DeepSeek TUI has SSRF‌ IPV6 bypass

Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in‌‌ URL‌ as http://::1, the SSRF defenses do not work. Details...

Server-side Request Forgery (SSRF)

Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchurl process. An attacker can gain unauthorized access to internal resources by supplying ...

Arbitrary Code Injection

Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Arbitrary Code Injection via the runtests process. An attacker can execute arbitrary code by introducing malicious test code into a...

NPM: DeepSeek TUI: run_tests Tool Enables RCE via Malicious Repository Without Approval

NPM: DeepSeek TUI: runtests Tool Enables RCE via Malicious Repository Without Approval vulnerability discovered by ? in WordPress Npm deepseek-tui versions = 0.3.0, 0.8.23...

Server-side Request Forgery (SSRF)

Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchurl process. An attacker can access sensitive internal resources by supplying a URL that...

NPM: DeepSeek TUI has SSRF via HTTP Redirect Bypass in fetch_url Tool

NPM: DeepSeek TUI has SSRF via HTTP Redirect Bypass in fetchurl Tool vulnerability discovered by ? in WordPress Npm deepseek-tui versions 0.8.22...

Malicious code in tui-ascii-art (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4358458e150317ab394c6dd2d0137a8c395a32bae309cc1bfd829f123dab1393 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

org.webjars.npm:github-com-nhn-tui-image-editor (=3.10.1), org.webjars.npm:tui-image-editor (=3.15.3) potentially affected by CVE-2026-27013 via org.webjars.npm:fabric (>=3.6.0 <=4.5.0)

org.webjars.npm:fabric MAVEN version =3.6.0, =4.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:fabric and may be impacted: - org.webjars.npm:github-com-nhn-tui-image-editor =3.10.1 - org.webjars.npm:tui-image-editor =3.15.3 Source...

Aether Smart Contract Security Analysis Framework 4.7.1

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

How to Configure HTTP Proxy for Linux-based Veeam Components

Purpose This article documents how to configure HTTP and HTTPS Proxy settings for Linux-based components, including the Veeam Software Appliance and JeOS-deployed Veeam Infrastructure Appliances, in environments where a proxy must be used to access the internet. Note: For proxy configuration...

EUVD-2025-135676

Malicious code in teriu-tui-pix npm...

EUVD-2025-135675

Malicious code in teriu-tui-pix npm...

EUVD-2025-137317

Malicious code in reion-tui-pix npm...

MAL-2025-178168 Malicious code in reion-tui-pix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 542480edf3b2b7f314b61fdf9cc3e7eb19258029f2c0270b5adeee72131ea795 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in teriu-tui-pix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a25f3088af4013c6cbeb7dfc7c529f81a639c7f02326b9558954b2d1be953f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-179026 Malicious code in teriu-tui-pix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a25f3088af4013c6cbeb7dfc7c529f81a639c7f02326b9558954b2d1be953f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Fedora: Security Advisory (FEDORA-2025-d3389aa39a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-29c34ad84a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 43 Update: podman-tui-1.9.0-1.fc43

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

Fedora 43 : podman-tui (2025-d3389aa39a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-d3389aa39a advisory. podman-tui release v1.9.0 ---- podman-tui release 1.8.1 Tenable has extracted the preceding description block directly from the Fedora security...