PT-2026-50231

In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...

Ironic Standalone Operator's controller modifies user-owned resources without consent

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. IRSO controller automatically adds its environment label to user-provided Secrets and ConfigMaps without the resource owner's consent. A high-privilege controller modifying user-owned resources...

Android Malware Spotted Subscribing Victims to Paid Services Without Consent

Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills...

SUSE CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

MiracleLinux 9 : webkit2gtk3-2.50.1-1.el9_7 (AXSA:2025-11496:19)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11496:19 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously craft...

Malicious code in chrome-stealth (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a97fed2b45bf12e5c4ba72089cdc2a1aff4ef42cb5eed242565268439946041a By using the package, the computer is attached to participate in a proxy network and share its IP and bandwidth. This is clearly stated, but the package has no...

CVE-2018-25149

Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated...

CVE-2019-25238 V-SOL GPON/EPON OLT Platform 2.03 Cross-Site Request Forgery Vulnerability

V-SOL GPON/EPON OLT Platform 2.03 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to create admin users, enable SSH, or modify system settings by tricking authenticated...

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

PT-2025-45347

Name of the Vulnerable Software and Affected Versions AnyDesk versions through 9.0.4 Description A remotely connected user with “Control my device” permission can manipulate remote AnyDesk settings and create a password for the Full Access profile without needing confirmation from the counterpart...

RHEL 9 : webkit2gtk3 (RHSA-2025:18097)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18097 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

Malicious code in jython-file (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fc56f6ba4b75b25d4289c3aa3cb1d05f9b1d7bbfacf00b11e270d76ba87a1a3e Package attempts to load in an obfuscated way a code from a file not included in the package as well as inject a dynamic library to the Python dynamic libs...

Android devices track you before you even sign in

Google is spying on Android users, starting from even before they have logged in to their Google account. That's what researchers from Dublin’s Trinity College found after they conducted a measurement study to investigate the cookies, identifiers and other data stored on Android devices by Google...

CVE-2024-44189

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent...

Apple macOS Sonoma Security Vulnerability

Apple macOS Sonoma is a desktop operating system by Apple Inc. A security vulnerability exists in Apple macOS Sonoma version 14.4, which stems from a third-party shortcut that may use a legacy action in Automator to send events to an application without the user's consent...

Apple macOS Security Breach

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Sonoma version 14, which stems from a shortcut that may export sensitive user data without consent...

CVE-2023-32546

Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...