#infosec — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #infosec, aggregated by home.social.
-
Popular Go Decimal Library Targeted by Long-Running Typosquat with DNS Backdoor
A long-running typosquatting campaign impersonated the widely used shopspring/decimal Go library by publishing github.com/shopsprint/decimal, differing by a single character. Active since November 2017, the package remained benign through seven releases until being weaponized in August 2023 with version v1.3.3. This version introduced a malicious init() function that executes automatically on import, establishing a DNS TXT record-based command and control channel to dnslog-cdn-images.freemyip.com. The backdoor polls every five minutes and executes arbitrary commands returned via TXT records. Although the GitHub repository and owner account have been deleted, the malicious module remains permanently cached and accessible through Go's module proxy system, continuing to pose a supply chain risk to developers who mistype the package name.
Pulse ID: 6a0d278a6320921cb57f8b69
Pulse Link: https://otx.alienvault.com/pulse/6a0d278a6320921cb57f8b69
Pulse Author: AlienVault
Created: 2026-05-20 03:16:26Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CDN #CyberSecurity #DNS #GitHub #InfoSec #OTX #OpenThreatExchange #Proxy #SupplyChain #TypoSquatting #bot #developers #AlienVault
-
Popular Go Decimal Library Targeted by Long-Running Typosquat with DNS Backdoor
A long-running typosquatting campaign impersonated the widely used shopspring/decimal Go library by publishing github.com/shopsprint/decimal, differing by a single character. Active since November 2017, the package remained benign through seven releases until being weaponized in August 2023 with version v1.3.3. This version introduced a malicious init() function that executes automatically on import, establishing a DNS TXT record-based command and control channel to dnslog-cdn-images.freemyip.com. The backdoor polls every five minutes and executes arbitrary commands returned via TXT records. Although the GitHub repository and owner account have been deleted, the malicious module remains permanently cached and accessible through Go's module proxy system, continuing to pose a supply chain risk to developers who mistype the package name.
Pulse ID: 6a0d278a6320921cb57f8b69
Pulse Link: https://otx.alienvault.com/pulse/6a0d278a6320921cb57f8b69
Pulse Author: AlienVault
Created: 2026-05-20 03:16:26Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CDN #CyberSecurity #DNS #GitHub #InfoSec #OTX #OpenThreatExchange #Proxy #SupplyChain #TypoSquatting #bot #developers #AlienVault
-
Popular Go Decimal Library Targeted by Long-Running Typosquat with DNS Backdoor
A long-running typosquatting campaign impersonated the widely used shopspring/decimal Go library by publishing github.com/shopsprint/decimal, differing by a single character. Active since November 2017, the package remained benign through seven releases until being weaponized in August 2023 with version v1.3.3. This version introduced a malicious init() function that executes automatically on import, establishing a DNS TXT record-based command and control channel to dnslog-cdn-images.freemyip.com. The backdoor polls every five minutes and executes arbitrary commands returned via TXT records. Although the GitHub repository and owner account have been deleted, the malicious module remains permanently cached and accessible through Go's module proxy system, continuing to pose a supply chain risk to developers who mistype the package name.
Pulse ID: 6a0d278a6320921cb57f8b69
Pulse Link: https://otx.alienvault.com/pulse/6a0d278a6320921cb57f8b69
Pulse Author: AlienVault
Created: 2026-05-20 03:16:26Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CDN #CyberSecurity #DNS #GitHub #InfoSec #OTX #OpenThreatExchange #Proxy #SupplyChain #TypoSquatting #bot #developers #AlienVault
-
Popular Go Decimal Library Targeted by Long-Running Typosquat with DNS Backdoor
A long-running typosquatting campaign impersonated the widely used shopspring/decimal Go library by publishing github.com/shopsprint/decimal, differing by a single character. Active since November 2017, the package remained benign through seven releases until being weaponized in August 2023 with version v1.3.3. This version introduced a malicious init() function that executes automatically on import, establishing a DNS TXT record-based command and control channel to dnslog-cdn-images.freemyip.com. The backdoor polls every five minutes and executes arbitrary commands returned via TXT records. Although the GitHub repository and owner account have been deleted, the malicious module remains permanently cached and accessible through Go's module proxy system, continuing to pose a supply chain risk to developers who mistype the package name.
