Product
Analyzing Supply Chain Risks in Python Package Installation
2 TTPs 4 IOCsThreat actors, including TeamPCP, are increasingly using malicious Python packages in supply chain attacks to compromise developer devices and infrastructure by exploiting trust in Python's packaging ecosystem, leading to automatic payload execution during installation.
Open Babel Heap Buffer Overflow in ChemKin Parser (CVE-2025-10997)
1 TTP 1 CVEA heap buffer overflow vulnerability (CVE-2025-10997) in Open Babel's ChemKin parser allows an attacker to achieve memory corruption when a victim processes a specially crafted ChemKin file, potentially leading to denial of service or arbitrary code execution.
Open Babel PQS coord_file parser suffers from out-of-bounds write vulnerability (CVE-2022-43467)
2 TTPs 1 CVEA high-severity memory-safety vulnerability (CVE-2022-43467) in Open Babel's PQS `coord_file` parser allows an attacker to achieve an out-of-bounds write by tricking a victim into opening a specially crafted PQS file, potentially leading to arbitrary code execution or denial of service in systems processing untrusted chemistry file formats.
Linuxfabrik Monitoring Plugins Local Privilege Escalation via Sudo apt-get
1 rule 1 TTPA local privilege escalation vulnerability, CVE-2026-52817, exists in Linuxfabrik Monitoring Plugins within its Debian.sudoers configuration, allowing a pre-compromised `nagios` user to inject arbitrary `apt-get` arguments to execute commands as root and obtain a root shell on affected Debian systems.