Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync,...Read More ...
Continue Reading
June 09, 2025
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to ve ...
Continue Reading
June 09, 2025
Summary An authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location fie ...
Continue Reading
June 09, 2025
Summary The application does not sufficiently sanitize user input, allowing for the execution of arbitrary JavaScript code. The 'saveNode' and 'saveManifest' endpoints take user in ...
Continue Reading
June 09, 2025
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to ve ...
Continue Reading
June 09, 2025
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to ve ...
Continue Reading
June 09, 2025
creation_timestamp| type| source ---|---|--- 2025-06-09 15:13:54+00:00| seen|...Read More ...
Continue Reading
June 09, 2025
creation_timestamp| type| source ---|---|--- 2025-06-09 14:53:22+00:00| seen|...Read More ...
Continue Reading
June 09, 2025
Back to Main
