[SECURITY] Fedora 43 Update: perl-Starman-0.4018-1.fc43

Starman is a PSGI perl web server that has unique features such as high performance, preforking, use of signals and a small memory footprint. It is P SGI compatible and offers HTTP/1.1 support...

[SECURITY] Fedora 44 Update: perl-Starman-0.4018-1.fc44

Starman is a PSGI perl web server that has unique features such as high performance, preforking, use of signals and a small memory footprint. It is P SGI compatible and offers HTTP/1.1 support...

GHSA-375F-4R2H-F99J Bandit trusts client-supplied URI scheme on plaintext connections

Summary Bandit reflects the client-supplied URI scheme into conn.scheme without verifying the actual transport. Over a plaintext HTTP/1.1 connection or h2c, an unauthenticated attacker can send an absolute-form request target like GET https://victim/path HTTP/1.1 and the application observes...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: OpenRISC: Traps – Do not send signals to kernel mode threads OpenRISC’s exception handling sends signals to user processes during floating-point exceptions and trap instructions for debugging purposes. There is a bug where the tr...

Astra Linux – Vulnerability in glib2.0

A issue was discovered in GNOME GLib before version 2.78.5, and also in versions 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus...

Astra Linux – Vulnerability in PostgresSQL 11

A vulnerability was discovered in PostgreSQL 12.2, allowing attackers to cause a denial of service by repeatedly sending SIGHUP signals. NOTE: This claim is disputed by the vendor, as untrusted users are unable to send SIGHUP signals; such signals can only be sent by a PostgreSQL superuser, a use...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of fatal signals during fuse synchronization initialization. This vulnerability...

Large Language Models As Explainable Cyberattack Detectors for Energy Industrial Control Systems

In modern energy systems, industrial control systems ICS and power-system SCADA require intrusion detection that is not only accurate but also auditable by operators. The ICS intrusion-detection landscape is currently dominated by established supervised detectors. In this paper, we study whether ...

Juniper Junos OS Multiple Vulnerabilities (JSA92873)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA92873 advisory. - A race condition in sshd affecting versions between 8.5p1 and 9.7p1 inclusive may allow arbitrary code execution with root privileges. Successful exploitation has...

[SECURITY] Fedora 44 Update: qt6-qtserialport-6.10.3-1.fc44

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

[SECURITY] Fedora 44 Update: qt6-qtspeech-6.10.3-1.fc44

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the cmpxchg serialization to access so-tx.buf. This vulnerability may lead to the...

Threat Detection and Resilience Techniques in PRS-Assisted OTDOA 5G Positioning Systems

Precise positioning is a key enabler for emerging 5G applications, from autonomous transport to industrial automation. Yet the open physical layer PL leaves standard positioning reference signals PRSs vulnerable to manipulation. This work addresses the security of downlink observed time differenc...

Anatomy of an Autonomous AI Agent Risk: How Qualys ETM Connects the Dots on OpenClaw

Executive Summary An unauthorized OpenClaw AI agent was detected disguised as a routine package on a Windows Server host. The situation escalated into a priority incident when Qualys ETM analyzed and correlated four distinct signals. While none of these signals alone warranted urgent action, the...

DeepGuard Secure Code Generation

Large Language Models LLMs for code generation can replicate insecure patterns from their training data. To mitigate this, a common strategy for security hardening is to fine-tune models using supervision derived from the final transformer layer. However, this design may suffer from a final-layer...

GHSA-QQFJ-4VCM-26HV Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64

On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages...

Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64

On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages...

CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift

Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...

MAL-2026-2520 Malicious code in @signals-notebook/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6385e6085b941d851ce17c44dac94bb93521dad91d75b4d284a3dc8f9d367c2e The package @signals-notebook/utils was found to contain malicious code. Source: ossf-package-analysis...

PT-2026-31658

Tmds.DBus and Tmds.DBus.Protocol are vulnerable to malicious D-Bus peers. A peer on the same bus can spoof signals by impersonating the owner of a well-known name, exhaust system resources or cause file descriptor spillover by sending messages with an excessive number of Unix file descriptors, an...