The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high ...
A heavily downloaded Node.js library has a high severity command injection vulnerability revealed this month. Tracked as CVE-2021-21315, the bug impacts the "systeminformation" npm component which ...
A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...
The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...
Microsoft Threat Intelligence has identified 3,000 ASP.NET keys disclosed in code documentation and repos that could be used in code injection attacks. Microsoft Threat Intelligence in December ...
Oracle is closing a critical code injection vulnerability in PeopleSoft with an update outside of its usual schedule.
Results that may be inaccessible to you are currently showing.
Hide inaccessible results