Lucene search
K

1367 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 6:41 p.m.12 views

Malicious code in @kyungseopk1m/holidays-kr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8538f74ec98ab5287a941ebac99e8624ba40d809edbc5b033da1150254d8215 On import/use, dist/cjs/index.js and dist/mjs/index.js call fetch against the hardcoded endpoint https://kdata.kxxseop.workers.dev with data sourced...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/21 12:0 a.m.11 views

MAL-2026-4215 Malicious code in polymarket-trade (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 12:0 a.m.36 views

Malicious code in polymarket-bot (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 12:0 a.m.14 views

Malicious code in polymarket-trading-cli (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 12:0 a.m.12 views

Malicious code in polymarket-auto-trade (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 6:33 p.m.12 views

Malicious code in cb-wallet-http (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8d704c0a6a48da0e2fef8eddcd1f98e7d380c3e19f22753f3df51d9893f60ce Package name mimics Coinbase's internal cb-wallet- namespace to capture dependency-confusion resolutions. On npm install postinstall.js and on...

5.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

Service Workers did not correctly detect Private Browsing Mode in all cases, which could result in Service Workers being written to disk for websites visited in Private Browsing Mode. This would not preserve them in a state where they would run again, but it would allow Private Browsing Mode...

4.3CVSS5.5AI score0.00409EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Wait for fixup workers before stopping the cleaner kthread during umount. During unmount, at closectree, the following steps are performed in this order: 1 Park the cleaner kthread – this does not destroy the kthread; i...

5.5CVSS6.6AI score0.0029EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

Service workers may reveal the script-based base URL due to dynamic import. This vulnerability affects Firefox versions earlier than 113...

5.3CVSS5.9AI score0.00524EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Bypass of the same-origin policy in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

8.1CVSS6.1AI score0.00222EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/20 2:32 a.m.13 views

SUSE CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

6.3CVSS5.8AI score0.00386EPSS
Exploits0References12
NVD
NVD
added 2026/05/19 2:16 p.m.15 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS0.00386EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/19 2:16 p.m.10 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS5.8AI score0.00386EPSS
Exploits0References9
OSV
OSV
added 2026/05/19 2:16 p.m.13 views

UBUNTU-CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS5.8AI score0.00386EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2026/05/19 12:29 p.m.9 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS5.8AI score0.00386EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/19 12:29 p.m.11 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS5.8AI score0.00386EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/19 12:29 p.m.8 views

CVE-2026-8955

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

6.5CVSS5.8AI score0.00386EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/19 12:29 p.m.10 views

CVE-2026-8955 Privilege escalation in the DOM: Workers component

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

5.8AI score0.00386EPSS
Exploits0References5
CVE
CVE
added 2026/05/19 12:29 p.m.23 views

CVE-2026-8955

CVE-2026-8955 describes a privilege-escalation flaw in the DOM: Workers component. The vulnerability is fixed in Firefox 151 and Firefox ESR 140.11, as well as Thunderbird 151 and Thunderbird 140.11. The core issue is in the Workers implementation of the DOM, leading to elevated permissions. Per ...

8.8CVSS5.8AI score0.00386EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2026/05/19 12:29 p.m.42 views

CVE-2026-8955 Privilege escalation in the DOM: Workers component

Privilege escalation in the DOM: Workers component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

0.00386EPSS
Exploits0References5
Rows per page
Query Builder