Lucene search
K

71943 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2 days ago6 views

9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass

9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWTSECRET environment variable is not set. Because this secret is committed in the public repository and unchanged across all releases, any...

5.8AI score0.0019EPSS
Exploits0References3Affected Software1
Debian
Debian
added 3 days ago2 views

[SECURITY] [DLA 4663-1] node-lodash security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4663-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 02, 2026 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

9.8CVSS6.2AI score0.2241EPSS
Exploits2
Imperva Blog
Imperva Blog
added 3 days ago4 views

Code Injection in Perforce Helix Core (CVE-2026-6902)

Executive Summary In this article, we disclose our latest findings we made on Perforce protocol P4 Helix Core between command line client and server, and reveal how a threat actor could leverage it to conduct attacks. This security issue affects P4 Helix Core before P4 Helix Core 2025.2 Patch 2,...

7.7CVSS6.4AI score0.00449EPSS
Exploits0
OSV
OSV
added 3 days ago2 views

MAL-2026-6724 Malicious code in starlette-healthcheck (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45d8da59826f5074d5b65d3b4733a4da6e7ce20167db9c14f7004e5fb7abe273 The package presents itself as an ASGI healthcheck/request-logging utility, but its advertised configurelogging helper exposed from the top-level...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago4 views

Malicious code in starlette-healthcheck (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45d8da59826f5074d5b65d3b4733a4da6e7ce20167db9c14f7004e5fb7abe273 The package presents itself as an ASGI healthcheck/request-logging utility, but its advertised configurelogging helper exposed from the top-level...

5.8AI score
Exploits0References3
GithubExploit
GithubExploit
added 3 days ago42 views

unified-bb-suite

Unified BB Suite — Combined Workflow Two work...

6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago4 views

Malicious code in polymarket-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65aa9243f492d222e1bb036c8ed55fb17268bd987a63ad2ea2aa1b28e44defc3 Package is published as a Polymarket API client but its default export getPlugin performs unconditional remote code execution on use. On invocation i...

6.4AI score
Exploits0References1
OSV
OSV
added 3 days ago4 views

MAL-2026-6713 Malicious code in polymarket-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65aa9243f492d222e1bb036c8ed55fb17268bd987a63ad2ea2aa1b28e44defc3 Package is published as a Polymarket API client but its default export getPlugin performs unconditional remote code execution on use. On invocation i...

6.4AI score
Exploits0References1
The Hacker News
The Hacker News
added 3 days ago15 views

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

Argo CD , a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component's internal network port. Synacktiv, which found the bug, says it can lead to a full cluster...

5.9AI score
Exploits0
Github Security Blog
Github Security Blog
added 3 days ago4 views

repomix Vulnerable to Command Injection (RCE) via `--remote-branch` Argument Injection

Vulnerability Metadata | Field | Detail | | --- | --- | | Affected Component | src/core/git/gitCommand.ts execGitShallowClone | | Impact | Arbitrary Command Execution / Security Control Bypass | Summary The --remote-branch CLI option in repomix is vulnerable to argument injection. User-supplied...

6.2AI score0.00066EPSS
Exploits0References2Affected Software1
OSV
OSV
added 3 days ago3 views

GHSA-9MM9-RQHJ-J5MX repomix Vulnerable to Command Injection (RCE) via `--remote-branch` Argument Injection

Vulnerability Metadata | Field | Detail | | --- | --- | | Affected Component | src/core/git/gitCommand.ts execGitShallowClone | | Impact | Arbitrary Command Execution / Security Control Bypass | Summary The --remote-branch CLI option in repomix is vulnerable to argument injection. User-supplied...

8.8CVSS6.2AI score0.00066EPSS
Exploits0References2
OSV
OSV
added 3 days ago3 views

GHSA-GVPP-V77H-5W8G Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR`

Untrusted Project Bootstrap Code Execution via CLAUDEPROJECTDIR Summary The Cortex MCP server neuro-cortex-memory treats the CLAUDEPROJECTDIR environment variable — automatically set by Claude Code to the currently open project directory — as a trusted Cortex developer checkout. When the...

8.5CVSS6.6AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 3 days ago6 views

Cortex has Untrusted Project Bootstrap Code Execution via `CLAUDE_PROJECT_DIR`

Untrusted Project Bootstrap Code Execution via CLAUDEPROJECTDIR Summary The Cortex MCP server neuro-cortex-memory treats the CLAUDEPROJECTDIR environment variable — automatically set by Claude Code to the currently open project directory — as a trusted Cortex developer checkout. When the...

6.6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 3 days ago4 views

auth-fetch-mcp has SSRF Protection Bypass via IPv4-mapped IPv6 Loopback

SSRF Protection Bypass via IPv4-mapped IPv6 Loopback Summary auth-fetch-mcp v3.0.1 implements SSRF protection in assertSafeUrl src/security.ts to block requests to private and loopback addresses. However, the isPrivateV6 function fails to detect IPv4-mapped IPv6 loopback addresses in their...

5.8AI score
Exploits0References2Affected Software1
OSV
OSV
added 3 days ago2 views

GHSA-PVRJ-8CG3-J5F8 auth-fetch-mcp has SSRF Protection Bypass via IPv4-mapped IPv6 Loopback

SSRF Protection Bypass via IPv4-mapped IPv6 Loopback Summary auth-fetch-mcp v3.0.1 implements SSRF protection in assertSafeUrl src/security.ts to block requests to private and loopback addresses. However, the isPrivateV6 function fails to detect IPv4-mapped IPv6 loopback addresses in their...

7.4CVSS5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 3 days ago4 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago3 views

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References5
OSV
OSV
added 3 days ago3 views

USN-8489-1 linux-oem-7.0 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

9.8CVSS7.2AI score0.93235EPSS
Exploits62References166
Ubuntu
Ubuntu
added 3 days ago3 views

USN-8489-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

9.8CVSS6.4AI score0.93235EPSS
Exploits62
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago4 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for June 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.1-IF008. These vulnerabilities have been also adressed in 24.0.0-IF007, 25.0.0-IF005 and 25.0.1-IF001. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the...

9.9CVSS7.4AI score0.01735EPSS
Exploits1Affected Software1
Rows per page
Query Builder