CVE-2025-25014

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints...

CVE-2025-25014

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints...

CVE-2025-25014 Kibana arbitrary code execution via prototype pollution

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints...

CVE-2025-25014 Kibana arbitrary code execution via prototype pollution

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints...

CVE-2025-25014

KIBANA: CVE-2025-25014 is a prototype-pollution vulnerability in Kibana that enables arbitrary code execution via crafted HTTP requests to the Machine Learning or Reporting endpoints. Public details indicate exploitation is possible remotely over the network with low complexity and requires high ...

PT-2025-19890 · Kibana · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana versions 8.3.0 through 8.17.5 Kibana version 8.18.0 Kibana version 9.0.0 Description: A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints...

PT-2025-19876 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to a transient Denial of Service DOS that occurs while parsing per Station STA profile in Machine Learning ML Internet Explorer IE. No additional details are provided...

Detecting Quishing Attacks with Machine Learning Techniques through QR Code Analysis

The rise of QR code based phishing "Quishing" poses a growing cybersecurity threat, as attackers increasingly exploit QR codes to bypass traditional phishing defenses. Existing detection methods predominantly focus on URL analysis, which requires the extraction of the QR code payload, and may...

The Steganographic Potentials of Language Models

The potential for large language models LLMs to hide messages within plain text steganography poses a challenge to detection and thwarting of unaligned AI agents, and undermines faithfulness of LLMs reasoning. We explore the steganographic capabilities of LLMs fine-tuned via reinforcement learnin...

A Chaos Driven Metric for Backdoor Attack Detection

The advancement and adoption of Artificial Intelligence AI models across diverse domains have transformed the way we interact with technology. However, it is essential to recognize that while AI models have introduced remarkable advancements, they also present inherent challenges such as their...

Bridging Expertise Gaps: the Role of LLMs in Human-AI Collaboration for Cybersecurity

This study investigates whether large language models LLMs can function as intelligent collaborators to bridge expertise gaps in cybersecurity decision-making. We examine two representative tasks-phishing email detection and intrusion detection-that differ in data modality, cognitive complexity,...

Security Bulletin: FreeType Remote Code Execution Vulnerability affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data

Summary FreeType Remote Code Execution Vulnerability affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0 and below newer...

Advancing Email Spam Detection: Leveraging Zero-Shot Learning and Large Language Models

Email spam detection is a critical task in modern communication systems, essential for maintaining productivity, security, and user experience. Traditional machine learning and deep learning approaches, while effective in static settings, face significant limitations in adapting to evolving spam...

A Comprehensive Analysis of Adversarial Attacks against Spam Filters

Deep learning has revolutionized email filtering, which is critical to protect users from cyber threats such as spam, malware, and phishing. However, the increasing sophistication of adversarial attacks poses a significant challenge to the effectiveness of these filters. This study investigates t...

A Survey on Privacy Risks and Protection in Large Language Models

Although Large Language Models LLMs have become increasingly integral to diverse applications, their capabilities raise significant privacy concerns. This survey offers a comprehensive overview of privacy risks associated with LLMs and examines current solutions to mitigate these challenges. Firs...

Privacy Preserving Machine Learning Model Personalization through Federated Personalized Learning

The widespread adoption of Artificial Intelligence AI has been driven by significant advances in intelligent system research. However, this progress has raised concerns about data privacy, leading to a growing awareness of the need for privacy-preserving AI. In response, there has been a seismic...

PQS-BFL: a Post-Quantum Secure Blockchain-Based Federated Learning Framework

Federated Learning FL enables collaborative model training while preserving data privacy, but its classical cryptographic underpinnings are vulnerable to quantum attacks. This vulnerability is particularly critical in sensitive domains like healthcare. This paper introduces PQS-BFL Post-Quantum...

编号撤回

H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. This CVE number has been withdrawn...

Secure Cluster-Based Hierarchical Federated Learning in Vehicular Networks

Hierarchical Federated Learning HFL has recently emerged as a promising solution for intelligent decision-making in vehicular networks, helping to address challenges such as limited communication resources, high vehicle mobility, and data heterogeneity. However, HFL remains vulnerable to...

Modeling Behavioral Preferences of Cyber Adversaries Using Inverse Reinforcement Learning

This paper presents a holistic approach to attacker preference modeling from system-level audit logs using inverse reinforcement learning IRL. Adversary modeling is an important capability in cybersecurity that lets defenders characterize behaviors of potential attackers, which enables attributio...