Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
61.
▲
PHP Security Advisories Database
(github.com/FriendsOfPHP)
1 point
mooreds
6 years ago
discuss
62.
▲
PHP Security Advisories Database
(github.com/FriendsOfPHP)
1 point
todsacerdoti
6 years ago
discuss
63.
▲
Nx compromised: malware uses Claude code CLI to explore the filesystem
(semgrep.dev)
493 points
neuroo
9 months ago
39 comments
64.
▲
Malicious versions of Nx and some supporting plugins were published
(github.com/nrwl)
443 points
longcat
9 months ago
433 comments
65.
▲
Helm local code execution via a malicious chart
(github.com/helm)
172 points
irke882
a year ago
94 comments
66.
▲
Arbitrary file execution in TZinfo (Ruby)
(github.com/tzinfo)
106 points
Ichaelus
4 years ago
25 comments
67.
▲
Trivy ecosystem supply chain temporarily compromised
(github.com/aquasecurity)
102 points
batch12
3 months ago
37 comments
68.
▲
Composer leaks contents of tokens configured as GitHub OAuth tokens
(github.com/composer)
70 points
damienwebdev
22 days ago
27 comments
69.
▲
Malicious URLs cause Git (v2.26.0) to present stored credentials to wrong server
(github.com/git)
29 points
vwpolo3
6 years ago
2 comments
70.
▲
CVE-2024-23832 Mastodon Vulnerability: Remote user impersonation and takeover
(github.com/mastodon)
21 points
niel
2 years ago
3 comments
71.
▲
Flatpak: Complete Sandbox Escape
(github.com/flatpak)
20 points
eyberg
2 months ago
discuss
72.
▲
CVE-2025-5689: New authd users logging in via SSH are members of the root group
(github.com/ubuntu)
11 points
detaro
a year ago
discuss
73.
▲
Unauthenticated Remote Code Execution in Erlang/OTP SSH
(github.com/erlang)
8 points
asa400
a year ago
discuss
74.
▲
1-day RCE vulnerability in vim
(github.com/vim)
7 points
weinzierl
2 months ago
2 comments
75.
▲
Insecure Random Number Generation
(github.com/juliangruber)
7 points
Tomte
5 years ago
1 comment
76.
▲
Libfuse io_uring use-after-free and NULL deref (CVE-2026-33150, CVE-2026-33179)
(github.com/libfuse)
5 points
agarwal72
2 months ago
2 comments
77.
▲
Hardcoded Auth Token in RustFS (CVE-2025-68926)
(github.com/rustfs)
5 points
Tiberium
5 months ago
1 comment
78.
▲
CVE in jsoup: users should upgrade to version 1.14.2 [CVSS 7.5]
(github.com/jhy)
3 points
lrngjcb
5 years ago
1 comment
79.
▲
Axios: Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
(github.com/axios)
3 points
mhsdef
2 months ago
discuss
80.
▲
Unauthorized of Cline CLI with modified postinstall script to install OpenClaw
(github.com/cline)
3 points
tamnd
4 months ago
discuss
81.
▲
New authd users logging in via SSH are members of the root group
(github.com/ubuntu)
3 points
emreb
a year ago
discuss
82.
▲
Container breakout through process.cwd trickery and leaked fds
(github.com/opencontainers)
3 points
todsacerdoti
2 years ago
discuss
83.
▲
Heap memory corruption in ASN.1 parsing code
(github.com/programa-stic)
3 points
tshtf
10 years ago
discuss
84.
▲
Unauthenticated Object Write Vulnerability in MinIO
(github.com/minio)
2 points
llui85
2 months ago
1 comment
85.
▲
Displaying a crafted file in Tabby terminal can run shell commands
(github.com/Eugeny)
2 points
logickkk1
17 days ago
discuss
86.
▲
Denial of Service Vulnerability in React Server Components
(github.com/facebook)
2 points
karimf
a month ago
discuss
87.
▲
macOS Stats: Local Privilege Escalation via Exposed XPC Method
(github.com/exelban)
2 points
inatreecrown2
4 months ago
discuss
88.
▲
.NET Security Feature Bypass Vulnerability
(github.com/dotnet)
2 points
alexis2b
8 months ago
discuss
89.
▲
Malicious versions of Nx and some supporting plugins were published
(github.com/nrwl)
2 points
todsacerdoti
9 months ago
discuss
90.
▲
Visual Studio Code for Linux Remote Code Execution Vulnerability CVE-2024-43601
(github.com/microsoft)
2 points
agrmohit
2 years ago
discuss
More