Pulse ID: 6a0d278a6320921cb57f8b69
Pulse Link: https://otx.alienvault.com/pulse/6a0d278a6320921cb57f8b69
Pulse Author: AlienVault
Created: 2026-05-20 03:16:26Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CDN #CyberSecurity #DNS #GitHub #InfoSec #OTX #OpenThreatExchange #Proxy #SupplyChain #TypoSquatting #bot #developers #AlienVault
-
Popular Go Decimal Library Targeted by Long-Running Typosquat with DNS Backdoor
A long-running typosquatting campaign impersonated the widely used shopspring/decimal Go library by publishing github.com/shopsprint/decimal, differing by a single character. Active since November 2017, the package remained benign through seven releases until being weaponized in August 2023 with version v1.3.3. This version introduced a malicious init() function that executes automatically on import, establishing a DNS TXT record-based command and control channel to dnslog-cdn-images.freemyip.com. The backdoor polls every five minutes and executes arbitrary commands returned via TXT records. Although the GitHub repository and owner account have been deleted, the malicious module remains permanently cached and accessible through Go's module proxy system, continuing to pose a supply chain risk to developers who mistype the package name.
Pulse ID: 6a0d278a6320921cb57f8b69
Pulse Link: https://otx.alienvault.com/pulse/6a0d278a6320921cb57f8b69
Pulse Author: AlienVault
Created: 2026-05-20 03:16:26Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CDN #CyberSecurity #DNS #GitHub #InfoSec #OTX #OpenThreatExchange #Proxy #SupplyChain #TypoSquatting #bot #developers #AlienVault
-
9 Year-Old PHP Vulnerability Keeps Swinging As One of the Most Targeted Vulnerabilities
CVE-2017-9841, a remote code execution vulnerability in PHPUnit's eval-stdin.php file, remains highly exploited nearly a decade after disclosure. Analysis reveals over 80,000 exploitation attempts detected in 30 days, with 36,500 hits in the last 10 days alone. The vulnerability affects PHPUnit versions prior to 4.8.28 and 5.x before 5.6.3, allowing attackers to execute arbitrary PHP code via POST requests without authentication. Mass-scanning infrastructure targets dozens of framework-specific paths across Laravel, Drupal, Yii, and WordPress installations. Primary attack sources include compromised infrastructure in the UK and US, delivering webshells and botnet payloads. Multiple botnets including RondoDox, Kinsing, KashmirBlack, Sysrv, and Androxgh0st actively exploit this vulnerability. The persistent exploitation stems from developers failing to exclude development dependencies in production environments and exposing vendor directories to web servers.
Pulse ID: 6a0ca36a3571d3fbd4cd92bc
Pulse Link: https://otx.alienvault.com/pulse/6a0ca36a3571d3fbd4cd92bc
Pulse Author: AlienVault
Created: 2026-05-19 17:52:42Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AndroxGh0st #CyberSecurity #InfoSec #Kinsing #OTX #OpenThreatExchange #PHP #RCE #RDP #RemoteCodeExecution #UK #Vulnerability #Word #Wordpress #bot #botnet #developers #AlienVault
-
Inside Banana RAT: From Build Server to Banking Fraud
An MDR investigation successfully mapped the complete operational infrastructure of Banana RAT, a Brazilian banking trojan operated by threat cluster SHADOW-WATER-063. The investigation uncovered both server-side and client-side components, revealing a sophisticated FastAPI-based polymorphic payload generation system that produces hash-unique builds to evade detection. The malware employs layered obfuscation, AES-wrapped payloads, and fileless PowerShell execution. Once deployed, it enables operator-driven fraud through remote input control, keylogging, screen streaming, bank-branded overlays, and Pix QR code interception specifically targeting Brazilian financial institutions. The tooling exclusively targets 16 Brazilian banks and crypto exchanges, with all operator artifacts written in Brazilian Portuguese, indicating a financially motivated actor operating within the Tetrade banking trojan ecosystem.
