5446 matches found
CVE-2026-32187
Microsoft Edge Chromium-based Defense in Depth Vulnerability...
AWS SDK for .NET: Improper escaping of special characters in CloudFront policy document construction
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for .NET, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
EUVD-2026-16813
Microsoft Edge Chromium-based Defense in Depth Vulnerability...
CVE-2026-32187
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
AWS SDK for Java 2.0: Improper Handling of Special Characters in CloudFront Signing Utilities
Summary This notification is related to the CloudFront signing utilities in the AWS SDK for Java v2, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes an...
CVE-2026-32187
...
CVE-2026-32187
...
CVE-2026-32187
CVE-2026-32187 entry rejected/not used; this CVE ID is not an active vulnerability.
CVE-2026-32187
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Microsoft Edge (Chromium-based) Defense in Depth Vulnerability - Rejected
...
AWS SDK for .NET: Improper escaping of special characters in CloudFront policy document construction
This notification is related to the CloudFront signing utilities in the AWS SDK for .NET, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
AWS SDK for .NET: Improper escaping of special characters in CloudFront policy document construction
This notification is related to the CloudFront signing utilities in the AWS SDK for .NET, which are used to generate Amazon CloudFront signed URLs and signed cookies. A defense-in-depth enhancement has been implemented to improve handling of special characters, such as double quotes and...
CVE-2025-69783
A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...
Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound
From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned...
CVE-2026-20112
creationtimestamp| type| source ---|---|--- 2026-03-26 03:00:10+00:00| seen|...
CVE-2026-20104
creationtimestamp| type| source ---|---|--- 2026-03-26 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/cisco-ios-xe-multiple-vulnerabilities20260326 2026-03-26 03:00:10+00:00| seen|...
Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities
This blog discusses the steganography, cloud abuse, and email-based backdoors used against the Ukrainian defense supply chain in the latest Pawn Storm campaign that TrendAI™ Research observed and analyzed...
EUVD-2026-15428
A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...
API Security for AI Agents: Why Protection Has Never Been More Important.
For years, a lot of risky APIs survived simply because they were hard to find. They weren’t documented. Only a handful of engineers knew the endpoints. And if an attacker wanted to abuse them, they had to spend real time reverse‑engineering traffic and guessing how things worked. That “security b...
Grassroots DICOM (GDCM)
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted file, and when parsed, could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...