9270 matches found
LLM-Assisted Deanonymization
Turns out that LLMs are good at de-anonymization: We show that LLM agents can figure out who you are from your anonymous online posts. Across Hacker News, Reddit, LinkedIn, and anonymized interview transcripts, our method identifies users with high precision and scales to tens of thousands of...
ASB-A-472596019
Bulletin has no description...
MINI-QVPX-J9FJ-F9FF
Bulletin has no description...
CVE-2026-28208
A flaw was found in Junrar, an open-source Java RAR archive library. This vulnerability, a backslash path traversal, allows a remote attacker to write arbitrary files to any location on the filesystem when a specially crafted RAR archive is extracted on Linux/Unix systems. This can lead to remote...
CVE-2026-27613
creationtimestamp| type| source ---|---|--- 2026-02-26 00:00:43+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mfpvbvhoae26 2026-02-26 01:47:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfq3b5rznv2u...
Fleet 安全特征问题漏洞
Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.80.1 contained security...
A Systematic Review of Algorithmic Red Teaming Methodologies for Assurance and Security of AI Applications
Cybersecurity threats are becoming increasingly sophisticated, making traditional defense mechanisms and manual red teaming approaches insufficient for modern organizations. While red teaming has long been recognized as an effective method to identify vulnerabilities by simulating real-world...
CVE-2026-26722
An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to escalate privileges via PIN component of the login functionality...
CVE-2026-22362
creationtimestamp| type| source ---|---|--- 2026-02-21 01:16:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfdh5xdbh72s...
MINI-G2XG-GCX5-F872
Bulletin has no description...
MINI-VG2J-QXGG-487V
Bulletin has no description...
Key Systems Global Facilities Management Software 安全漏洞
Key Systems Global Facilities Management Software is a facilities management system developed by the American company Key Systems. Version 20230721a of Key Systems Global Facilities Management Software contains a security vulnerability. This vulnerability stems from a problem with the PIN compone...
CVE-2026-0999 Authentication bypass via userID login when email and username login are disabled
Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to properly validate login method restrictions which allows an authenticated user to bypass SSO-only login requirements via userID-based authentication. Mattermost Advisory ID: MMSA-2025-00548...
Systematic Review of Lightweight Cryptographic Algorithms
The emergence of small computing devices and the integration of processing units into everyday objects has made lightweight cryptography an essential part of the security landscape. Conventional cryptographic algorithms such as AES, RSA, and DES are unsuitable for resource-constrained devices due...
CVE-2026-20638
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions...
CVE-2026-1774
creationtimestamp| type| source ---|---|--- 2026-02-12 04:40:06+00:00| seen| https://gist.github.com/alon710/31c4e451c394eacbaee20fa470c766e5...
Favia: Forensic Agent for Vulnerability-Fix Identification and Analysis
Identifying vulnerability-fixing commits corresponding to disclosed CVEs is essential for secure software maintenance but remains challenging at scale, as large repositories contain millions of commits of which only a small fraction address security issues. Existing automated approaches, includin...
PT-2026-7727
Name of the Vulnerable Software and Affected Versions CIPPlanner CIPAce versions prior to 9.17 Description Issues in the My Account and User Management components allow for access escalation. A user with low privileges can gain access to other accounts by manipulating the client’s user ID to modi...
MINI-7MPW-6JGF-Q8V8
Bulletin has no description...
CVE-2026-25811 PlaciPy Email Domain Trust Enables Cross-Tenant Data Access (Multi-Tenant Isolation Failure)
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application derives the tenant identifier directly from the email domain provided by the user, without validating domain ownership or registration. This allows cross-tenant data access...