EUVD-2026-32999

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, when RUSTFSCORSALLOWEDORIGINS is unset, the RustFS S3 listener's ConditionalCorsLayer reflects any request Origin value back as Access-Control-Allow-Origin and also sets Access-Control-Allow-Credentials: true and...

DeepFake Forensics AI: A Multi-Modal Detection and Blockchain-Anchored Evidence Management Platform

The proliferation of AI-generated synthetic media poses a critical threat to the integrity of digital evidence in legal and forensic contexts. Existing deepfake detection systems typically address a single modality and provide no mechanism for tamper-proof evidence preservation. We present DeepFa...

PT-2026-44467

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, get shared secret in crates/ecstore/src/rpc/http auth.rs, falls back...

PT-2026-44474

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the RustFS console endpoint GET /rustfs/console/license returns parsed license metadata without requiring authentication. The endpoint is registered on the console listener and returns JSON containing license...

CVE-2026-22043

RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 through 1.0.0-alpha.78, a flawed denyonly short-circuit in RustFS IAM allows a restricted service account or STS credential to self-issue an unrestricted service account, inheriting the parent’s full privilege...

PT-2026-2144

Name of the Vulnerable Software and Affected Versions RustFS versions 1.0.0-alpha.13 through 1.0.0-alpha.78 Description RustFS is a distributed object storage system built in Rust. A flaw in the deny only short-circuit within RustFS IAM allows a restricted service account or STS credential to...

EUVD-2024-54839

Malicious code in bioql PyPI...

Yotta: a Large-Scale Trustless Data Trading Scheme for Blockchain System

Data trading is one of the key focuses of Web 3.0. However, all the current methods that rely on blockchain-based smart contracts for data exchange cannot support large-scale data trading while ensuring data security, which falls short of fulfilling the spirit of Web 3.0. Even worse, there is...

Blockchain Application in Metaverse: a Review

In recent years, the term Metaverse emerged as one of the most compelling concepts, captivating the interest of international companies such as Tencent, ByteDance, Microsoft, and Facebook. These company recognized the Metaverse as a pivotal element for future success and have since made significa...

Fedora: Security Advisory (FEDORA-2024-1c5e37820f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: ceph-18.2.2-1.fc40

Ceph is a massively scalable, open-source, distributed storage system that ru ns on commodity hardware and delivers object, block and file system storage...

USN-6292-1: Ceph vulnerability

It was discovered that Ceph incorrectly handled crash dumps. A local attacker could possibly use this issue to escalate privileges to root...

Apache Hive Provider Code Execution Vulnerability

Apache Airflow is a suite of open source platforms for creating, managing, and monitoring workflows from the Apache Foundation.The Apache Airflow Hive Provider is a toolkit for reading, writing, and managing large datasets in distributed storage using SQL. A code execution vulnerability exists in...

[SECURITY] Fedora 36 Update: ceph-16.2.12-1.fc36

Ceph is a massively scalable, open-source, distributed storage system that ru ns on commodity hardware and delivers object, block and file system storage...

[SECURITY] Fedora 37 Update: ceph-17.2.5-1.fc37

Ceph is a massively scalable, open-source, distributed storage system that ru ns on commodity hardware and delivers object, block and file system storage...

The vulnerability of the Storage Spaces Direct distributed storage function in Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Storage Spaces Direct distributed storage function in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Storage Spaces Direct distributed storage function in Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Storage Spaces Direct distributed storage function in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

Debian: Security Advisory (DLA-2735-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 32 Update: ceph-14.2.21-1.fc32

Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage...

[SECURITY] Fedora 32 Update: ceph-14.2.20-1.fc32

Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage...