287 matches found
Next.js Middleware Authorization Bypass Scanner
This module detects self-hosted Next.js applications affected by CVE-2025-29927, an authorization bypass in the middleware layer. Next.js tags its own internal subrequests with the x-middleware-subrequest header and skips middleware when it sees it. The header is trusted without verifying it...
Astra Linux – Vulnerability in Firefox and Thunderbird
On 64-bit platforms, IonMonkey-JIT only writes 32 bits of the 64-bit return value space onto the stack. However, Baseline-JIT reads the entire 64 bits. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and...
CVE-2024-39575
updatediskpsubaseline.sh requires password in plain text...
CVE-2024-39575
Technical details are not publicly available in the provided documents; monitor for updates.
Security Misconfiguration
@hulumi/baseline is vulnerable to Security Misconfiguration. The vulnerability is due to AccountFoundation reuse paths silently downgrading GuardDuty and Security Hub security settings, which allows an attacker to operate with reduced detection and monitoring capabilities in the affected...
CVEAlertor
CVEAlertor Get an instant Telegram alert the moment a new C...
@hulumi/platform-patterns (>=0.0.0-bootstrap.0 <=1.3.2) potentially affected by CVE-2026-48037 via @hulumi/baseline (>=1.3.1 <=1.3.2)
@hulumi/baseline NPM version =1.3.1, =0.0.0-bootstrap.0, =1.3.2 Source cves: CVE-2026-48037 Source advisory: OSV:GHSA-CJ8G-PRCM-MFG5...
@hulumi/baseline: AccountFoundation reuse paths silently downgrade GuardDuty / Security Hub posture
Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: Medium — CWE-693 Protection Mechanism Failure Summary AccountFoundation can either create AWS detective services GuardDuty for threat detection, Security Hub for compliance dashboards or reuse pre-existing ones via opt-in flags. The...
GHSA-2MXR-P26X-MJ73 @hulumi/baseline: AccountFoundation audit-delivery S3 bucket could be silently weakened
Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-1059 Insufficient Technical Documentation / Behavioral Inconsistency Summary The S3 bucket that AccountFoundation creates to receive CloudTrail and AWS Config audit logs is meant to be tamper-resistant — if someone with...
@hulumi/platform-patterns (>=0.0.0-bootstrap.0 <=1.3.2) potentially affected by CVE-2026-48035 via @hulumi/baseline (>=1.3.1 <=1.3.2)
@hulumi/baseline NPM version =1.3.1, =0.0.0-bootstrap.0, =1.3.2 Source cves: CVE-2026-48035 Source advisory: OSV:GHSA-2MXR-P26X-MJ73...
@hulumi/baseline: AccountFoundation audit-delivery S3 bucket could be silently weakened
Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-1059 Insufficient Technical Documentation / Behavioral Inconsistency Summary The S3 bucket that AccountFoundation creates to receive CloudTrail and AWS Config audit logs is meant to be tamper-resistant — if someone with...
PT-2026-48479
Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: Medium — CWE-693 Protection Mechanism Failure Summary AccountFoundation can either create AWS detective services GuardDuty for threat detection, Security Hub for compliance dashboards or reuse pre-existing ones via opt-in flags. The...
terraform-aws-wafacl-golden
terraform-aws-wafacl-golden !Terraformhttps://img.shields...
Quality-Diversity Evolution for Discovering Diverse Vulnerabilities in LLM Safety
Current approaches to LLM adversarial testing suffer from coverage gaps: manual red-teaming does not scale, LLM-as-attacker methods exhibit mode collapse, and gradient-based approaches produce uninterpretable gibberish. We introduce a quality-diversity evolutionary framework that operates at the...
@hulumi/platform-patterns (=0.0.0-bootstrap.0) potentially affected by unknown CVE via @hulumi/baseline (=1.3.1)
@hulumi/baseline NPM version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on @hulumi/baseline and may be impacted: - @hulumi/platform-patterns =0.0.0-bootstrap.0 Source cves: unknown CVE Source advisory: OSV:GHSA-GFP8-MP24-5VXG...
GHSA-GFP8-MP24-5VXG @hulumi/baseline: CloudTrail selector tampering events were not fully detected
Impact: @hulumi/baseline versions before 1.3.2 could miss some CloudTrail event-selector tampering evidence, reducing coverage for changes to audit logging configuration. Patched in 1.3.2: detection coverage and regression tests were expanded. Remediation: upgrade @hulumi/baseline to 1.3.2 or lat...
ISPB
🛡️ AI-powered Security Scanner Platform A next-generation...
Observability for Post-Quantum TLS Readiness: A Multi-Surface Evidence Framework
Post-quantum migration in Transport Layer Security TLS requires evidence-aware measurements that distinguish session negotiation, endpoint capability, certificate-chain evidence, and the provenance of missing observations. This distinction is essential under TLS 1.3 encryption, resumption, mutual...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
copy-success — CVE-2026-31431 Compensating Control A defensiv...
OSV-2026-600 Heap-buffer-overflow in skcms_private::baseline::clut
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504261818 Crash type: Heap-buffer-overflow READ 8 Crash state: skcmsprivate::baseline::clut skcmsprivate::baseline::execstages skcmsprivate::baseline::runprogram...