Lucene search
K

905977 matches found

OSV
OSV
added yesterday2 views

MAL-2026-6734 Malicious code in horde-python-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ad72fe1fdc56e7fb5716a906fb8481bfe1e477d2f97c649d5db853a79130628a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSV
OSV
added yesterday2 views

MINI-FVFF-6HV7-V852

Bulletin has no description...

7.5CVSS6.2AI score0.004EPSS
Exploits0
OSV
OSV
added yesterday3 views

MINI-79FC-MM74-J2MC

Bulletin has no description...

9.4CVSS5.7AI score0.00229EPSS
Exploits0
OSV
OSV
added yesterday2 views

MAL-2026-6733 Malicious code in epic-build-scripts (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 93043b3f00a64c66fb0680256387471b656f222556c282c9cb1680347f14fae8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSV
OSV
added yesterday2 views

MINI-4FWW-23WV-8FXJ

Bulletin has no description...

7.5CVSS5.7AI score0.00153EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-CCCV-5H6C-7HWH

Bulletin has no description...

8.8CVSS5.7AI score0.08123EPSS
Exploits1
OSV
OSV
added yesterday2 views

MAL-2026-6735 Malicious code in ue-python-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9494382fb3885f95987ec830f096aac6cde589cac9485b6a347bafed9a8a7e39 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSV
OSV
added yesterday2 views

MINI-P4HW-JH4M-3P7H

Bulletin has no description...

8CVSS5.7AI score0.00472EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-RH94-7XGJ-63MM

Bulletin has no description...

7.2CVSS5.7AI score0.00104EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-PP33-5XFH-WW86

Bulletin has no description...

8.1CVSS5.7AI score0.0031EPSS
Exploits0
OSV
OSV
added yesterday2 views

MAL-2026-6736 Malicious code in unreal-mladapter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b8b4f17043a9c57ea2087c59c771151186c117ab64cbf5c45df85df62469aa89 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSV
OSV
added yesterday2 views

MINI-J433-845C-GMRC

Bulletin has no description...

9.6CVSS5.7AI score0.00478EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-P7X3-2RQ3-MC2F

Bulletin has no description...

7.8CVSS5.7AI score0.00226EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-4XJG-3V99-H5W3

Bulletin has no description...

8.2CVSS5.7AI score0.00245EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-68QV-W2FR-FM5Q

Bulletin has no description...

8.8CVSS7AI score0.0022EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-PR2H-79CV-W3RV

Bulletin has no description...

7.5CVSS5.7AI score0.0056EPSS
Exploits0
OSV
OSV
added yesterday3 views

MINI-7R9V-4H2C-WRPX

Bulletin has no description...

7.5CVSS5.7AI score0.00435EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-47RP-JF4X-F492

Bulletin has no description...

7.5CVSS5.7AI score0.00159EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-V73P-H978-G6JJ

Bulletin has no description...

7.5CVSS5.7AI score0.00781EPSS
Exploits0
OSV
OSV
added yesterday2 views

MAL-2026-6730 Malicious code in ue-automation-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 312f2d385743023503ed2c86bab1361eff17db32aa8a33d6d4da0015b3650095 The OpenSSF Package Analysis project identified 'ue-automation-scripts' @ 99999.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSV
OSV
added yesterday2 views

GHSA-RH62-J648-G5QC Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB

Impact Recce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API. When Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primitives to read and...

7.8CVSS5.9AI score
Exploits0References3
OSV
OSV
added yesterday4 views

GHSA-6G2F-W7G3-77VF 9router has an Incomplete Fix: Local-Only Access Gate Bypass in 9router via Host Header SpoofING

Summary The fix for CVE-2026-46339 unauthenticated RCE via unprotected MCP plugin routes introduced a local-only access gate in src/dashboardGuard.js that restricts spawn-capable routes /api/mcp/, /api/tunnel/, /api/cli-tools/ to loopback requests. The gate determines "local" by inspecting the Ho...

7.5CVSS6.6AI score0.00058EPSS
Exploits0References4
OSV
OSV
added yesterday2 views

MAL-2026-6729 Malicious code in robomerge (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 55684448bbccf72279c32f468fcfcb8a65500ffd2fe3807aec3e34bfc381a773 The OpenSSF Package Analysis project identified 'robomerge' @ 99999.0.0 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
OSV
OSV
added yesterday2 views

MAL-2026-6732 Malicious code in unreal-horde-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5e9b87fe74bfc9ebca4a6385b3038cd8a3b5d9907b02772377ed3383318578e4 The OpenSSF Package Analysis project identified 'unreal-horde-dashboard' @ 99999.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSV
OSV
added yesterday2 views

MAL-2026-6731 Malicious code in ue-jenkins-buildkite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a67a3300cb2357e9661889459167d34c43be7925bd3d476d3a08588d9a907b59 The OpenSSF Package Analysis project identified 'ue-jenkins-buildkite' @ 99999.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSV
OSV
added yesterday2 views

MINI-JPWX-7JFQ-JF93

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-JX56-89R8-P2QR

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-36F7-4FFC-R82M

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-RH6V-H489-VVFQ

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-C555-574P-GRPJ

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-CF9Q-GF52-HWXM

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-9FMX-GX68-M882

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-2CMC-9QJV-Q9P5

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday4 views

MINI-HJ6F-9GJR-W3HM

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-XHFR-888Q-VG8R

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-WM7W-7XP2-HPXG

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-G44R-RPW2-34QP

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-W766-7QPM-PHPW

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday3 views

MINI-8RWV-6WPC-RX4X

Bulletin has no description...

8CVSS5.7AI score0.00472EPSS
Exploits0
OSV
OSV
added yesterday2 views

GHSA-Q675-QJ96-32M9 golang.org/x/image/tiff has excessive resource consumption in PackBits decompression

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References6
OSV
OSV
added yesterday2 views

MINI-6VF8-9MM7-JR7Q

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

GHSA-JPHH-M39H-6GWX 9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass

Summary 9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWTSECRET environment variable is not set. Because this secret is committed in the public repository and unchanged across all releases, a...

9.8CVSS5.8AI score0.0019EPSS
Exploits0References2
OSV
OSV
added yesterday2 views

MINI-535H-Q3GG-H2RJ

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-PJHF-2R46-9PG2

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-5R68-RQXC-6W4Q

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-3M7J-VP37-HXXV

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

GHSA-V8RP-6XCV-FWGH Kiwi TCMS's /init-db/ page renders and responds to requests after first use

Kiwi TCMS provides the /init-db/ page as part of its setup mechanism for administrators who prefer a browser instead of the command line. In previous versions of Kiwi TCMS this page still renders and responds to requests even after first use. Impact The /init-db/ page does not require any user...

6.9CVSS5.8AI score0.00048EPSS
Exploits0References2
OSV
OSV
added yesterday3 views

MINI-XV7V-53MJ-2X37

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday2 views

MINI-5FWW-9272-4C99

Bulletin has no description...

8.1CVSS5.7AI score0.00677EPSS
Exploits0
OSV
OSV
added yesterday2 views

MINI-858Q-FF8H-V893

Bulletin has no description...

8.1CVSS5.7AI score0.00617EPSS
Exploits1
Total number of security vulnerabilities905977