1314 matches found
CVE-2026-41659
Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...
CVE-2026-41659 Admidio: Hidden Profile Field Values Leaked via Blind Search Oracle in Member Assignment
Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...
AI Survey: 50% of Organizations Struggle to Maintain Latency at Scale
The Akamai State of AI Inference report captures real data from the field that describes how AI inference is being built and scaled in production today...
PINSIGHT: A Comprehensive Threat Exploration of Domain-Adaptive Wi-Fi Based PIN Code Inference
Wi-Fi signals can be exploited by adversaries as a sensing side channel to eavesdrop on physical information. By monitoring propagation effects of radio waves within the victim's environment, attackers can remotely infer sensitive information. One particularly concerning example is PIN code...
Noisy Networks, Nosy Neighbors: Simple Privacy Attacks against Residential Wireless Traffic
Smart devices, such as light bulbs, TVs, fridges, etc., equipped with computing capabilities and wireless communication, are part of everyday life in many households. Previous work has already shown that a passive eavesdropper can derive private information, household routines, etc., from the...
PT-2026-37143
Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description The member assignment DataTables endpoint 'members assignment data.php' includes hidden profile fields in its SQL search condition regardless of visibility settings. While the JSON output suppresses...
EDySec: A Deep Learning-Based Explainable Dynamic Analysis Framework for Detecting Malicious Packages in PyPI Ecosystem
The security of open-source software repositories is increasingly threatened by next-gen software supply chain attacks. These attacks include multiphase malware execution, remote access activation, and dynamic payload generation. Traditional Machine Learning ML detectors struggle to detect these...
SecScan
SecScan Local-LLM-powered security scanner for GitHub repos...
CVE-2026-25874
LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable...
ONE 输入验证错误漏洞
ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of the size of constant tensor data, whi...
API Security Based on Automatic OpenAPI Mapping
This paper presents Map Reduce Graph MRG, a novel unsupervised method for modeling and securing HTTP REST APIs. MRG learns API structure from real-world traffic without prior knowledge or labels, automatically generating OpenAPI-compliant documentation by reconstructing routes, methods, and...
GuardPhish: Securing Open-Source LLMs from Phishing Abuse
The rapid adoption of open-source Large Language Models LLMs in offline and enterprise environments has introduced a largely unexamined security risk like susceptibility to adversarial phishing prompts under static safety configurations. In this work, we systematically investigate this...
Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.3.1 (CUDA)
Red Hat AI Inference Server Model Optimization Tools 3.3.1 CUDA is now available. Red Hat® AI Inference Server Model Optimization Tools...
Important: Red Hat Security Advisory: Red Hat AI Inference Server 3.3.1 (CUDA)
Red Hat AI Inference Server 3.3.1 CUDA is now available. Red Hat® AI Inference Server...
Important: Red Hat Security Advisory: Red Hat AI Inference Server 3.3.1 (ROCm)
Red Hat AI Inference Server 3.3.1 ROCm is now available. Red Hat® AI Inference Server...
Evaluating Differential Privacy against Membership Inference in Federated Learning: Insights from the NIST Genomics Red Team Challenge
While Federated Learning FL mitigates direct data exposure, the resulting trained models remain susceptible to membership inference attacks MIAs. This paper presents an empirical evaluation of Differential Privacy DP as a defense mechanism against MIAs in FL, leveraging the environment of the 202...
Important: Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (CUDA)
Red Hat AI Inference Server 3.2.2 CUDA is now available. Red Hat® AI Inference Server...
CVE-2026-24174
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service...
EUVD-2026-19755
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service...
EUVD-2026-19757
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service...