Pulse ID: 6a0ce3af84b924ad15e27920
Pulse Link: https://otx.alienvault.com/pulse/6a0ce3af84b924ad15e27920
Pulse Author: AlienVault
Created: 2026-05-19 22:26:55Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #BankingTrojan #Brazil #CryptoExchange #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #PowerShell #RAT #RCE #Trojan #bot #AlienVault
-
Latest PyPi Compromise
A supply chain attack targeting the Microsoft DurableTask Python client compromised versions 1.4.1, 1.4.2, and 1.4.3 on PyPi. The threat actor gained access through a compromised GitHub account previously linked to attacks, using stolen credentials to dump GitHub secrets containing PyPi tokens. The evolved payload targets Linux systems, stealing credentials from AWS, Azure, GCP, Kubernetes, Vault, and password managers like Bitwarden and 1Password. It propagates via AWS SSM and Kubernetes lateral movement, limited to 5 targets per infected host. The payload scrapes shell history, bruteforces password managers, and establishes persistence through infection markers. Compromised packages were quarantined following analysis.
Pulse ID: 6a0ce3b0ad791179648c47b0
Pulse Link: https://otx.alienvault.com/pulse/6a0ce3b0ad791179648c47b0
Pulse Author: AlienVault
Created: 2026-05-19 22:26:56Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BruteForce #CyberSecurity #GitHub #InfoSec #Linux #Microsoft #OTX #OpenThreatExchange #Password #PyPI #Python #RCE #SupplyChain #Word #bot #AlienVault
-
Latest PyPi Compromise
A supply chain attack targeting the Microsoft DurableTask Python client compromised versions 1.4.1, 1.4.2, and 1.4.3 on PyPi. The threat actor gained access through a compromised GitHub account previously linked to attacks, using stolen credentials to dump GitHub secrets containing PyPi tokens. The evolved payload targets Linux systems, stealing credentials from AWS, Azure, GCP, Kubernetes, Vault, and password managers like Bitwarden and 1Password. It propagates via AWS SSM and Kubernetes lateral movement, limited to 5 targets per infected host. The payload scrapes shell history, bruteforces password managers, and establishes persistence through infection markers. Compromised packages were quarantined following analysis.
Pulse ID: 6a0ce3b0ad791179648c47b0
Pulse Link: https://otx.alienvault.com/pulse/6a0ce3b0ad791179648c47b0
Pulse Author: AlienVault
Created: 2026-05-19 22:26:56Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BruteForce #CyberSecurity #GitHub #InfoSec #Linux #Microsoft #OTX #OpenThreatExchange #Password #PyPI #Python #RCE #SupplyChain #Word #bot #AlienVault
-
Latest PyPi Compromise
A supply chain attack targeting the Microsoft DurableTask Python client compromised versions 1.4.1, 1.4.2, and 1.4.3 on PyPi. The threat actor gained access through a compromised GitHub account previously linked to attacks, using stolen credentials to dump GitHub secrets containing PyPi tokens. The evolved payload targets Linux systems, stealing credentials from AWS, Azure, GCP, Kubernetes, Vault, and password managers like Bitwarden and 1Password. It propagates via AWS SSM and Kubernetes lateral movement, limited to 5 targets per infected host. The payload scrapes shell history, bruteforces password managers, and establishes persistence through infection markers. Compromised packages were quarantined following analysis.
Pulse ID: 6a0ce3b0ad791179648c47b0
Pulse Link: https://otx.alienvault.com/pulse/6a0ce3b0ad791179648c47b0
Pulse Author: AlienVault
Created: 2026-05-19 22:26:56Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BruteForce #CyberSecurity #GitHub #InfoSec #Linux #Microsoft #OTX #OpenThreatExchange #Password #PyPI #Python #RCE #SupplyChain #Word #bot #AlienVault
-
Latest PyPi Compromise
A supply chain attack targeting the Microsoft DurableTask Python client compromised versions 1.4.1, 1.4.2, and 1.4.3 on PyPi. The threat actor gained access through a compromised GitHub account previously linked to attacks, using stolen credentials to dump GitHub secrets containing PyPi tokens. The evolved payload targets Linux systems, stealing credentials from AWS, Azure, GCP, Kubernetes, Vault, and password managers like Bitwarden and 1Password. It propagates via AWS SSM and Kubernetes lateral movement, limited to 5 targets per infected host. The payload scrapes shell history, bruteforces password managers, and establishes persistence through infection markers. Compromised packages were quarantined following analysis.
