Lucene search
K

5424 matches found

Microsoft Secure
Microsoft Secure
added 2026/05/07 8:22 p.m.179 views

When prompts become shells: RCE vulnerabilities in AI agent frameworks

In this article 1. A representative case study: Semantic Kernel 2. CVE-2026-26030: In-Memory Vector Store 3. CVE-2026-25592: Arbitrary file write through SessionsPythonPlugin 4. The vulnerability 5. Attack chain overview 6. Defending the agentic edge 7. Not bugs, but developed by design 8. CTF...

9.9CVSS6.6AI score0.02914EPSS
Exploits2
Github Security Blog
Github Security Blog
added 2026/05/07 12:57 a.m.26 views

Gotenberg has a Server-Side Request Forgery (SSRF) Issue

Summary The SSRF hardening shipped in v8.31.0 only covers outbound URLs that Gotenberg's Go code handles — Chromium asset fetches, webhook delivery, and download-from. The LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecti...

8.2CVSS5.9AI score0.00245EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploit
added 2026/05/07 12:7 a.m.82 views

groovestrike

GrooveStrike Autonomous Penetration Testing Framework...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37460

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur when filemap release folio is invoked on a folio belonging to a mapping with AS RELEASE ALWAYS set but without a defined release folio operation. In...

5.5CVSS6.1AI score0.00123EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.23 views

SecureMCP: A Policy-Enforced LLM Data Access Framework for AIoT Systems Via Model Context Protocol

The deployment of Large Language Model LLM-generated SQL queries in Artificial Intelligence of Things AIoT systems introduces critical security risks, as prompt injection attacks can manipulate LLMs into producing unauthorized queries that expose sensitive data or execute destructive operations...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.19 views

Gray-Box Poisoning of Continuous Malware Ingestion Pipelines

Modern malware detection pipelines rely on continuous data ingestion and machine learning to counter the high volume of novel threats. This work investigates a realistic gray-box poisoning threat model targeting these pipelines. Using the secmlmalware framework, we generate problem-space...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.16 views

ARGUS: Defending LLM Agents against Context-Aware Prompt Injection

The rise of Large Language Model LLM agents, augmented with tool use, skills, and external knowledge, has introduced new security risks. Among them, prompt injection attacks, where adversaries embed malicious instructions into the agent workflow, have emerged as the primary threat. However,...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.11 views

The Adversarial Discount - AI, Signal Correlation, and the Cybersecurity Arms Race

We study a contest-theoretic model of adversarial investment in which an attacker and a defender allocate resources to AI-augmented capabilities across multiple attack surfaces. The attacker's investment operates through two channels: it amplifies offensive potency unconditionally and erodes...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.5 views

Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense

Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.13 views

Autonomous LLM Agent Worms: Cross-Platform Propagation, Automated Discovery and Temporal Re-Entry Defense

Autonomous LLM agents operate as long-running processes with persistent workspaces, memory files, scheduled task state, and messaging integrations. These features create a new propagation risk: attacker-influenced content can be written into persistent agent state, re-enter the LLM decision conte...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.12 views

PIIGuard: Mitigating PII Harvesting under Adversarial Sanitization

Browsing-enabled LLM assistants can fetch webpages and answer contact-seeking queries, creating a practical channel for scraping contact-style personally identifiable information PII from public pages. Many prior defenses are deployed at the model, service, or agent layer rather than at the webpa...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/05/02 3:6 a.m.8 views

CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments

In this article 1. Vulnerability details 2. Mitigation and protection guidance 3. Microsoft Defender XDR detections 4. References 5. Learn more Microsoft Defender is investigating a high-severity local privilege escalation vulnerability CVE-2026-31431 affecting multiple major Linux distributions...

7.8CVSS6.5AI score0.96267EPSS
Exploits230
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.16 views

PT-2026-36320

Unauthenticated Cross Site Scripting XSS in Contact Form to Any API = 3.0.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.7 views

Cisco Firepower Threat Defense (FTD) Software OSPF DoS Vulnerabilities (cisco-sa-asaftd-ospf-ZH8PhbSW)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

6.8CVSS5.8AI score0.00251EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.3 views

Cisco Adaptive Security Appliance (ASA) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacke...

8.6CVSS5.9AI score0.00358EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.4 views

Cisco Firepower Threat Defense (FTD) Software IKEv2 DoS Vulnerabilities (cisco-sa-asaftd-ikev2-dos-eBueGdEG)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by multiple vulnerabilities. - A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a...

7.7CVSS5.8AI score0.00303EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.22 views

Cisco Firepower Threat Defense (FTD) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an...

8.6CVSS5.8AI score0.00358EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.23 views

Cisco Firepower Threat Defense (FTD) Software TLS with Snort 3 Detection Engine DoS (cisco-sa-ftd-tcp-dos-rHfqnwRg)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the TLS processing feature of the Snort 3 detection engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote...

5.8CVSS5.8AI score0.00373EPSS
Exploits0References4
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/04/30 12:0 a.m.15 views

Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia

A China-aligned threat group is exploiting unpatched Microsoft Exchange vulnerabilities to conduct cyberespionage against government and critical infrastructure targets across Asia and beyond...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/30 12:0 a.m.18 views

Secret Stealing Attacks on Local LLM Fine-Tuning through Supply-Chain Model Code Backdoors

Local fine-tuning datasets routinely contain sensitive secrets such as API keys, personal identifiers, and financial records. Although ''local offline fine-tuning'' is often viewed as a privacy boundary, we reveal that compromised model code is sufficient to steal them. Current passive...

6AI score
Exploits0
Rows per page
Query Builder