CVE-2026-25523 (MEDIUM) CVSS 5.3
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
Open source ecosystems have a long tail security problem.
Yesterday, Sansec discovered an active keylogger at an external site of one of America’s largest banks.
Update Jan 15th: the malware appears to have been removed.
Sansec researchers discovered that ConnectPOS, a popular Point of Sale solution, had been exposing a GitHub Personal Access Token (PAT) in their public installation instructions for over four years…
NameMgt_VarnishVulnerable1.0.10 and earlierFixed in1.
🔴 Severity: CRITICAL (CVSS 9.
🔴 Severity: CRITICAL (CVSS 9.
🔴 Severity: CRITICAL (CVSS 9.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.
🟡 Severity: MEDIUM (CVSS 5.