Lucene search
+L

740 matches found

OSV
OSV
added 2026/03/24 7:23 p.m.3 views

GHSA-HQJR-43R5-9Q58 MobSF has SQL Injection in its SQLite Database Viewer Utils

Description MobSF's readsqlite function in mobsf/MobSF/utils.py lines 542-566 uses Python string formatting % to construct SQL queries with table names read from a SQLite database's sqlitemaster table. When a security analyst uses MobSF to analyze a malicious mobile application containing a craft...

5.3CVSS6.2AI score0.00276EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.43 views

The Attack and Defense Landscape of Agentic AI: A Comprehensive Survey

AI agents that combine large language models with non-AI system components are rapidly emerging in real-world applications, offering unprecedented automation and flexibility. However, this unprecedented flexibility introduces complex security challenges fundamentally different from those in...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/08 12:0 a.m.5 views

Post-Quantum Federated Learning: Secure and Scalable Threat Intelligence for Collaborative Cyber Defense

Collaborative threat intelligence via federated learning FL faces critical risks from quantum computing, which can compromise classical encryption methods. This study proposes a quantum-secure FL framework using post-quantum cryptography PQC to protect cross-organizational data sharing. We expose...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/03 12:0 a.m.4 views

STARDIS: Strategic Scheduling and Deceptive Signaling for Satellite Intrusion Detection System Deployment

Satellite communication networks operate under stringent computational constraints and are susceptible to sophisticated cyberattacks. This paper introduces a novel defense framework that decouples security optimization into ground-based analysis and onboard real-time execution. In the long-term...

6AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2026/02/14 12:0 a.m.12 views

VulnCheck KEV: CVE-2021-39152

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. ...

8.5CVSS7.4AI score0.11377EPSS
In wildExploits2References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.10 views

Apache Shiro 安全漏洞

Apache Shiro is a Java security framework developed by the Apache Foundation in the United States. It is used for authentication, authorization, encryption, and session management. Versions of Apache Shiro such as 1. and 2.0.7 had security vulnerabilities. These vulnerabilities were due to observ...

2.5CVSS7.2AI score0.00219EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/02/02 12:0 a.m.11 views

Co-RedTeam: Orchestrated Security Discovery and Exploitation with LLM Agents

Large language models LLMs have shown promise in assisting cybersecurity tasks, yet existing approaches struggle with automatic vulnerability discovery and exploitation due to limited interaction, weak execution grounding, and a lack of experience reuse. We propose Co-RedTeam, a security-aware...

5.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.10 views

PT-2026-4843

Name of the Vulnerable Software and Affected Versions MobSF versions prior to 4.4.5 Description MobSF is a mobile application security testing tool. A Stored Cross-site Scripting XSS vulnerability exists in MobSF’s Android manifest analysis. This allows an attacker to execute arbitrary JavaScript...

8.1CVSS6.2AI score0.0031EPSS
Exploits1References17
Packet Storm News
Packet Storm News
added 2026/01/25 12:0 a.m.7 views

Mitigating the OWASP Top 10 for Large Language Models Applications Using Intelligent Agents

Large Language Models LLMs have emerged as a transformative and disruptive technology, enabling a wide range of applications in natural language processing, machine translation, and beyond. However, this widespread integration of LLMs also raised several security concerns highlighted by the Open...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/08 12:0 a.m.6 views

Unified Framework for Qualifying Security Boundary of PUFs against Machine Learning Attacks

Physical Unclonable Functions PUFs serve as lightweight, hardware-intrinsic entropy sources widely deployed in IoT security applications. However, delay-based PUFs are vulnerable to Machine Learning Attacks MLAs, undermining their assumed unclonability. There are no valid metrics for evaluating P...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/08 12:0 a.m.5 views

Multi-Turn Jailbreaking Attack in Multi-Modal Large Language Models

In recent years, the security vulnerabilities of Multi-modal Large Language Models MLLMs have become a serious concern in the Generative Artificial Intelligence GenAI research. These highly intelligent models, capable of performing multi-modal tasks with high accuracy, are also severely susceptib...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.6 views

Multi-Agent Framework for Threat Mitigation and Resilience in AI-Based Systems

Machine learning ML underpins foundation models in finance, healthcare, and critical infrastructure, making them targets for data poisoning, model extraction, prompt injection, automated jailbreaking, and preference-guided black-box attacks that exploit model comparisons. Larger models can be mor...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/19 12:0 a.m.13 views

Securing Agentic AI Systems -- a Multilayer Security Framework

Securing Agentic Artificial Intelligence AI systems requires addressing the complex cyber risks introduced by autonomous, decision-making, and adaptive behaviors. Agentic AI systems are increasingly deployed across industries, organizations, and critical sectors such as cybersecurity, finance, an...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/11 11:30 a.m.10 views

The Impact of Robotic Process Automation (RPA) on Identity and Access Management

As enterprises refine their strategies for handling Non-Human Identities NHIs, Robotic Process Automation RPA has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/09 12:0 a.m.9 views

Exposing Vulnerabilities in Counterfeit Prevention Systems Utilizing Physically Unclonable Surface Features

Counterfeit products pose significant risks to public health and safety through infiltrating untrusted supply chains. Among numerous anti-counterfeiting techniques, leveraging inherent, unclonable microscopic irregularities of paper surfaces is an accurate and cost-effective solution. Prior work ...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/05 12:0 a.m.7 views

LLM Causality Analysis Framework

A comprehensive framework for multi-level causality analysis in Large Language Models LLMs, enabling systematic investigation of safety mechanisms and misbehavior detection across token, neuron, layer, and representation levels. Includes the whitepaper 2512.04841.pdf titled SoK: A Comprehensive...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/04 11:54 p.m.149 views

wp_exploitation_framework

🚀 WordPress PWN Framework v5.0 - AI-Powered Edition !Python...

7AI score
Exploits0
OSV
OSV
added 2025/12/03 2:35 p.m.5 views

BIT-ACTIVEMQ-2021-21348 XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup...

7.8CVSS6.9AI score0.13832EPSS
Exploits0References16
OSV
OSV
added 2025/12/03 2:35 p.m.7 views

BIT-ACTIVEMQ-2021-21347 XStream is vulnerable to an Arbitrary Code Execution attack

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS7.7AI score0.14301EPSS
Exploits1References16
OSV
OSV
added 2025/12/03 2:35 p.m.7 views

BIT-ACTIVEMQ-2021-21346 XStream is vulnerable to an Arbitrary Code Execution attack

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who follow...

9.8CVSS8.2AI score0.76367EPSS
Exploits1References16
Rows per page
Query Builder