Lucene search
K

685 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 3.4.1 enhancement update

Updated Red Hat Enterprise Linux AI 3.4.1 container images are now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications. This update provides the latest Red Hat Enterprise...

10CVSS6.7AI score0.00543EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added yesterday5 views

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 3.4.1 enhancement update

Updated Red Hat Enterprise Linux AI 3.4.1 container disk images are now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications. This update provides the latest Red Hat...

10CVSS6.7AI score0.00543EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago8 views

CVE-2026-47155

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. The revision pinning controls in vLLM do not consistently apply to all artifacts loaded for a model. This allows a deployment configured with specific revisions to still load dynamic code or other...

6.5CVSS5.8AI score0.00146EPSS
Exploits0References7
CVE
CVE
added 2026/06/22 9:55 p.m.13 views

CVE-2026-53923

Summary of CVE-2026-53923 : The vulnerability affects vLLM (GGUF dequantize kernels) where integer truncation of tensor dimensions causes partially filled output tensors. From 0.5.5 up to 0.23.1rc0, the code allocates the full output tensor (torch::empty) but the CUDA kernel processes only a trun...

7.5CVSS5.8AI score0.00281EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.18 views

PT-2026-51418

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.22.1 Description vLLM is an inference and serving engine for large language models. The Dockerfile is susceptible to a dependency confusion attack involving the flashinfer-jit-cache package. This occurs because the...

8.8CVSS6.2AI score0.00304EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2026/06/13 9:37 p.m.87 views

OffSploit

OffSploit: Autonomous Exploit Adaptation & C2 Framework !Py...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.8 views

PI-Hunter: Automated Red-Teaming for Exposing and Localizing Prompt Injections

Large Language Models LLMs are rapidly evolving into agentic systems that interact with external tools and environments, introducing new security risks such as indirect prompt injection attacks through untrusted external sources. Existing defenses mainly focus on blocking malicious content at...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.15 views

Securing Code Understanding: Detecting Natural Backdoor Vulnerability in Code Language Models

Code Language Models CodeLMs have become integral to software engineering, significantly advancing code intelligence tasks. However, their widespread adoption has raised critical security concerns, particularly regarding susceptibility to backdoor attacks. Recent studies have uncovered naturally...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.7 views

Now You (Still) See Me: Detecting Evasive Steganographic Payloads in LLMs

Large language models can be fine-tuned to encode prompt-borne secrets into fluent, seemingly benign outputs. This creates a steganographic exfiltration risk that is difficult to detect with output-level steganalysis. Recent work proposes mechanistic detection using linear probes that recover the...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/06 12:0 a.m.13 views

Closing the Sim-To-Real Gap: An Evaluation Framework for Autonomous Cyber Defense Configuration of Commercial EDR

Leading commercial endpoint detection and response EDR products have shifted from operator-configured rule sets to multi-component systems where autonomous AI components operate alongside, and increasingly in place of, operator-deployed policies. Autonomous defense agents using commercial EDR as...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7147

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.baseurl results in server-side request forgery. Remote...

7.5CVSS6.9AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.10 views

CVE-2026-44223

vLLM is an inference and serving engine for large language models LLMs. From to before 0.20.0, the extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The crash ...

6.5CVSS5.5AI score0.00367EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/06/05 11:20 a.m.18 views

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.7 views

Empirical Evaluation of Large Language Models for Migration of Code Fragments to Post-Quantum Cryptography

The transition to post-quantum cryptography PQC requires not only replacing vulnerable cryptographic primitives, but also refactoring the surrounding software logic. While existing PQC migration frameworks provide organizational guidance, practical code-level remediation remains largely manual an...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.17 views

Steering LLM Viewpoints through Fabricated Evidence Injection

As chatbots increasingly influence daily decision-making, their potential to produce misleading responses poses substantial risks to users. This paper investigates a critical cognitive vulnerability in LLMs: their tendency to uncritically trust external context when presented with fabricated...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.9 views

SHIELDS: Automating OS Hardening with Iterative Multi-Agent Remediation

Security misconfigurations remain a leading cause of OS-level compromise, and manually keeping systems compliant with standards like Defense Information Systems Agency DISA Security Technical Implementation Guides STIGs is a tedious and expensive process. Existing compliance automation tools can...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.8 views

Backdoor Unlearning Generalization: A Path toward the Removal of Unknown Triggers in LLMs

Backdoor attacks in Large Language Models LLMs are a growing security concern, where models can generate adversary-chosen content. Existing defenses target backdoors one at a time and typically require knowledge of the trigger, leaving the defender at a structural disadvantage when unknown...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.6 views

Patcher: Post-Hoc Patching of Backdoored Large Language Models

Large language models remain vulnerable to jailbreak backdoor attacks, where adversaries poison safety alignment data to embed hidden triggers that bypass safety mechanisms. Existing defenses often require comprehensive attack information or multiple triggered examples, making them impractical wh...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.9 views

Cross-Vendor Sola ISPM Benchmark: Evaluating Agentic AI for Federated Identity Security Reasoning

The rapid proliferation of multi-cloud and SaaS platforms has transformed Identity Security Posture Management ISPM into a fundamentally cross-vendor challenge: critical misconfigurations and privilege escalation paths increasingly span multiple identity providers, infrastructure layers, and...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.6 views

MaskForge: Structure-Aware Adaptive Attacks for Jailbreaking Diffusion Large Language Models

Diffusion large language models dLLMs generate text by iteratively denoising partially masked sequences under bidirectional context, exposing a safety surface distinct from autoregressive LLMs. Because mask tokens are native inputs and tokens are committed by confidence rather than position,...

5.8AI score
Exploits0
Rows per page
Query Builder