[SECURITY] Fedora 43 Update: rust-eif_build-0.2.1-7.fc43

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

[SECURITY] Fedora 44 Update: rust-eif_build-0.2.1-7.fc44

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

ios-imessage-zero-click-exploit

CVE-2025-31200/31201 - iOS Zero-Click iMessage Exploit Chai...

Astra Linux - уязвимость в mbedtls

A issue was discovered in Arm Mbed TLS prior to version 2.23.0. Due to a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed...

Arbitrary Code Injection

Enclave is vulnerable to Arbitrary Code Injection. The vulnerability is due to improper enforcement of security boundaries in @enclave-vm/core, allowing attackers to escape the JavaScript sandbox environment and achieve arbitrary code execution on the host system...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Resolved the race condition between SECS reclaiming and page fault for EAUG. The SGX EPC reclaimer ksgxd may reclaim the SECS EPC page for an enclave and set secs.epcpage to NULL. The SECS page is used for EAUG and ELDU ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Add a overflow check in sgxvalidateoffsetlength The sgxvalidateoffsetlength function verifies the "offset" and "length" arguments provided by userspace. However, there was a lack of an overflow check when these arguments...

KingsGuard: Enclave Data Protection under Real-World TEE Vulnerabilities

Trusted Execution Environments TEEs have emerged as a cornerstone for securing sensitive computations by providing isolated enclaves protected from untrusted software. However, their security guarantees are undermined by vulnerabilities in both the enclave code and the underlying hardware design,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013705)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013705 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and...

AppleSEPKeyStore Stress Tester / Fuzzer

This code is not a fully functional exploit, but rather a concurrency stress test and race-condition trigger targeting the Apple Secure Enclave key management driver AppleSEPKeyStore...

Exploit for Code Injection in Agentfront Enclave

CVE-2026-27597 - version Remote Code Execution Quick Usage...

CVE-2026-32220

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

CVE-2026-23670

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

EUVD-2026-22607

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

EUVD-2026-22366

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

CVE-2026-32220

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

CVE-2026-23670

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

CVE-2026-32220

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

UEFI Secure Boot Security Feature Bypass Vulnerability

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...