A Systematic Study of LLM-Based Architectures for Automated Patching

Large language models LLMs have shown promise for automated patching, but their effectiveness depends strongly on how they are integrated into patching systems. While prior work explores prompting strategies and individual agent designs, the field lacks a systematic comparison of patching...

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

New: AI-Powered Patch Reliability Scoring—Predict Patch Impact Before You Deploy

What do advisory USN-7545-1 and Windows updates KB5065426 , KB5063878 , KB5055523 , and KB5066835 have in common? Based on anonymized Qualys telemetry from 2025, they were among the most frequently rolled-back patches , in other words, patches that had to be undone after deployment. Rollbacks...

Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.42 fixes various security issues The following security issues were fixed: CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimer...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 Explotación WinRAR Herramienta avanzada de...

Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.13 fixes various security issues The following security issues were fixed: CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length...

PT-2026-7483

Heads up, folks: Microsoft's February 2026 Patch Tuesday is out, dropping 55 vulnerability fixes across various products. Among these is CVE-2025-59498, which Microsoft has explicitly marked as Critical. This update is significant, addressing a broad spectrum of security issues. While the specifi...

Exposure Management vs Vulnerability Management: Key Differences

Is your security program truly reducing risk, or is it just getting really good at patching? This question is at the heart of the exposure management vs vulnerability management debate. A traditional approach can tell you that a door has a weak lock, but it can't tell you if that door leads to a...

CVE-2026-25503 iccDEV Has Type Confusion in CIccTagEmbeddedHeightImage::Validate()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when loading invalid icImageEncodingType values causin...

AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities

From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates h...

CVE-2025-67264

An OS command injection vulnerability in the com.sprd.engineermode component in Doogee Note59, Note59 Pro, and Note59 Pro+ allows a local attacker to execute arbitrary code and escalate privileges via the EngineerMode ADB shell, due to incomplete patching of CVE-2025-31710...

PT-2026-4683

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper input validation in multiple locations allows for the unauthorized revelation of images across different users. This issue can lead to local escalation ...

PT-2026-4690

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4694

Name of the Vulnerable Software and Affected Versions Settings.java affected versions not specified Description A logic error in the enableSystemPackageLPw function within Settings.java may prevent location access from functioning correctly. This could lead to local escalation of privilege withou...

PT-2026-4710

Name of the Vulnerable Software and Affected Versions GrapheneOS versions prior to 2026030200 Description An integer overflow in multiple functions within ubsan throwing runtime.cpp can lead to a persistent denial of service. This issue allows for remote denial of service without requiring...

AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities

Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. Th...

PT-2026-4525

Name of the Vulnerable Software and Affected Versions Doogee Note59 Doogee Note59 Pro Doogee Note59 Pro+ affected versions not specified Description A flaw exists within the com.sprd.engineermode component that could allow a local attacker to execute arbitrary code and escalate privileges. This i...

CVE-2025-67264

An OS command injection vulnerability in the com.sprd.engineermode component in Doogee Note59, Note59 Pro, and Note59 Pro+ allows a local attacker to execute arbitrary code and escalate privileges via the EngineerMode ADB shell, due to incomplete patching of CVE-2025-31710...

Oracle Database Server (January 2026 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Spatial and Graph OpenJPEG component of Oracle Database Server. Supported versions that are affected are...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21866)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21866 advisory. - In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by...