HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
91.
▲
Show HN: Little Schemer Reading Group
github.com/JuryNullificationInc
discuss
4 years ago
dmounta
2 points
92.
▲
Ruby Advisory Database
github.com/rubysec
discuss
13 years ago
gry
1 points
93.
▲
PHP Security Advisories Database
github.com/FriendsOfPHP
discuss
6 years ago
mooreds
1 points
94.
▲
PHP Security Advisories Database
github.com/FriendsOfPHP
discuss
6 years ago
todsacerdoti
1 points
95.
▲
Nx compromised: malware uses Claude code CLI to explore the filesystem
semgrep.dev
39 comments
10 months ago
neuroo
493 points
96.
▲
CVE-2026-33691: OWASP CRS whitespace padding bypass vulnerability
discuss
3 months ago
relunsec
3 points
97.
▲
Malicious versions of Nx and some supporting plugins were published
github.com/nrwl
433 comments
10 months ago
longcat
443 points
98.
▲
Helm local code execution via a malicious chart
github.com/helm
94 comments
a year ago
irke882
172 points
99.
▲
Arbitrary file execution in TZinfo (Ruby)
github.com/tzinfo
25 comments
4 years ago
Ichaelus
106 points
100.
▲
Trivy ecosystem supply chain temporarily compromised
github.com/aquasecurity
37 comments
3 months ago
batch12
102 points
101.
▲
Composer leaks contents of tokens configured as GitHub OAuth tokens
github.com/composer
27 comments
a month ago
damienwebdev
70 points
102.
▲
Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server
github.com/git
2 comments
6 years ago
vwpolo3
29 points
103.
▲
CVE-2024-23832 Mastodon Vulnerability: Remote user impersonation and takeover
github.com/mastodon
3 comments
2 years ago
niel
21 points
104.
▲
Flatpak: Complete Sandbox Escape
github.com/flatpak
discuss
2 months ago
eyberg
20 points
105.
▲
CVE-2025-5689: New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
detaro
11 points
106.
▲
Unauthenticated Remote Code Execution in Erlang/OTP SSH
github.com/erlang
discuss
a year ago
asa400
8 points
107.
▲
1-day RCE vulnerability in vim
github.com/vim
2 comments
3 months ago
weinzierl
7 points
108.
▲
Insecure Random Number Generation
github.com/juliangruber
1 comment
5 years ago
Tomte
7 points
109.
▲
Libfuse io_uring use-after-free and NULL deref (CVE-2026-33150, CVE-2026-33179)
github.com/libfuse
2 comments
3 months ago
agarwal72
5 points
110.
▲
Hardcoded Auth Token in RustFS (CVE-2025-68926)
github.com/rustfs
1 comment
6 months ago
Tiberium
5 points
111.
▲
CVE in jsoup: users should upgrade to version 1.14.2 [CVSS 7.5]
github.com/jhy
1 comment
5 years ago
lrngjcb
3 points
112.
▲
Axios: Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
github.com/axios
discuss
2 months ago
mhsdef
3 points
113.
▲
Unauthorized of Cline CLI with modified postinstall script to install OpenClaw
github.com/cline
discuss
4 months ago
tamnd
3 points
114.
▲
New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
emreb
3 points
115.
▲
Container breakout through process.cwd trickery and leaked fds
github.com/opencontainers
discuss
2 years ago
todsacerdoti
3 points
116.
▲
Show HN: Automated Kubernetes Pod Security Policy Creation
github.com/sysdiglabs
discuss
7 years ago
derek0405
3 points
117.
▲
Heap memory corruption in ASN.1 parsing code
github.com/programa-stic
discuss
10 years ago
tshtf
3 points
118.
▲
Unauthenticated Object Write Vulnerability in MinIO
github.com/minio
1 comment
2 months ago
llui85
2 points
119.
▲
Displaying a crafted file in Tabby terminal can run shell commands
github.com/Eugeny
discuss
a month ago
logickkk1
2 points
120.
▲
Denial of Service Vulnerability in React Server Components
github.com/facebook
discuss
a month ago
karimf
2 points
More