CVE-2026-42035

Axios prior to versions 1.15.1 and 0.31.1 contains a prototype pollution gadget in the HTTP adapter (lib/adapters/http.js) that can inject arbitrary HTTP headers into outgoing requests. The issue occurs when Object.prototype is polluted with getHeaders, append, pipe, on, once, and Symbol.toString...

Agent Name Service (ANS): a Universal Directory for Secure AI Agent Discovery and Interoperability

The proliferation of AI agents requires robust mechanisms for secure discovery. This paper introduces the Agent Name Service ANS, a novel architecture based on DNS addressing the lack of a public agent discovery framework. ANS provides a protocol-agnostic registry infrastructure that leverages...