HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
61.
▲
PHP Security Advisories Database
github.com/FriendsOfPHP
discuss
6 years ago
mooreds
1 points
62.
▲
PHP Security Advisories Database
github.com/FriendsOfPHP
discuss
6 years ago
todsacerdoti
1 points
63.
▲
Nx compromised: malware uses Claude code CLI to explore the filesystem
semgrep.dev
39 comments
10 months ago
neuroo
493 points
64.
▲
Malicious versions of Nx and some supporting plugins were published
github.com/nrwl
433 comments
10 months ago
longcat
443 points
65.
▲
Helm local code execution via a malicious chart
github.com/helm
94 comments
a year ago
irke882
172 points
66.
▲
Arbitrary file execution in TZinfo (Ruby)
github.com/tzinfo
25 comments
4 years ago
Ichaelus
106 points
67.
▲
Trivy ecosystem supply chain temporarily compromised
github.com/aquasecurity
37 comments
3 months ago
batch12
102 points
68.
▲
Composer leaks contents of tokens configured as GitHub OAuth tokens
github.com/composer
27 comments
a month ago
damienwebdev
70 points
69.
▲
Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server
github.com/git
2 comments
6 years ago
vwpolo3
29 points
70.
▲
CVE-2024-23832 Mastodon Vulnerability: Remote user impersonation and takeover
github.com/mastodon
3 comments
2 years ago
niel
21 points
71.
▲
Flatpak: Complete Sandbox Escape
github.com/flatpak
discuss
2 months ago
eyberg
20 points
72.
▲
CVE-2025-5689: New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
detaro
11 points
73.
▲
Unauthenticated Remote Code Execution in Erlang/OTP SSH
github.com/erlang
discuss
a year ago
asa400
8 points
74.
▲
1-day RCE vulnerability in vim
github.com/vim
2 comments
3 months ago
weinzierl
7 points
75.
▲
Insecure Random Number Generation
github.com/juliangruber
1 comment
5 years ago
Tomte
7 points
76.
▲
Libfuse io_uring use-after-free and NULL deref (CVE-2026-33150, CVE-2026-33179)
github.com/libfuse
2 comments
3 months ago
agarwal72
5 points
77.
▲
Hardcoded Auth Token in RustFS (CVE-2025-68926)
github.com/rustfs
1 comment
6 months ago
Tiberium
5 points
78.
▲
CVE in jsoup: users should upgrade to version 1.14.2 [CVSS 7.5]
github.com/jhy
1 comment
5 years ago
lrngjcb
3 points
79.
▲
Axios: Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
github.com/axios
discuss
2 months ago
mhsdef
3 points
80.
▲
Unauthorized of Cline CLI with modified postinstall script to install OpenClaw
github.com/cline
discuss
4 months ago
tamnd
3 points
81.
▲
New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
emreb
3 points
82.
▲
Container breakout through process.cwd trickery and leaked fds
github.com/opencontainers
discuss
2 years ago
todsacerdoti
3 points
83.
▲
Heap memory corruption in ASN.1 parsing code
github.com/programa-stic
discuss
10 years ago
tshtf
3 points
84.
▲
Unauthenticated Object Write Vulnerability in MinIO
github.com/minio
1 comment
2 months ago
llui85
2 points
85.
▲
Displaying a crafted file in Tabby terminal can run shell commands
github.com/Eugeny
discuss
a month ago
logickkk1
2 points
86.
▲
Denial of Service Vulnerability in React Server Components
github.com/facebook
discuss
a month ago
karimf
2 points
87.
▲
macOS Stats: Local Privilege Escalation via Exposed XPC Method
github.com/exelban
discuss
5 months ago
inatreecrown2
2 points
88.
▲
.NET Security Feature Bypass Vulnerability
github.com/dotnet
discuss
8 months ago
alexis2b
2 points
89.
▲
Malicious versions of Nx and some supporting plugins were published
github.com/nrwl
discuss
10 months ago
todsacerdoti
2 points
90.
▲
Visual Studio Code for Linux Remote Code Execution Vulnerability CVE-2024-43601
github.com/microsoft
discuss
2 years ago
agrmohit
2 points
More