CVE-2025-33238

NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability where an attacker may cause an exception. A successful exploit of this vulnerability may lead to denial of service...

CVE-2026-24151

NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to load a maliciously crafted input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering...

PT-2026-27502

NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability where an attacker may cause an exception. A successful exploit of this vulnerability may lead to denial of service...

NVIDIA Triton Inference Server 竞争条件问题漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. There is a vulnerability in NVIDIA Triton Inference Server Sagemaker HTTP server, which may lead to exceptions...

NVIDIA Triton Inference Server 竞争条件问题漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. NVIDIA Triton Inference Server has a vulnerability known as a race condition issue, which can lead to internal...

PT-2026-27507

NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause internal state corruption. A successful exploit of this vulnerability may lead to a denial of service...

NVIDIA Triton Inference Server 安全漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI capabilities in production environments. NVIDIA Triton Inference Server has a security vulnerability that stems from issues with HTTP...

PT-2026-27513

NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead to denial of service...

NVIDIA Megatron-LM 代码问题漏洞

NVIDIA Megatron-LM is a distributed training framework based on PyTorch developed by NVIDIA Corporation in the United States. It is specifically designed for training large-scale Transformer language models. NVIDIA Megatron-LM has code vulnerabilities, particularly an insecure deserialization...

Towards Secure Retrieval-Augmented Generation: A Comprehensive Review of Threats, Defenses and Benchmarks

Retrieval-Augmented Generation RAG significantly mitigates the hallucinations and domain knowledge deficiency in large language models by incorporating external knowledge bases. However, the multi-module architecture of RAG introduces complex system-level security vulnerabilities. Guided by the R...

EUVD-2026-13639

Qwik City has array method pollution in FormData processing allows type confusion and DoS...

Qwik City has array method pollution in FormData processing allows type confusion and DoS

Summary Qwik City improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object-property keys for the same path, an attacker could cause user-controlled properties to be written onto values that application code expected to be arrays...

Qwik 安全漏洞

Qwik is a micro-web framework developed by Qwik Dev. Versions of Qwik prior to 1.19.2 contained security vulnerabilities. These vulnerabilities stemmed from improper array inference during FormData parsing from dot-separated form field names, which could lead to request processing failures,...

Cyber-Resilient Digital Twins: Discriminating Attacks for Safe Critical Infrastructure Control

Industrial Cyber-Physical Systems ICPS face growing threats from cyber-attacks that exploit sensor and control vulnerabilities. Digital Twin DT technology can detect anomalies via predictive modelling, but current methods cannot distinguish attack types and often rely on costly full-system...

Timing Attack

Overview org.webjars.npm:h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to Timing Attack via the requireBasicAuth function. An attacker can recover valid authentication credentials by measuring response times and deducin...

Activation Surgery: Jailbreaking White-Box LLMs without Touching the Prompt

Most jailbreak techniques for Large Language Models LLMs primarily rely on prompt modifications, including paraphrasing, obfuscation, or conversational strategies. Meanwhile, abliteration techniques also known as targeted ablations of internal components have been used to study and explain LLM...

CVE-2026-32098 Parse Server has a protected fields bypass via LiveQuery subscription WHERE clause

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.9 and 8.6.35, an attacker can exploit LiveQuery subscriptions to infer the values of protected fields without directly receiving them. By subscribing with a WHERE clause th...

Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA)

Red Hat AI Inference Server Model Optimization Tools 3.2.2 CUDA is now available. Red Hat® AI Inference Server Model Optimization Tools...

How Harmonic Proved High-Performance AI Inference on Akamai GPUs

Find out how Harmonic achieved high-performance AI inference on Akamai Cloud with NVIDIA Blackwell GPUs, optimizing for speed and efficiency...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from the use of non-constant time string comparisons for hook token validation, which can be exploited by an attacker to infer a token via a timed side channel...