129 matches found
CVE-2026-56360
n8n is affected in versions prior to 1.123.18 and 2.6.2 where the ZendeskTrigger node fails to verify HMAC-SHA256 signatures on Zendesk webhooks. This allows attackers who know the webhook URL to send unsigned POST requests, potentially triggering workflows with arbitrary data. No remediation det...
CVE-2026-44484
PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality consistent with a credential harvesting mechanism...
CVE-2026-44484 Compromise of PyTorch Lightning PyPi Package Versions
PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality consistent with a credential harvesting mechanism...
Credential Harvesting Functionality
pytorchlightning is vulnerable to credential harvesting functionality. The vulnerability is due to the introduction of functionality in versions 2.6.2 that is consistent with a credential harvesting mechanism, which allows an attacker to capture or misuse sensitive credentials through malicious...
Compromise of PyTorch Lightning PyPi Package Versions
Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions Published: 2026-04-30 Last Updated: 2026-05-12 Github Advisory: CVE-2026-44484 We have identified a security incident affecting certain versions of one of our PyPI packages. What happened We have determined that one or more...
JLSEC-2026-174
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...
emlog SQL注入漏洞
Emlog is an open-source CMS website building system based on PHP and MySQL. Versions of Emlog 2.6.2 and earlier have a SQL injection vulnerability. This vulnerability stems from the updateTagName function in the include/model/tagmodel.php file, which directly inserts user input into the SQL query...
Deserialization of Untrusted Data
Overview nemo-toolkit is a NeMo - a toolkit for Conversational AI Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the torch.load checkpoint and model import paths in the nemo collections and checkpoint utilities. An attacker can execute arbitrary code...
CVE-2018-25189
Data Center Audit 2.6.2 contains an SQL injection vulnerability in the username parameter of dca_login.php that allows unauthenticated attackers to submit crafted SQL payloads via POST to extract sensitive DB information (usernames, database names, version details). CVSS vectors: CVSS3.1 (AV:N/AC...
MiracleLinux 7 : mercurial-2.6.2-6.el7 (AXSA:2016-223:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-223:01 advisory. Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Quick start:...
CVE-2026-22703 Cosign verification accepts any valid Rekor entry under certain conditions
Cosign provides code signing and transparency for containers and binaries. Prior to versions 2.6.2 and 3.0.4, Cosign bundle can be crafted to successfully verify an artifact even if the embedded Rekor entry does not reference the artifact's digest, signature or public key. When verifying a Rekor...
OPENSUSE-SU-2026:10026-1 python311-urllib3-2.6.2-1.1 on GA media
These are all security issues fixed in the python311-urllib3-2.6.2-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2022-27240
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...
EUVD-2018-9985
Malware in sbrugna...
EUVD-2020-23231
Malware in sbrugna...
EUVD-2019-3824
Malware in sbrugna...
EUVD-2022-45093
Malicious code in bioql PyPI...
EUVD-2025-25360
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-5851
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The freeoptions function in optionsmanager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a...
CVE-2025-49891
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in uxper Uxper Booking uxper-booking allows Blind SQL Injection.This issue affects Uxper Booking: from n/a through = 1.3.3...