV
added 2025/02/21 9:18 p.m.8 views

CVE-2025-27106 Code injection in binance-trading-bot

binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...

7.7CVSS8.2AI score0.01874EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.6 views

PT-2025-7632 · Unknown · Binance-Trading-Bot

Name of the Vulnerable Software and Affected Versions: binance-trading-bot versions prior to 0.0.100 Description: The binance-trading-bot is an automated Binance trading bot with a trailing buy/sell strategy. Authenticated users can achieve Remote Code Execution on the host system due to a comman...

8.8CVSS8.2AI score0.01874EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/02/21 12:0 a.m.3 views

Binance Trading Bot 安全漏洞

Binance Trading Bot is an automated trading bot by Chris Lee, a personal developer. A security vulnerability exists in Binance Trading Bot that stems from a command injection vulnerability contained in the /restore port...

8.8CVSS7.3AI score0.01874EPSS
Exploits0References4
HackRead
HackRead
added 2024/02/08 10:54 a.m.11 views

The Anatomy of Trading Bot Scams: Strategies for Secure Investments

By Uzair Amir In the exciting world of investment, there are malicious actors who peddle trading bot scams, preying on the aspirations of eager investors. This is a post from HackRead.com Read the original post: The Anatomy of Trading Bot Scams: Strategies for Secure Investments...

7.3AI score
Exploits0
Rows per page
Query Builder