Pulse ID: 6a0ce3b0ad791179648c47b0
Pulse Link: https://otx.alienvault.com/pulse/6a0ce3b0ad791179648c47b0
Pulse Author: AlienVault
Created: 2026-05-19 22:26:56Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BruteForce #CyberSecurity #GitHub #InfoSec #Linux #Microsoft #OTX #OpenThreatExchange #Password #PyPI #Python #RCE #SupplyChain #Word #bot #AlienVault
-
Latest PyPi Compromise
A supply chain attack targeting the Microsoft DurableTask Python client compromised versions 1.4.1, 1.4.2, and 1.4.3 on PyPi. The threat actor gained access through a compromised GitHub account previously linked to attacks, using stolen credentials to dump GitHub secrets containing PyPi tokens. The evolved payload targets Linux systems, stealing credentials from AWS, Azure, GCP, Kubernetes, Vault, and password managers like Bitwarden and 1Password. It propagates via AWS SSM and Kubernetes lateral movement, limited to 5 targets per infected host. The payload scrapes shell history, bruteforces password managers, and establishes persistence through infection markers. Compromised packages were quarantined following analysis.
Pulse ID: 6a0ce3b0ad791179648c47b0
Pulse Link: https://otx.alienvault.com/pulse/6a0ce3b0ad791179648c47b0
Pulse Author: AlienVault
Created: 2026-05-19 22:26:56Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BruteForce #CyberSecurity #GitHub #InfoSec #Linux #Microsoft #OTX #OpenThreatExchange #Password #PyPI #Python #RCE #SupplyChain #Word #bot #AlienVault
-
Exposing Fox Tempest: A malware-signing service operation
Fox Tempest is a financially motivated threat actor operating a malware-signing-as-a-service (MSaaS) business used by cybercriminals to distribute malicious code, including ransomware. The actor abuses Microsoft Artifact Signing to generate fraudulent code-signing certificates, allowing malware to evade security controls. Fox Tempest created over a thousand certificates and established hundreds of Azure tenants to support operations. Microsoft revoked over one thousand certificates and disrupted the service in May 2026 through the Digital Crimes Unit. The operation enabled ransomware deployment including Rhysida by threat actors like Vanilla Tempest, and distributed malware families including Oyster, Lumma Stealer, and Vidar. The MSaaS was available through signspace[.]cloud, charging between $5000-$9000 USD. Attacks impacted healthcare, education, government, and financial services sectors globally.
Pulse ID: 6a0ca3690196d40952527b96
Pulse Link: https://otx.alienvault.com/pulse/6a0ca3690196d40952527b96
Pulse Author: AlienVault
Created: 2026-05-19 17:52:41Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Azure #Cloud #CyberSecurity #Education #Government #Healthcare #InfoSec #LummaStealer #Malware #Microsoft #OTX #OpenThreatExchange #RAT #RansomWare #Rhysida #Vidar #bot #AlienVault
-
🚨 EUVD-2026-31192
📊 Score: 5.4/10 (CVSS v3.1)
📦 Product: mantisbt
🏢 Vendor: mantisbt
📅 Updated: 2026-05-20📝 Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, (bug_update_page.php) allowing an attacker to inject...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31192
-
🚨 EUVD-2026-31197
📊 Score: 7.5/10 (CVSS v3.1)
📦 Product: core-rs-albatross
🏢 Vendor: nimiq
📅 Updated: 2026-05-20📝 nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would ...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31197
-
🚨 EUVD-2026-31199
📊 Score: 6.5/10 (CVSS v3.1)
📦 Product: plane
🏢 Vendor: makeplane
📅 Updated: 2026-05-20📝 Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F() expression without validation (unlike the regular AnalyticsEndpoint, which checks ...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31199
-
🚨 EUVD-2026-31198
📊 Score: n/a
📦 Product: Crypt::SaltedHash
🏢 Vendor: RRWO
📅 Updated: 2026-05-20📝 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts.
