HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
181.
▲
Trivy ecosystem supply chain temporarily compromised
github.com/aquasecurity
37 comments
3 months ago
batch12
102 points
182.
▲
Composer leaks contents of tokens configured as GitHub OAuth tokens
github.com/composer
27 comments
a month ago
damienwebdev
70 points
183.
▲
Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server
github.com/git
2 comments
6 years ago
vwpolo3
29 points
184.
▲
CVE-2024-23832 Mastodon Vulnerability: Remote user impersonation and takeover
github.com/mastodon
3 comments
2 years ago
niel
21 points
185.
▲
Flatpak: Complete Sandbox Escape
github.com/flatpak
discuss
2 months ago
eyberg
20 points
186.
▲
CVE-2025-5689: New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
detaro
11 points
187.
▲
Unauthenticated Remote Code Execution in Erlang/OTP SSH
github.com/erlang
discuss
a year ago
asa400
8 points
188.
▲
1-day RCE vulnerability in vim
github.com/vim
2 comments
3 months ago
weinzierl
7 points
189.
▲
Insecure Random Number Generation
github.com/juliangruber
1 comment
5 years ago
Tomte
7 points
190.
▲
Libfuse io_uring use-after-free and NULL deref (CVE-2026-33150, CVE-2026-33179)
github.com/libfuse
2 comments
3 months ago
agarwal72
5 points
191.
▲
Hardcoded Auth Token in RustFS (CVE-2025-68926)
github.com/rustfs
1 comment
6 months ago
Tiberium
5 points
192.
▲
CVE in jsoup: users should upgrade to version 1.14.2 [CVSS 7.5]
github.com/jhy
1 comment
5 years ago
lrngjcb
3 points
193.
▲
Axios: Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
github.com/axios
discuss
2 months ago
mhsdef
3 points
194.
▲
Unauthorized of Cline CLI with modified postinstall script to install OpenClaw
github.com/cline
discuss
4 months ago
tamnd
3 points
195.
▲
New authd users logging in via SSH are members of the root group
github.com/ubuntu
discuss
a year ago
emreb
3 points
196.
▲
Container breakout through process.cwd trickery and leaked fds
github.com/opencontainers
discuss
2 years ago
todsacerdoti
3 points
197.
▲
Show HN: Automated Kubernetes Pod Security Policy Creation
github.com/sysdiglabs
discuss
7 years ago
derek0405
3 points
198.
▲
Heap memory corruption in ASN.1 parsing code
github.com/programa-stic
discuss
10 years ago
tshtf
3 points
199.
▲
Unauthenticated Object Write Vulnerability in MinIO
github.com/minio
1 comment
2 months ago
llui85
2 points
200.
▲
Displaying a crafted file in Tabby terminal can run shell commands
github.com/Eugeny
discuss
a month ago
logickkk1
2 points
201.
▲
Denial of Service Vulnerability in React Server Components
github.com/facebook
discuss
a month ago
karimf
2 points
202.
▲
macOS Stats: Local Privilege Escalation via Exposed XPC Method
github.com/exelban
discuss
5 months ago
inatreecrown2
2 points
203.
▲
.NET Security Feature Bypass Vulnerability
github.com/dotnet
discuss
8 months ago
alexis2b
2 points
204.
▲
Malicious versions of Nx and some supporting plugins were published
github.com/nrwl
discuss
10 months ago
todsacerdoti
2 points
205.
▲
Visual Studio Code for Linux Remote Code Execution Vulnerability CVE-2024-43601
github.com/microsoft
discuss
2 years ago
agrmohit
2 points
206.
▲
Git RCE affects recursive clones on case-insensitive filesystems with symlinks
github.com/git
discuss
2 years ago
mooreds
2 points
207.
▲
External OpenID Connect Account Takeover by Email Change
github.com/mastodon
discuss
2 years ago
mooreds
2 points
208.
▲
Several container breakouts due to internally leaked fds
github.com/opencontainers
discuss
2 years ago
harporoeder
2 points
209.
▲
Visual Studio Code: Remote Code Execution
github.com/microsoft
discuss
4 years ago
croes
2 points
210.
▲
Auto generate Kubernetes pod security policies
github.com/sysdiglabs
discuss
7 years ago
mfdii
2 points
More