Lucene search
+L

252 matches found

Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-60097

Name of the Vulnerable Software and Affected Versions nebula-mesh affected versions not specified Description The web handler renderMobileBundle passes a pki.CAResolver to the mobilebundle.Build function, which decrypts the CA's ed25519 private key into a pki.CAManager. However, the Build functio...

8.7CVSS6.2AI score
Exploits0References6
The Hacker News
The Hacker News
added 2026/07/02 6:30 p.m.24 views

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 CVE-2025-5777 vulnerability to obtain initial access. "Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Remote Management and...

9.3CVSS7.5AI score0.9987EPSS
Exploits18
OSV
OSV
added 2026/06/30 11:9 p.m.8 views

SUSE-SU-2026:22436-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...

9.8CVSS7AI score0.0053EPSS
Exploits3References145
CVE
CVE
added 2026/06/24 9:8 p.m.22 views

CVE-2026-55762

Rocket.Chat CVE-2026-55762 concerns an unauthenticated mis-authorization on POST /api/v1/fingerprint. Prior to fixed versions, authenticated users could call the endpoint with {"setDeploymentAs": "new-workspace"} to permanently deregister the workspace from Rocket.Chat Cloud, wiping cloud credent...

8.1CVSS5.9AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 9:8 p.m.4 views

CVE-2026-55762 Rocket.Chat: Any Authenticated User Can Permanently Deregister Workspace from Rocket.Chat Cloud via Unprotected `/api/v1/fingerprint` Endpoint

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication authRequired: true but performs no authorization check. Any authenticated user —...

8.1CVSS6AI score0.00323EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 9:32 p.m.9 views

EUVD-2026-37217

In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00072EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/10 6:34 p.m.10 views

nebula-mesh: Decrypted CA private key persists in heap after signing

internal/pki/resolver.go:36-64 constructs a CAManager with the plaintext ed25519.PrivateKey after unwrapping via the master key; internal/pki/ca.go:13-16 stores it. Callers at internal/api/enroll.go:116, internal/api/updates.go:297, and internal/api/mobilebundle.go:40 use the manager for one Sign...

5.3AI score0.0001EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2026/06/10 6:34 p.m.7 views

GHSA-8H84-FHQQ-Q58V nebula-mesh: Decrypted CA private key persists in heap after signing

internal/pki/resolver.go:36-64 constructs a CAManager with the plaintext ed25519.PrivateKey after unwrapping via the master key; internal/pki/ca.go:13-16 stores it. Callers at internal/api/enroll.go:116, internal/api/updates.go:297, and internal/api/mobilebundle.go:40 use the manager for one Sign...

5.3AI score0.0001EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/10 1:55 p.m.44 views

CVE-2026-53469 Migration-planner: unprotected delete endpoint wipes all tenant data

A flaw was found in migration-planner. An authenticated user can exploit this vulnerability by sending a DELETE request to the /api/v1/sources route, which lacks proper authorization and filtering. This allows for the destruction of all customer data, including sources, agents, and assessments,...

9.1CVSS0.00288EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48603

Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.7 Description Decrypted CA private keys persist in the process heap because the CAManager does not zeroise the plaintext ed25519.PrivateKey after use. This occurs when callers at internal/api/enroll.go:116,...

5.9AI score0.0001EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 10:16 a.m.22 views

Malicious code in tiktoken-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac746100211f13951c190e98140c6948be51d7be9257b2b26bcc9baef19be29f tiktoken-mcp impersonates the OpenAI-published tiktoken package: its METADATA copies the upstream Name/Summary, Author 'Shantanu Jain', Author-email...

5.5AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.13 views

Malicious code in executor-engine (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fee580000475783e657a2e66ca6a4a4bd4369aa0bc9f87152b003dca6f34848 executor-engine 0.3.4 ships a malicious site-packages.pth file executorengine-setup.pth that Python's site initialization auto-executes on every...

5.9AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in ppkt2synergy (PyPI)

The package ppkt2synergy version 0.1.1 contains a malicious .pth file ppkt2synergy-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an...

6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.15 views

Malicious code in mrbios (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d1c97dced5d8f917e2e9901e0ed99fb0034bfafb5a3d46ad47eeba76a883c57 The package installs mrbios-setup.pth into site-packages. Python auto-loads.pth files at every interpreter startup, so the contained payload runs...

6.2AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.21 views

Malicious code in coolbox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c55bfdad112134e980af7568a9138be1e4b940f7bfbeebad2b0f85d9337a0f44 The wheel installs coolbox-setup.pth, a Python path-configuration file that Python auto-loads at every interpreter startup any python invocation...

5.6AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in dreamgen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 518c5b1627018ff52b8f3b8e83d862735009be6eaed3595922195bb3b45e6162 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.16 views

Malicious code in orchestr8-platform (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d9526ae43236ac15964b307175384455975ace26d8157ef3c41ed8db8192562 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in bramin (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fb2ac40fcb4626c5e7dea5e26951bc0965b39a1eb721c1a8f23846f421a5827 bramin ships a bramin-setup.pth file that Python auto-executes at every interpreter startup system-wide, not only when bramin is imported. The.pth...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in mem8 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c765c6eef25d18c5a10057d62908ac3bc1ece86e39a9807683834fb7f896b52 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.23 views

Malicious code in dynamo-release (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4e35bea632f7363e7a1cc6ccbfb9227eca2c4720b0a689edc1bc3ce64c9d85c Versions 1.5.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...

5.5AI score
Exploits0References5
Rows per page
Query Builder