Lucene search
K

161 matches found

Snyk
Snyk
added 2026/06/10 1:34 p.m.9 views

Malicious Package

Overview ethers-wordlist is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.13 views

CVE-2026-25559

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...

8.8CVSS6.4AI score0.00566EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 5:16 p.m.8 views

CVE-2026-25559

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...

8.8CVSS0.00566EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/08 4:52 p.m.37 views

CVE-2026-25559 OpenBullet2 0.3.2 Path Traversal via Wordlist Endpoint

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...

8.8CVSS0.00566EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 4:52 p.m.6 views

CVE-2026-25559

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...

8.8CVSS6.4AI score0.00566EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/08 4:52 p.m.13 views

EUVD-2026-35137

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...

8.8CVSS6.4AI score0.00566EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/08 4:52 p.m.8 views

CVE-2026-25559 OpenBullet2 0.3.2 Path Traversal via Wordlist Endpoint

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...

8.8CVSS6.4AI score0.00566EPSS
Exploits0References2
CVE
CVE
added 2026/06/08 4:52 p.m.23 views

CVE-2026-25559

Technical details are not publicly available in the provided documents. Monitor for updates.

8.8CVSS6.4AI score0.00566EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.10 views

PT-2026-47341

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...

8.8CVSS6.4AI score0.00566EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.6 views

OpenBullet2 路径遍历漏洞

OpenBullet2 is a cross-platform automated testing and data scraping tool developed by the OpenBullet team. Versions of OpenBullet2 prior to 0.3.2 contained a path traversal vulnerability. This vulnerability originated from the wordlist endpoint’s path traversal flaw, which could allow authenticat...

8.8CVSS6.7AI score0.00566EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 11:15 p.m.10 views

Malicious code in ethers-wordlist (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94ac365a81e582fce9faa13839220134e640d8ec505179e55e7aa636a324205c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/05/13 11:15 p.m.5 views

MAL-2026-3720 Malicious code in ethers-wordlist (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94ac365a81e582fce9faa13839220134e640d8ec505179e55e7aa636a324205c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.6AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.5 views

DNS Spider Multithreaded Bruteforcer 1.5

DNS Spider is a multi-threaded bruteforcer of subdomains that leverages a wordlist and/or character permutation...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.5 views

Lulzbuster 2.0.0

Lulzbuster is a multithreaded, very fast and smart HTTPS directory and file bruteforcer written in C on top of libcurl. Given a target URL and a wordlist, it enumerates valid paths by firing concurrent HTTP requests and reporting back the responses that look like real hits i.e. status codes the...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/04 9:32 p.m.3 views

GHSA-68J8-PQ59-FQGM NLTK has a Path Traversal issue

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS6.4AI score0.00924EPSS
Exploits3References4
CVE
CVE
added 2026/03/04 6:25 p.m.37 views

CVE-2026-0847

NLTK up to 3.9.2 contains a path traversal vulnerability in CorpusReader classes (WordListCorpusReader, TaggedCorpusReader, BracketParseCorpusReader) that can lead to arbitrary file reads on the server. Root cause is improper sanitization/validation of file paths, enabling access to sensitive fil...

8.6CVSS6.6AI score0.00924EPSS
Exploits3References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.8 views

PT-2026-22883

Name of the Vulnerable Software and Affected Versions IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver affected versions not specified Description The /root/anaconda-ks.cfg installation configuration file insecurely stores a hardcoded root password hash. This password is highly susceptible to...

9.2CVSS5.9AI score0.00142EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2026/02/05 6:40 a.m.193 views

SQL-injection-payloads-bypass-WAF

SQL-injection-payloads-byp...

5.6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.128 views

📄 Soosyze CMS 2.0 Brute Forcer

Soosyze CMS version 2.0 authentication brute forcing tool that leverages an absence of rate limiting on the /user/login endpoint. ============================================================================================================================================= | Title : Soosyze CMS 2.0...

5.4CVSS5.5AI score0.0081EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/11/22 6:4 p.m.146 views

ruby-web-vulnerability-tester

ruby-web-vulnerability-tester 🔎 Ruby Web Application Vulnera...

7.8AI score
Exploits0
Rows per page
Query Builder