CVE-2026-27509 Unitree Go2 Missing DDS Authentication Enables Adjacent RCE

Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 EDU do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programmingactuator/request handled by actuatormanager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publi...

CVE-2026-27509 Unitree Go2 Missing DDS Authentication Enables Adjacent RCE

Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 EDU do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programmingactuator/request handled by actuatormanager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publi...

CVE-2026-27509

CVE-2026-27509 affects Unitree Go2 firmware versions V1.1.7–V1.1.9 and V1.1.11 (EDU). The issue is missing DDS authentication/authorization for Eclipse CycloneDDS topic rt/api/programming_actuator/request (handled by actuator_manager.py). A network-adjacent, unauthenticated attacker can join DDS ...

CVE-2026-27509

Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 EDU do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programmingactuator/request handled by actuatormanager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publi...

Eve'S Forgery Probability from Her False Acceptance Probability: Interactive Authentication, Holevo Information and the Min-Entropy

We obtain estimates for Eve's forgery probability, namely the probability that she is able to forge a message which Alice or Bob mistakenly accept over a noisy Quantum channel for generating a shared Quantum secret key. This probability is related to Eve's success probability obtained in a previo...

Strengthening Security and Noise Resistance in One-Way Quantum Key Distribution Protocols through Hypercube-Based Quantum Walks

Quantum Key Distribution QKD is a foundational cryptographic protocol that ensures information-theoretic security. However, classical protocols such as BB84, though favored for their simplicity, offer limited resistance to eavesdropping, and perform poorly under realistic noise conditions. Recent...

A Lightweight Defense Mechanism against Next Generation of Phishing Emails Using Distilled Attention-Augmented BiLSTM

The current generation of large language models produces sophisticated social-engineering content that bypasses standard text screening systems in business communication platforms. Our proposed solution for mail gateway and endpoint deception detection operates in a privacy-protective manner whil...

Genetec Update Service 安全漏洞

The Genetec Update Service is a patch distribution backend component of the American company Genetec. The Genetec Update Service has a security vulnerability, which stems from local privilege escalation. This vulnerability may allow low-privilege Windows users who are authenticated to gain elevat...

SafePickle: Robust and Generic ML Detection of Malicious Pickle-Based ML Models

Model repositories such as Hugging Face increasingly distribute machine learning artifacts serialized with Python's pickle format, exposing users to remote code execution RCE risks during model loading. Recent defenses, such as PickleBall, rely on per-library policy synthesis that requires comple...

Malicious OpenClaw Skills Used to Distribute Atomic macOS Stealer

Malicious OpenClaw skills trick AI agents and users into installing a new AMOS variant that steals extensive data at scale...

CVE-2026-26101 Incorrect Permission Assignment for Critical Resource in Owl opds

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

PT-2026-21263

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

Gogs 安全漏洞

Gogs Go Git Service is a Go-based self-service Git hosting service developed by the Gogs team. It supports creating and migrating public/private repositories, as well as adding and removing repository collaborators. Gogs versions 0.13.4 and earlier have security vulnerabilities; these...

Comparison of Security Mechanisms of Mathematical Cipher, Wyner Scheme, QKD, and Quantum Stream Cipher

A new generation of global communications technology has been emerging. These systems, which utilize established device technologies and quantum effect devices, require ultra-high speeds, low cost, and strong security. In recent years, global communication systems have faced various practical...

Sparse Autoencoders Are Capable LLM Jailbreak Mitigators

Jailbreak attacks remain a persistent threat to large language model safety. We propose Context-Conditioned Delta Steering CC-Delta, an SAE-based defense that identifies jailbreak-relevant sparse features by comparing token-level representations of the same harmful request with and without...

Rethinking Security of Diffusion-Based Generative Steganography

Generative image steganography is a technique that conceals secret messages within generated images, without relying on pre-existing cover images. Recently, a number of diffusion model-based generative image steganography DM-GIS methods have been introduced, which effectively combat traditional...

Malicious code in hardixx-code (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c0eeb07f1a0f9149c6e22016d85bcc59e5d0bbbac9514fbef9a2ba0289bf75fe Version 1.0.2 introduced loading obfuscated code during importing the module. However, distributions uploaded to PyPI lack the necessary file storing the code...

Debian dsa-6124 : libwireshark-data - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6124 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6124-1 [email protected] https://www.debian.org/securit...

TeamViewer DEX Client Buffer Overflow Vulnerability

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. TeamViewer DEX Client prior to version 26.1 suffers from a buffer overflow vulnerability that stems from the Content Distribution Service's UDP command processor failing to correctly...

TeamViewer DEX Client Input Validation Error Vulnerability

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. An input validation error vulnerability exists in TeamViewer DEX Client versions prior to 26.1, which stems from a lack of validation of user control values in Content Distribution...