Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
691.
▲
Trivy ecosystem supply chain temporarily compromised
(github.com/aquasecurity)
102 points
batch12
3 months ago
37 comments
692.
▲
Composer leaks contents of tokens configured as GitHub OAuth tokens
(github.com/composer)
70 points
damienwebdev
a month ago
27 comments
693.
▲
Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server
(github.com/git)
29 points
vwpolo3
6 years ago
2 comments
694.
▲
CVE-2024-23832 Mastodon Vulnerability: Remote user impersonation and takeover
(github.com/mastodon)
21 points
niel
2 years ago
3 comments
695.
▲
Flatpak: Complete Sandbox Escape
(github.com/flatpak)
20 points
eyberg
2 months ago
discuss
696.
▲
CVE-2025-5689: New authd users logging in via SSH are members of the root group
(github.com/ubuntu)
11 points
detaro
a year ago
discuss
697.
▲
Unauthenticated Remote Code Execution in Erlang/OTP SSH
(github.com/erlang)
8 points
asa400
a year ago
discuss
698.
▲
1-day RCE vulnerability in vim
(github.com/vim)
7 points
weinzierl
2 months ago
2 comments
699.
▲
Insecure Random Number Generation
(github.com/juliangruber)
7 points
Tomte
5 years ago
1 comment
700.
▲
The zen of multiple platforms with nativescript and angularjs
(github.com/NathanWalker)
7 points
vgsbs
10 years ago
discuss
701.
▲
Libfuse io_uring use-after-free and NULL deref (CVE-2026-33150, CVE-2026-33179)
(github.com/libfuse)
5 points
agarwal72
3 months ago
2 comments
702.
▲
Hardcoded Auth Token in RustFS (CVE-2025-68926)
(github.com/rustfs)
5 points
Tiberium
5 months ago
1 comment
703.
▲
CVE in jsoup: users should upgrade to version 1.14.2 [CVSS 7.5]
(github.com/jhy)
3 points
lrngjcb
5 years ago
1 comment
704.
▲
You can now get weekly analytics on your advertisers as they do on you
(github.com/parthraghav)
3 points
parthraghav
6 years ago
1 comment
705.
▲
HTML5/CSS3: Advanced Topics
(github.com/MartinChavez)
3 points
martinchavez
11 years ago
1 comment
706.
▲
Axios: Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
(github.com/axios)
3 points
mhsdef
2 months ago
discuss
707.
▲
Unauthorized of Cline CLI with modified postinstall script to install OpenClaw
(github.com/cline)
3 points
tamnd
4 months ago
discuss
708.
▲
New authd users logging in via SSH are members of the root group
(github.com/ubuntu)
3 points
emreb
a year ago
discuss
709.
▲
Show HN: BP.AdventureFramework, a framework for writing text adventures in C#
(github.com/benpollarduk)
3 points
ragingben
2 years ago
discuss
710.
▲
Container breakout through process.cwd trickery and leaked fds
(github.com/opencontainers)
3 points
todsacerdoti
2 years ago
discuss
711.
▲
Colossal Cave Adventure in Python
(github.com/brandon-rhodes)
3 points
throwawaybutwhy
6 years ago
discuss
712.
▲
Conditional-Generative-Adversarial-Networks
(github.com/TheAILearner)
3 points
atulkrishna10
6 years ago
discuss
713.
▲
Show HN: Automated Kubernetes Pod Security Policy Creation
(github.com/sysdiglabs)
3 points
derek0405
7 years ago
discuss
714.
▲
Heap memory corruption in ASN.1 parsing code
(github.com/programa-stic)
3 points
tshtf
10 years ago
discuss
715.
▲
Unauthenticated Object Write Vulnerability in MinIO
(github.com/minio)
2 points
llui85
2 months ago
1 comment
716.
▲
Displaying a crafted file in Tabby terminal can run shell commands
(github.com/Eugeny)
2 points
logickkk1
20 days ago
discuss
717.
▲
Denial of Service Vulnerability in React Server Components
(github.com/facebook)
2 points
karimf
a month ago
discuss
718.
▲
Show HN: Structured red team code review as a Claude Code slash command
(github.com/richiethomas)
2 points
toomanyrichies
4 months ago
discuss
719.
▲
macOS Stats: Local Privilege Escalation via Exposed XPC Method
(github.com/exelban)
2 points
inatreecrown2
5 months ago
discuss
720.
▲
.NET Security Feature Bypass Vulnerability
(github.com/dotnet)
2 points
alexis2b
8 months ago
discuss
More