HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
691.
▲
Helm local code execution via a malicious chart
github.com/helm
94 comments
a year ago
irke882
172 points
692.
▲
Arbitrary file execution in TZinfo (Ruby)
github.com/tzinfo
25 comments
4 years ago
Ichaelus
106 points
693.
▲
Trivy ecosystem supply chain temporarily compromised
github.com/aquasecurity
37 comments
3 months ago
batch12
102 points
694.
▲
Composer leaks contents of tokens configured as GitHub OAuth tokens
github.com/composer
27 comments
a month ago
damienwebdev
70 points
695.
▲
Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server
github.com/git
2 comments
6 years ago
vwpolo3
29 points
696.
▲
CVE-2024-23832 Mastodon Vulnerability: Remote user impersonation and takeover
github.com/mastodon
3 comments
2 years ago
niel
21 points
697.
▲
Flatpak: Complete Sandbox Escape
github.com/flatpak
discuss
3 months ago
eyberg
20 points
698.
▲
CVE-2025-5689: New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
detaro
11 points
699.
▲
Unauthenticated Remote Code Execution in Erlang/OTP SSH
github.com/erlang
discuss
a year ago
asa400
8 points
700.
▲
1-day RCE vulnerability in vim
github.com/vim
2 comments
3 months ago
weinzierl
7 points
701.
▲
Insecure Random Number Generation
github.com/juliangruber
1 comment
5 years ago
Tomte
7 points
702.
▲
The zen of multiple platforms with nativescript and angularjs
github.com/NathanWalker
discuss
10 years ago
vgsbs
7 points
703.
▲
Libfuse io_uring use-after-free and NULL deref (CVE-2026-33150, CVE-2026-33179)
github.com/libfuse
2 comments
3 months ago
agarwal72
5 points
704.
▲
Hardcoded Auth Token in RustFS (CVE-2025-68926)
github.com/rustfs
1 comment
6 months ago
Tiberium
5 points
705.
▲
CVE in jsoup: users should upgrade to version 1.14.2 [CVSS 7.5]
github.com/jhy
1 comment
5 years ago
lrngjcb
3 points
706.
▲
You can now get weekly analytics on your advertisers as they do on you
github.com/parthraghav
1 comment
6 years ago
parthraghav
3 points
707.
▲
HTML5/CSS3: Advanced Topics
github.com/MartinChavez
1 comment
11 years ago
martinchavez
3 points
708.
▲
Axios: Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
github.com/axios
discuss
2 months ago
mhsdef
3 points
709.
▲
Unauthorized of Cline CLI with modified postinstall script to install OpenClaw
github.com/cline
discuss
4 months ago
tamnd
3 points
710.
▲
New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
emreb
3 points
711.
▲
Show HN: BP.AdventureFramework, a framework for writing text adventures in C#
github.com/benpollarduk
discuss
2 years ago
ragingben
3 points
712.
▲
Container breakout through process.cwd trickery and leaked fds
github.com/opencontainers
discuss
2 years ago
todsacerdoti
3 points
713.
▲
Colossal Cave Adventure in Python
github.com/brandon-rhodes
discuss
6 years ago
throwawaybutwhy
3 points
714.
▲
Conditional-Generative-Adversarial-Networks
github.com/TheAILearner
discuss
6 years ago
atulkrishna10
3 points
715.
▲
Show HN: Automated Kubernetes Pod Security Policy Creation
github.com/sysdiglabs
discuss
7 years ago
derek0405
3 points
716.
▲
Heap memory corruption in ASN.1 parsing code
github.com/programa-stic
discuss
10 years ago
tshtf
3 points
717.
▲
Unauthenticated Object Write Vulnerability in MinIO
github.com/minio
1 comment
2 months ago
llui85
2 points
718.
▲
Autonomous AI Agent Finds CVSS 10.0 Full Compromise in Hoppscotch
github.com/hoppscotch
discuss
a day ago
infy
2 points
719.
▲
Displaying a crafted file in Tabby terminal can run shell commands
github.com/Eugeny
discuss
a month ago
logickkk1
2 points
720.
▲
Denial of Service Vulnerability in React Server Components
github.com/facebook
discuss
2 months ago
karimf
2 points
More