577 matches found
CVE-2026-40179 vulnerabilities
Vulnerabilities for packages: trillian, minio-object-browser, prometheus-pushgateway, keda, tempo, mc, splunk-otel-collector, node-problem-detector, jaeger, karma, loki, istio, minio, prometheus, cloud-sql-proxy, telegraf, datadog-agent, certificate-transparency, mcp-grafana, minio-operator...
web-pentest-tool
🛡️ AutoPenTest — Automated Penetration Testing Tool ⚠️ DI...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: step-ca, argo-events, emissary, fuse-overlayfs-snapshotter, terraform-docs, kserve-rest-proxy, nerdctl, sftpgo-plugin-geoipfilter, cilium-cli, falcoctl, kube-fluentd-operator, libnvidia-container, goreleaser, osv-scanner, dbmate, grafana,...
Exploit for CVE-2026-35616
CVE-2026-35616 - FortiClient EMS Vulnerability Detector !Py...
ML Defender (ARGus NDR): An Open-Source Embedded ML NIDS for Botnet and Anomalous Traffic Detection in Resource-Constrained Organizations
Ransomware and DDoS attacks disproportionately impact hospitals, schools, and small organizations that cannot afford enterprise security solutions. We present ML Defender aRGus NDR, an open-source network intrusion detection system built in C++20, deployable on commodity hardware at approximately...
From Component Manipulation to System Compromise: Understanding and Detecting Malicious MCP Servers
The model context protocol MCP standardizes how LLMs connect to external tools and data sources, enabling faster integration but introducing new attack vectors. Despite the growing adoption of MCP, existing MCP security studies classify attacks by their observable effects, obscuring how attacks...
CLEANSTART-2026-KR58137 Security fixes for CVE-2025-68121, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142, ghsa-6v2p-p543-phr9 applied in versions: 0.8.19-r0, 0.8.19-r1, 0.8.19-r2
Multiple security vulnerabilities affect the node-problem-detector package. These issues are resolved in later releases. See references for individual vulnerability details...
Numerical Security Framework for Quantum Key Distribution with Bypass Channels
Satellite based quantum key distribution QKD aims to establish secure key exchange over long distances despite significant technological challenges. To alleviate some of these challenges, Ghalaii et al. PRX Quantum 4, 040320 2023 proposed that any airborne eavesdropper up to a certain size can be...
Energy-Time Attack on Detectors in Quantum Key Distribution
Quantum key distribution is unbreakable in theory but may be hacked via imperfections in its hardware implementations. While many imperfections have been mitigated by countermeasures and advanced security proofs, several remain unsolved. One of these is a superlinear behaviour in single-photon...
NewStart CGSL MAIN 6.06 (SP) : openssh Multiple Vulnerabilities (NS-SA-2026-0003)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has openssh packages installed that are affected by multiple vulnerabilities: - The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control...
CVE-2026-1775
The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device...
EUVD-2026-9324
The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device...
CVE-2026-1775
The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device...
CVE-2026-1775
The CVE-2026-1775 entry concerns Labkotec LID-3300IP ice detector software with a missing authentication for a critical function. An unauthenticated attacker can alter device parameters and execute operational commands by sending specially crafted packets to the device. According to the provided ...
CVE-2026-1775
The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device...
Gravity Falls: A Comparative Analysis of Domain-Generation Algorithm (DGA) Detection Methods for Mobile Device Spearphishing
Mobile devices are frequent targets of eCrime threat actors through SMS spearphishing smishing links that leverage Domain Generation Algorithms DGA to rotate hostile infrastructure. Despite this, DGA research and evaluation largely emphasize malware C2 and email phishing datasets, leaving limited...
Recovery-Induced Erasure Attack on QKD Systems
Detector dead time is typically treated as a fixed parameter in quantum key distribution QKD security analyses. In practice, however, the effective recovery time of single-photon avalanche photodiodes SPADs depends on the incident count rate. In this work, we demonstrate that this...
Labkotec LID-3300IP 访问控制错误漏洞
The Labkotec LID-3300IP is an ice detector developed by the Finnish company Labkotec. The Labkotec LID-3300IP has a security vulnerability related to access control. This vulnerability stems from defects in the ice detector software, which may allow unauthorized attackers to modify device...
PT-2026-22826
Name of the Vulnerable Software and Affected Versions Labkotec LID-3300IP affected versions not specified Description The Labkotec LID-3300IP ice detector software contains a flaw that allows an unauthenticated attacker to modify device settings and execute commands by sending crafted network...
A week in security (February 23 – March 1)
Last week on Malwarebytes Labs: Public Google API keys can be used to expose Gemini AI data Inside a fake Google security check that becomes a browser RAT Fake Zoom and Google Meet scams install Teramind: A technical deep dive How to understand and avoid Advanced Persistent Threats The Conduent...