Lucene search
+L

1015 matches found

Schneier on Security
Schneier on Security
added 2026/05/18 11:8 a.m.21 views

Zero-Day Exploit Against Windows BitLocker

It's nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/14 5:16 p.m.29 views

CVE-2026-42555

Valtimo is an open-source business process automation platform. com.ritense.valtimo:document from 12.0.0 to before 12.32.0, com.ritense.valtimo:case from 13.0.0 to before 13.23.0, and com.ritense.valtimo:contract from 13.4.0 to before 13.23.0 evaluate Spring Expression Language SpEL expressions...

9.1CVSS0.00576EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/13 8:29 a.m.95 views

unverified_exploits

Unverified Exploits - Rule-Based Exploit Generation & Testing...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/10 10:36 a.m.9 views

Malicious code in noon-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e2a4c1ac3896b7769b47ab6659bf7b0d49f229963c910d0c9b9be11c5291c12 The package noon-contracts was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/10 10:36 a.m.9 views

MAL-2026-3420 Malicious code in noon-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e2a4c1ac3896b7769b47ab6659bf7b0d49f229963c910d0c9b9be11c5291c12 The package noon-contracts was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.9 views

Tailored Prompts, Targeted Protection: Vulnerability-Specific LLM Analysis for Smart Contracts

Smart contracts on blockchains are prone to diverse security vulnerabilities that can lead to significant financial losses due to their immutable nature. Existing detection approaches often lack flexibility across vulnerability types and rely heavily on manually crafted expert rules. In this pape...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/30 12:0 a.m.10 views

Alignment Contracts for Agentic Security Systems

Agentic security systems increasingly combine LLM planners with tools that can discover, validate, and report vulnerabilities. This creates an asymmetric control problem: the system should retain strong offensive capability inside an authorized engagement, while the same capabilities must be deni...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/28 12:10 p.m.165 views

codex-solidity

⛓️ Codex Solidity — Smart Contract & Protocol Audit Agent Imp...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.6 views

GoAT-X: A Graph of Auditing Thoughts for Securing Token Transactions in Cross-Chain Contracts

Cross-chain bridges, the critical infrastructure of the multi-chain ecosystem, have become a primary target for attackers, resulting in over $2.8 billion in losses due to subtle implementation flaws. Existing defenses, such as bytecode-level static analysis, are ill-equipped to handle the semanti...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.24 views

A Systematic Literature Review for Transformer-Based Software Vulnerability Detection

Context: Software vulnerabilities pose significant security threats to software systems, especially as software is increasingly used across many areas of daily life, including health, government, and finance. Recently, transformer-based models have demonstrated promising results in automatic...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/26 8:18 p.m.140 views

secureflow

AI-Powered Smart Contract Security Scanner An automated block...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.13 views

Nimiq 数字错误漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a numerical error vulnerability. This vulnerability stems from the nimiq-account contract’s VestingContract::canchangebalance function, which returns AccountError::InsufficientFund...

8.2CVSS5.8AI score0.00275EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 9:31 p.m.6 views

EUVD-2026-24389

Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft component: Contracts. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Contracts...

6.5CVSS5.7AI score0.00291EPSS
Exploits0References2
NVD
NVD
added 2026/04/21 9:16 p.m.11 views

CVE-2026-34300

Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft component: Contracts. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Contracts...

6.5CVSS0.00291EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.5 views

CVE-2026-34300

Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft component: Contracts. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Contracts...

6.5CVSS5.7AI score0.00291EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

Oracle PeopleSoft Enterprise FIN Contracts 安全漏洞

Oracle PeopleSoft Enterprise FIN Contracts is an enterprise contract financial management system developed by Oracle Corporation. Version 9.2 of Oracle PeopleSoft Enterprise FIN Contracts contains a security vulnerability. This vulnerability stems from issues with the Contracts component, which m...

6.5CVSS7.2AI score0.00291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-34124

Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft component: Contracts. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Contracts...

6.5CVSS5.7AI score0.00291EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/04/20 12:0 a.m.23 views

Security Is Relative: Training-Free Vulnerability Detection Via Multi-Agent Behavioral Contract Synthesis

Deep learning for vulnerability detection has shown promising results on early benchmarks, but recent evaluations reveal catastrophic degradation: models achieving F1 0.68 on legacy datasets collapse to 0.031 under strict deduplication. We identify the root cause as the semantic ambiguity problem...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/16 12:0 a.m.7 views

NFTDELTA: Detecting Permission Control Vulnerabilities in NFT Contracts through Multi-View Learning

Permission control vulnerabilities in Non-fungible token NFT contracts can result in significant financial losses, as attackers may exploit these weaknesses to gain unauthorized access or circumvent critical permission checks. In this paper, we propose NFTDELTA, a framework that leverages static...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/15 12:0 a.m.7 views

V2E: Validating Smart Contract Vulnerabilities through Profit-Driven Exploit Generation and Execution

Smart contracts are a critical component of blockchain systems. Due to the large amount of digital assets carried by smart contracts, their security is of critical importance. Although numerous tools have been developed for detecting smart contract vulnerability, their effectiveness remains...

6AI score
Exploits0
Rows per page
Query Builder