Lucene search
K

3094 matches found

NVD
NVD
added yesterday4 views

CVE-2026-56149

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41072

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-56149 Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS
Exploits0References1
CVE
CVE
added yesterday25 views

CVE-2026-56149

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday19 views

CVE-2026-56149

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS5.8AI score
Exploits0References2Affected Software1
NVD
NVD
added last week7 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS0.0013EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week4 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS5.8AI score0.0013EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52603

Name of the Vulnerable Software and Affected Versions ML-KEM affected versions not specified Description An issue exists in the ARM64 NEON ciphertext comparison where only half of the input is compared. This failure breaks the implicit rejection of the Fujisaki-Okamoto transform—a method used to...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2026/06/09 3:33 a.m.61 views

SQL-Injection-Detection-System

SQL Injection Detection System A comprehensive full-stack web...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.12 views

Hiding the Trees in the Forest: Building Network Covert Channels with Hash-Based Covert Carrier Filtering

As an effective anti-censorship mechanism, network covert channels can provide data privacy protection and ensure communication security. However, the covertness of existing network covert channels primarily depends on the secrecy of their covert algorithms. With the increasing depth of research ...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.6 views

Evaluating and Combating the Impact of Concept Drift on the Performance of Machine Learning-Based Phishing Detection Systems

The expansion of the digital domain has resulted in a substantial increase in digital communication, with email emerging as one of the most prominent channels. The proliferation of email communication is apparent in both professional and personal contexts, thereby creating numerous vulnerabilitie...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.10 views

The Chronicles of Radio Frequency Fingerprinting

Radio Frequency Fingerprinting RFF has evolved from an early idea for radar emitter identification into a broad research field for wireless device identification and spectrum monitoring for security. Rather than presenting a conventional literature survey, this work provides a critical historical...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/05 11:20 a.m.18 views

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.7 views

The Sound of Malware: A Memory Forensics Approach for Android Malware Analysis Via Audio Signals

Android malware analysis is currently facing increasing challenges in achieving robust classification and detecting stealth attacks. Modern threats employ advanced evasion strategies such as code obfuscation, dynamic loading, packing, and even steganographic manipulation of traditional static and...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.7 views

FDM: A Framework for Decision-Making to Build ML-Based Malware Detection Systems

Selecting appropriate machine learning ML configurations for malware detection is a complex, multi-criteria problem. Model choice, feature engineering, and update mechanisms must jointly satisfy operational constraints that vary across deployment contexts. This paper proposes the Framework for...

5.4AI score
Exploits0
CVE
CVE
added 2026/06/04 11:4 p.m.18 views

CVE-2026-11033

CVE-2026-11033 affects Google Chrome on macOS due to an uninitialized use in WebML. The issue allows a remote attacker to potentially read sensitive data from process memory via a crafted HTML page. Affected software is Chrome on Mac, with the vulnerability described as occurring before Chrome ve...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.11 views

Cognitive Threat Intelligence and Explainable Federated Security Analytics for Distributed Infrastructure Systems

The increasing adoption of distributed infrastructure systems, cloud computing, Internet of Things IoT technologies, and edge-based architectures has significantly expanded the cybersecurity attack surface and introduced increasingly sophisticated cyber threats. Conventional centralized intrusion...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.13 views

Explainable AI-Driven Cyber Risk Analytics and Model Reliability Assessment for Intelligent Governance of U.S. Critical Infrastructure: An XGBoost and SHAP-Based Intrusion Detection Framework

The increasing penetrations of the critical infrastructure sector in the United States with intelligent digital technologies have greatly increased exposure to advanced cyber adversaries and operational vulnerabilities. AI-powered governance and automated decision-making systems are becoming a ke...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.15 views

TinyML-Driven Cybersecurity for Autonomous Spacecraft: Latency-Accuracy Analysis for SPARTA RF and Cyber Threat Detection

Autonomous spacecraft require rapid, lightweight, and reliable onboard detection of cyber-RF threats. Using the SPARTA attack model, we analyze the latency-accuracy trade-offs of TinyML-compatible classical models -- Random Forest, Logistic Regression, SVM, and MLP -- for detecting uplink jamming...

5.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/06/03 11:4 a.m.11 views

AI Used to Decrypt Medieval Ciphers

Researchers are using machine learning algorithms to decrypt historical pencil-and-paper ciphers...

5.8AI score
Exploits0
Rows per page
Query Builder