BDO-Ontology

🧠 OntologyLab !Python 3.11+https://img.shields.io/badge/P...

CVE-2026-28410 The Graph: Revocable vesting contracts allows early access to locked tokens

The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...

EUVD-2026-9871

The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...

CVE-2026-28410

The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...

CVE-2026-28410 The Graph: Revocable vesting contracts allows early access to locked tokens

The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...

CVE-2026-28410

CVE-2026-28410 affects The Graph protocol. Prior to v3.0.0, token vesting contracts contained a flaw enabling early access to tokens that should remain locked; the issue has been patched in v3.0.0. Connected sources confirm affected versions are before 3.0.0 and indicate remediation via upgrade t...

CVE-2026-28410 The Graph: Revocable vesting contracts allows early access to locked tokens

The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...

Mercurius 安全漏洞

Mercurius is an open-source GraphQL adapter developed by mercurius-js. Versions of Mercurius prior to 16.4.0 contained a security vulnerability, which was caused by incorrect parsing of the Content-Type header. This vulnerability could lead to Cross-Site Request Forgery attacks...

The Graph 安全漏洞

The Graph is an open-source blockchain indexing protocol developed by The Graph. Versions of The Graph prior to 3.0.0 contained security vulnerabilities. These vulnerabilities stemmed from defects in the token ownership contract, which could allow users to access tokens that should be protected...

PT-2026-23505

Name of the Vulnerable Software and Affected Versions The Graph versions prior to 3.0.0 Description A flaw exists in the token vesting contracts of The Graph protocol. This issue allows users to access tokens before they are released according to their vesting schedule. The problem was addressed...

A Bootiful Podcast: Neo4j legend Jennifer Reif

Hi, Spring fans! In this installment, I talk to Jennifer Reif, developer advocate at Neo4J, about graph RAG, graph databases, GraphQL, Neo4J, Spring Data Neo4J, and more. neo4j graphRag AI artificialintelligence...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005766 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Add condresched to ftracegraphsethash When the kernel contains a large number of function...

Malicious code in graph-dynamic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fc9e411d29d7d359cf81fe3140dc3cee9d1583e20ad8bbf32ca9fb9e6e09860 The package graph-dynamic was found to contain malicious code. Source: ghsa-malware 2662ddb0770767495266ae6388242dbeb6fd0dfde8015252228968e4d28e1ad1...

Malicious Package

Overview graph-dynamic is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-1177 Malicious code in graph-dynamic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fc9e411d29d7d359cf81fe3140dc3cee9d1583e20ad8bbf32ca9fb9e6e09860 The package graph-dynamic was found to contain malicious code. Source: ghsa-malware 2662ddb0770767495266ae6388242dbeb6fd0dfde8015252228968e4d28e1ad1...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005504 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Add condresched to ftracegraphsethash When the kernel contains a large number of function...

Phishing the Phishers with SpecularNet: Hierarchical Graph Autoencoding for Reference-Free Web Phishing Detection

Phishing remains the most pervasive threat to the Web, enabling large-scale credential theft and financial fraud through deceptive webpages. While recent reference-based and generative-AI-driven phishing detectors achieve strong accuracy, their reliance on external knowledge bases, cloud services...

How the Graph Construction Technique Shapes Performance in IoT Botnet Detection

The increasing incidence of IoT-based botnet attacks has driven interest in advanced learning models for detection. Recent efforts have focused on leveraging attention mechanisms to model long-range feature dependencies and Graph Neural Networks GNNs to capture relationships between data instance...

IU: Imperceptible Universal Backdoor Attack

Backdoor attacks pose a critical threat to the security of deep neural networks, yet existing efforts on universal backdoors often rely on visually salient patterns, making them easier to detect and less practical at scale. In this work, we introduce a novel imperceptible universal backdoor attac...

CVE-2025-9572

n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass...