Lucene search
K

8762 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/05 8:16 p.m.7 views

CVE-2026-11422

Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection vulnerability in the WaveDrom rendering pipeline that allows attackers to execute arbitrary JavaScript by embedding malicious content in a wavedrom fenced code block within a crafted Markdown document. Attacker...

8.4CVSS6AI score0.00159EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/05 8:16 p.m.8 views

CVE-2026-11422 Markdown Preview Enhanced 0.8.x Code Injection via WaveDrom Rendering

Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection vulnerability in the WaveDrom rendering pipeline that allows attackers to execute arbitrary JavaScript by embedding malicious content in a wavedrom fenced code block within a crafted Markdown document. Attacker...

8.4CVSS6AI score0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/05 8:16 p.m.38 views

CVE-2026-11422 Markdown Preview Enhanced 0.8.x Code Injection via WaveDrom Rendering

Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection vulnerability in the WaveDrom rendering pipeline that allows attackers to execute arbitrary JavaScript by embedding malicious content in a wavedrom fenced code block within a crafted Markdown document. Attacker...

8.4CVSS0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.8 views

CVE-2025-65087

An Out-of-Bounds Read vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information or execute arbitrary code when a specially crafted VC6 file is being parsed...

8.4CVSS5.7AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.9 views

CVE-2026-48027

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.8CVSS5.4AI score0.0185EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.18 views

PT-2026-47053

Name of the Vulnerable Software and Affected Versions Markdown Preview Enhanced versions 0.8.x Description A code injection issue exists in the WaveDrom rendering pipeline. Attackers can execute arbitrary JavaScript by embedding malicious content in a wavedrom fenced code block within a crafted...

8.4CVSS5.9AI score0.00159EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.7 views

Symfony and Symfony HTML Sanitizer Component 6.1.x < 6.4.40 / 7.0.x < 7.4.12 / 8.0.x 8.0.12 Multiple Vulnerabilities

The version of Symfony and/or the Symfony HTML Sanitizer Component installed on the remote host is prior to 6.1.x prior to 6.4.40, 7.0.x prior to 7.4.12, 8.0.x prior to 8.0.12. and, therefore, affected by multiple vulnerabilities: - A visual spoofing vulnerability exists in Symfony Component...

5.6AI score0.00069EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.8 views

Security Update for Microsoft Visual Studio Code Nx-Console Extension (CVE-2026-48027)

The Microsoft Visual Studio Code Nx-Console Extension is version 18.95.0. It is, therefore, affected by an embedded malicious code vulnerability. The compromised extension fetched an obfuscated payload that could harvest credentials from multiple sources on disk and in memory. Note that Nessus ha...

9.8CVSS5.6AI score0.0185EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2026/06/03 5:58 p.m.18 views

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code VS Code that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/03 3:7 p.m.716 views

1click-gh-token-stealing-via-vscode-POC

1-Click GitHub Token Stealing via VSCode Proof-of-Concept exp...

6.2AI score
Exploits0
Patchstack
Patchstack
added 2026/06/02 1:49 p.m.7 views

WordPress Visual Link Preview plugin <= 2.4.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Aliefis in WordPress Plugin Visual Link Preview versions = 2.4.1...

6.5CVSS5.8AI score0.00345EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.7 views

PT-2026-48590

Уязвимость интерфейса Webview API редактора исходного кода Visual Studio Code связана с ошибками представления информации пользовательским интерфейсом. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, осуществить подмену данных и проводить межсайтовые сценарные атаки XSS...

10CVSS5.5AI score
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.29 views

Detecting Aimbot Cheaters in MOGs

Multiplayer Online Games have become a multibillion dollar industry in the entertainment sector. However, the presence of cheaters undermines the experience of honest players and devalues the effort of game developers, as it directly affects player retention, competitive integrity, the legitimacy...

5.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 11:47 a.m.14 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539

Summary IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security fla...

4.8CVSS5.4AI score0.00156EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 11:47 a.m.15 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

Summary IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before...

9.3CVSS5.8AI score0.00337EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 10:47 a.m.12 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895

Summary IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects ...

7.5CVSS5.8AI score0.00486EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 8:30 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-1.1.12.tgz, brace-expansion-5.0.4.tgz which is vulnerable to CVE-2026-33750

Summary IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-1.1.12.tgz, brace-expansion-5.0.4.tgz which is vulnerable to CVE-2026-33750, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33750...

7.5CVSS5.9AI score0.0043EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 8:15 a.m.13 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

Summary IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before...

9.3CVSS5.8AI score0.00337EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 8:14 a.m.10 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240

Summary IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41238...

6.9CVSS5.8AI score0.00263EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 8:8 a.m.10 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305

Summary IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file an...

6.1CVSS5.8AI score0.00205EPSS
Exploits0Affected Software1
Rows per page
Query Builder