Lucene search
K

980 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 10 hours ago6 views

Malicious code in @leviosa86com/leviosa86-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96264a8719e17bd8ec21d47213fe31dec87445e01ff312a1e46af5819e028979 Package @leviosa86com/[email protected] ships src/poc/index.js which shells out via childprocess.exec to collect host identifiers hostname, pwd,...

6.1AI score
Exploits0References4
OSV
OSV
added 2 days ago3 views

MAL-2026-10403 Malicious code in @iana-rzms/bff-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7adbad0c719aec3345c5aa16b3435e8621f4a81b5a0e0cf0e0d979509e5d21f Package published to the public @iana-rzms scope as a dependency-confusion squat targeting an internal ICANN namespace. The preinstall lifecycle scri...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in fury_frontend-andes-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29bea4f118854efa6568545722d7210a76e06e64cad4036e0cc0b45c45aafe37 The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo, current working...

6AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 6 days ago7 views

perl: Perl threads have a working directory race condition where file operations may target unintended paths

A flaw was found in the Perl standard library threads component. This vulnerability can allow a local attacker to exploit a race condition in directory handling to access files or load code from unexpected locations...

5.9CVSS5.9AI score0.0037EPSS
Exploits0References11
EUVD
EUVD
added 2026/07/06 7:50 p.m.8 views

EUVD-2026-24971

mktemp: empty TMPDIR creates temp files in CWD instead of /tmp...

3.3CVSS5.9AI score0.00133EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 9:48 p.m.5 views

GHSA-FXHP-MV3V-67QP `oras-go` tar extraction: Hardlink entry with relative Linkname escapes extract dir via process CWD resolution

Root cause The tar-extraction helper ensureLinkPath at content/file/utils.go:262-275 validates that a hardlink's target resolves inside the extract base, but then returns the original unresolved target string back to the caller: go func ensureLinkPathbaseAbs, baseRel, link, target string string,...

7.1CVSS6AI score
Exploits0References3
OSV
OSV
added 2026/07/01 9:43 p.m.4 views

GHSA-8XWF-RJM4-XVHV oras-go has file store write outside workingDir via symlink traversal

The file content store in oras-go attempts to confine writes to workingDir when AllowPathTraversalOnWrite=false, but the guard is lexical and does not account for symlink traversal. If workingDir contains a symlink path component and an attacker-controlled blob title via ocispec.AnnotationTitle...

6.9CVSS5.7AI score
Exploits0References3
Snyk
Snyk
added 2026/07/01 9:43 p.m.4 views

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the pushFile process when symlink traversal is possible within the working directory. An attacker can write files outside the intended directory boundary by supplying a crafted blob title th...

6.9CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:43 p.m.3 views

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the pushFile process when symlink traversal is possible within the working directory. An attacker can write files outside the intended directory boundary by supplying a crafted blob title th...

6.9CVSS6AI score
Exploits0References2
OSV
OSV
added 2026/07/01 9:15 p.m.7 views

MAL-2026-6723 Malicious code in electron-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7faf51a6c9d6ed9fce8cf9de9ea8afee0e9c3dc1fb254e8cd0c3c2a8ca61323f On require'electron-orbit', the module unconditionally fires an auto-prefetch pipeline in Node contexts when no document is present that opens a raw...

5.8AI score
Exploits0References32
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 3:20 a.m.10 views

Malicious code in rebrandly-domains-digger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1744d2a299b9ef0526f49b4b2297fcd6c72581c51a3359801db56318d8cfda The package declares a preinstall hook that runs node callback.js. On npm install, callback.js collects installer-side identifiers — os.hostname,...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 6:47 p.m.24 views

CVE-2026-50548 Cursor Desktop sandbox escape via agent-controlled working directory

Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working directory. A flaw was identified in how the agent could modify the workingdirectory parameter, which could...

9.3CVSS0.00637EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:47 p.m.7 views

CVE-2026-50548

Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working directory. A flaw was identified in how the agent could modify the workingdirectory parameter, which could...

9.3CVSS6.2AI score0.00637EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 6:47 p.m.112 views

CVE-2026-50548

Technical details about CVE-2026-50548 are not publicly available in the provided documents. Monitor for updates to obtain affected products, root cause specifics, impact, and remediation.

9.8CVSS6.2AI score0.00637EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/25 6:47 p.m.11 views

EUVD-2026-39537

Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working directory. A flaw was identified in how the agent could modify the workingdirectory parameter, which could...

9.3CVSS6.2AI score0.00637EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 6:17 p.m.9 views

CVE-2026-54686

Warp is an agentic development environment. From 0.2021.04.25.23.05.stable00 until 0.2026.05.06.15.42.stable01, Warp accepted certain state-mutating terminal lifecycle hooks from the PTY stream without verifying that the hooks were emitted by Warp's shell integration for the active session. An...

4.3CVSS0.00278EPSS
Exploits1References3
NVD
NVD
added 2026/06/24 6:17 p.m.7 views

CVE-2026-48732

Warp is an agentic development environment. From 0.2023.03.21.08.02.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection issue in the legacy SSH background command path. Warp used the remote working directory reported by the session when building helper commands for...

8.8CVSS0.01007EPSS
Exploits1References2
CVE
CVE
added 2026/06/24 5:29 p.m.13 views

CVE-2026-48732

Warp prior to version 0.2026.05.06.15.42.stable_01 contains a command injection in the legacy SSH background command path: the remote working directory from the SSH session is embedded into a shell command without escaping, allowing an attacker-controlled path (host/repo/dir) to inject arbitrary ...

8.8CVSS6.1AI score0.01007EPSS
Exploits1References2
OSV
OSV
added 2026/06/24 5:29 p.m.4 views

CVE-2026-48732 Warp: Remote SSH cwd can lead to unauthorized remote command execution

Warp is an agentic development environment. From 0.2023.03.21.08.02.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection issue in the legacy SSH background command path. Warp used the remote working directory reported by the session when building helper commands for...

8.8CVSS6.2AI score0.01007EPSS
Exploits1References4
CVE
CVE
added 2026/06/24 5:28 p.m.16 views

CVE-2026-54686

Warp: CVE-2026-54686 enables DCS lifecycle hook spoofing in Warp’s PTY stream, allowing attacker-controlled terminal output to spoof lifecycle metadata (e.g., working directory, SSH transport metadata) for active sessions. Technical details in connected PoC describe additional remote command inje...

4.3CVSS5.9AI score0.00278EPSS
Exploits1References3
Rows per page
Query Builder