CVE-2026-40525 OpenViking < 0.3.9 Authentication Bypass via VikingBot OpenAPI

OpenViking prior to version 0.3.9 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the apikey configuration value is unset or empty. Remote attackers with network access to the exposed service can invoke...

OpenViking 安全漏洞

OpenViking is an open-source artificial intelligence agent-based context database developed by Volcengine. Previous versions of OpenViking had security vulnerabilities. These vulnerabilities stemmed from a flaw in the HTTP routing mechanism of the VikingBot OpenAPI, which allowed authentication...

PT-2026-33478

Name of the Vulnerable Software and Affected Versions OpenViking versions prior to commit c7bb167 Description An authentication bypass exists in the VikingBot OpenAPI HTTP route surface. The issue occurs when the api key configuration value is unset or empty, causing the authentication check to...

EUVD-2001-0463

Malware in sbrugna...

EUVD-2001-0660

Malware in sbrugna...

viking-rubber.com Cross Site Scripting vulnerability OBB-3479714

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

vikingwoodworks.com.au Cross Site Scripting vulnerability OBB-2839312

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

vikingfoodsolutions.com.au Cross Site Scripting vulnerability OBB-2839309

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help

“There are few jobs where I can say, I make two billion people more secure on the internet every single day.” Childhood Look: Goth kid, all in black Current Look: Cyber Viking Childhood hobby: Head banging to Metallica, Marilyn Manson, and Guns N’ Roses Current hobby: n0x08 DJ’s Live events aroun...

Researcher Spotlight: Cyber Viking Nate Warfield is Here to Help

“There are few jobs where I can say, I make two billion people more secure on the internet every single day.” Childhood Look: Goth kid, all in black Current Look: Cyber Viking Childhood hobby: Head banging to Metallica, Marilyn Manson, and Guns N’ Roses Current hobby: n0x08 DJ’s Live events aroun...

Mageia: Security Advisory (MGASA-2021-0411)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated gpsd packages fix security vulnerability and other bugs

It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. This update provides upstream version 3.23 that has this and several other upstream issues fixed. It also fixes issues that prevents it to start properl...

vikingtravel.me Cross Site Scripting vulnerability OBB-1469701

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

viking-homes.es Cross Site Scripting vulnerability OBB-1241838

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Arbitrary File Download Vulnerability in Website Management System of Hangzhou Viking Club Network Technology Co.

Hangzhou Vickers Club Network Technology Co., Ltd. is a website builder. Hangzhou Vickers Club Network Technology Co., Ltd. website builder management system suffers from an arbitrary file download vulnerability, which can be exploited by an attacker to download arbitrary files...

video.vikingsecurity.ee Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1141359 Security Researcher g0bl1nsec Helped patch 3754 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting video.vikingsecurity.ee...

Oski Data-Stealing Malware Emerges to Target North America, China

An emergent and effective data-harvesting tool dubbed Oski is proliferating in North America and China, stealing online account credentials, credit-card numbers, cryptowallet accounts and more. Oski, likely a Finnish or Nordic variant of the word Oska, meaning “Viking warrior or god” in Samoan,...

vikingfuneralservices.ca XSS vulnerability

Open Bug Bounty ID: OBB-658274 Description| Value ---|--- Affected Website:| vikingfuneralservices.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

vikingcruises.com XSS vulnerability

Open Bug Bounty ID: OBB-316491 Description| Value ---|--- Affected Website:| vikingcruises.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

vikingrivercruises.com XSS vulnerability

Vulnerable URL: http://www.vikingrivercruises.com/cruise-destinations/egypt/pathways-pharaohs/2017-cairo-nile-lakenasser/index.html?utmid='-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:|...