Malicious code in @beyondbday/vibe-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9859c1af428f41ba7f7eb2a1db744705f5644ff2422629d94e3de1ecb59c9405 On every launch of the vibe CLI, dist/vibe.js queries the npm registry for the latest version of @beyondbday/vibe-terminal and, if newer than the...

EUVD-2025-24177

Malicious code in bioql PyPI...

CVE-2025-56513

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are automatically executed,...

Denial Of Service (DoS)

Mattermost Confluence Plugin is vulnerable to Denial Of Service DoS. The vulnerability is due to failure to handle unexpected request bodies in the update channel subscription endpoint, allowing attackers to crash the plugin...

SUSE CVE-2025-52931

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to update channel subscription endpoint with an invalid request body...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to improper handling of unexpected request bodies in the update channel subscription endpoint. An attacker can cause the plugin to crash by repeatedly sending invalid request bodi...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to improper handling of unexpected request bodies in the update channel subscription endpoint. An attacker can cause the plugin to crash by repeatedly sending invalid request bodi...

GHSA-VC77-C2HX-H5X2 Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions

Mattermost Confluence Plugin versions 1.5.0 fails to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the update channel subscription endpoint with an invalid request body...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to improper handling of unexpected request bodies in the update channel subscription endpoint. An attacker can cause the plugin to crash by repeatedly sending invalid request bodi...

CVE-2025-52931

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to update channel subscription endpoint with an invalid request body...

CVE-2025-52931

Mattermost Confluence Plugin has a DoS vulnerability (CVE-2025-52931) in versions

CVE-2025-52931 Unexpected input to Update Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to update channel subscription endpoint with an invalid request body...

CVE-2025-52931 Unexpected input to Update Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to update channel subscription endpoint with an invalid request body...

PT-2025-32576 · WordPress · Mattermost Confluence Plugin

Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin is susceptible to a denial-of-service issue. Attackers can crash the plugin by repeatedly sending invalid request bodies to the update channel...

April 25, 2025-KB5056579 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2

April 25, 2025-KB5056579 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2 IMPORTANT This update was originally released in the Security and Quality Rollup that’s dated April 22, 2025. This update is included in the Security and Quality Rollup that’s dated July 8,...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the updateChannelAction function, which does not sufficiently check user permissions before executing a delete operation. Any user can delete posts containing actions posted by the Playbooks bot. Remediation...

Exposure of Sensitive Information Through Metadata

Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions...

Exposure of Sensitive Information Through Metadata

Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...

Exposure of Sensitive Information Through Metadata

Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...

Exposure of Sensitive Information Through Metadata

Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...