These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31198
-
Rising bond yields are rattling equity markets, but the real pressure on organizations right now is less visible than stock tickers. When financial volatility hits, security budgets get scrutinized, vendor contracts get renegotiated, and IT teams get stretched thin.
Read more: https://steelefortress.com/8bsj9c
Security #Privacy #Encryption #DataPrivacy #InfoSec
-
What is Kerberoasting Attack – Kerberoasting: A Comprehensive Guide
In this article, I cover how Kerberoasting works, common attack techniques, detection methods, and practical defense strategies.
https://denizhalil.com/2026/05/21/kerberoasting-attack-defense-guide/#CyberSecurity #ActiveDirectory #Kerberoasting #Kerberos #CredentialAccess #RedTeam #BlueTeam #Pentesting #WindowsSecurity #InfoSec #ThreatDetection #DenizHalil
-
🚨New ransom group blog post!🚨
Group name: qilin
Post title: Hamer Childs
Info: https://cti.fyi/groups/qilin.html#ransomware #cti #threatintelligence #cybersecurity #infosec
-
GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories.
-
GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories.
-
GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories.
-
GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories.
-
GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories.
-
🚨 New Episode Live: Is BitLocker a Backdoor?
A new zero-day, "YellowKey," allows attackers to bypass default Windows encryption instantly. The discoverer claims it looks like an intentional flaw in the recovery environment.
We dive into the evidence, the "bug vs. backdoor" debate, and the critical steps you must take to secure your drive right now.
Don't wait for a patch. Fix it yourself.
Listen now: ImpracticalPrivacy.com
#BitLocker #Privacy #InfoSec #CyberSecurity #OpenSource #microsoft
-
🚨 EUVD-2026-31195
📊 Score: 4.3/10 (CVSS v3.1)
📦 Product: core-rs-albatross
🏢 Vendor: nimiq
📅 Updated: 2026-05-20📝 nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leadi...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31195
-
🚨 EUVD-2026-31193
📊 Score: 9.3/10 (CVSS v3.1)
📦 Product: HP Linux Imaging and Printing Software
🏢 Vendor: HP Inc
📅 Updated: 2026-05-20📝 A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31193
-
🚨 EUVD-2026-31194
📊 Score: 8.5/10 (CVSS v3.1)
📦 Product: HP Linux Imaging and Printing Software
🏢 Vendor: HP Inc
📅 Updated: 2026-05-20📝 A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command i...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31194
-
🚨 EUVD-2026-31196
📊 Score: n/a
📦 Product: Crypt::SaltedHash
🏢 Vendor: RRWO
📅 Updated: 2026-05-20📝 Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks.
These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31196
-
🚨 EUVD-2026-31178
📊 Score: 8.7/10 (CVSS v3.1)
📦 Product: frappe, frappe
🏢 Vendor: frappe
📅 Updated: 2026-05-20📝 Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above.
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31178
-
🚨 EUVD-2026-31175
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single_unit.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id GET parameter directly into an HTML ...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31175
-
🚨 EUVD-2026-31177
📊 Score: 9.4/10 (CVSS v3.1)
📦 Product: LMS
🏢 Vendor: frappe
📅 Updated: 2026-05-20📝 Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In versions 2.50.0 and below, a user with course editing role could upload a SCORM ZIP package to write files outside the intended directory. This issue has bee...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31177
-
🚨 EUVD-2026-31176
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into an HTM...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31176
-
🚨 EUVD-2026-31179
📊 Score: 9.3/10 (CVSS v3.1)
📦 Product: AG1000-01A SMS Alert Gateway, AG1000-01A SMS Alert Gateway, AG1000-01A SMS Alert Gateway
🏢 Vendor: Taiko Network Communications Pte Ltd.
📅 Updated: 2026-05-20📝 Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface whe...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31179
-
🚨 EUVD-2026-31180
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_note.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a hi...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31180
-
🚨 EUVD-2026-31182
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient_JF.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a ...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31182
-
🚨 EUVD-2026-31183
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in opena.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm_call GET parameter directly into page out...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31183
-
🚨 EUVD-2026-31186
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_facnote.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31186
-
🚨 EUVD-2026-31185
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in street_view.php that allows authenticated attackers to inject arbitrary JavaScript by passing unsanitized values through the thelat and thelng GET parameters directly...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31185
-
🚨 EUVD-2026-31184
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routes_nm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a h...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31184
-
🚨 EUVD-2026-31181
📊 Score: 8.3/10 (CVSS v3.1)
📦 Product: RabbitMQ AWS
🏢 Vendor: aws
📅 Updated: 2026-05-20📝 Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme (arn:aws-debug:file) accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary fi...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31181
-
🚨 EUVD-2026-31188
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in do_unit_mail.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the the_ticket GET parameter directly into...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31188
-
🚨 EUVD-2026-31187
📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: tickets
🏢 Vendor: openises
📅 Updated: 2026-05-20📝 Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in search.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm_query POST parameter directly into an HT...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31187
-
🚨 EUVD-2026-31190
📊 Score: 7.4/10 (CVSS v3.1)
📦 Product: yii2
🏢 Vendor: yiisoft
📅 Updated: 2026-05-20📝 Yii 2 is a PHP application framework. Versions 2.0.54 and prior contain flawed logic in the core view rendering method View::renderPhpFile() that leads to Local File Inclusion. The function calls extract($_params_, EXTR_OVERWRITE) before the require statement t...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31190
-
🚨 EUVD-2026-31189
📊 Score: 9.3/10 (CVSS v3.1)
📦 Product: AG1000-01A SMS Alert Gateway, AG1000-01A SMS Alert Gateway, AG1000-01A SMS Alert Gateway
🏢 Vendor: Taiko Network Communications Pte Ltd.
📅 Updated: 2026-05-20📝 Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability in the embedded web configuration interface th...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31189
-
🚨 EUVD-2026-31191
📊 Score: 8.4/10 (CVSS v3.1)
📦 Product: AG1000-01A SMS Alert Gateway, AG1000-01A SMS Alert Gateway, AG1000-01A SMS Alert Gateway
🏢 Vendor: Taiko Network Communications Pte Ltd.
📅 Updated: 2026-05-20📝 Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a stored cross-site scripting vulnerability in the embedded web configuration interfa...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-31191
-
Fedora retired all Deepin packages after unresolved security issues, broken builds, and months of maintainer inactivity. ⚠️
FESCo said Deepin packages cannot return without a full review, following concerns over unsafe Polkit and D-Bus implementations. 🐧🔗 https://itsfoss.com/news/fedora-ditches-deepin/
#TechNews #Fedora #Deepin #Linux #OpenSource #Cybersecurity #FOSS #Polkit #DBus #DesktopLinux #SoftwareMaintenance #Privacy #Infosec #GNU #LinuxDesktop #OperatingSystem #OS #Kernel
-
Fedora retired all Deepin packages after unresolved security issues, broken builds, and months of maintainer inactivity. ⚠️
FESCo said Deepin packages cannot return without a full review, following concerns over unsafe Polkit and D-Bus implementations. 🐧🔗 https://itsfoss.com/news/fedora-ditches-deepin/
#TechNews #Fedora #Deepin #Linux #OpenSource #Cybersecurity #FOSS #Polkit #DBus #DesktopLinux #SoftwareMaintenance #Privacy #Infosec #GNU #LinuxDesktop #OperatingSystem #OS #Kernel
-
Fedora retired all Deepin packages after unresolved security issues, broken builds, and months of maintainer inactivity. ⚠️
FESCo said Deepin packages cannot return without a full review, following concerns over unsafe Polkit and D-Bus implementations. 🐧🔗 https://itsfoss.com/news/fedora-ditches-deepin/
#TechNews #Fedora #Deepin #Linux #OpenSource #Cybersecurity #FOSS #Polkit #DBus #DesktopLinux #SoftwareMaintenance #Privacy #Infosec #GNU #LinuxDesktop #OperatingSystem #OS #Kernel