EUVD-2025-209083

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263

Technical details (affected components, versions, exploit methods, or remediation) are not publicly provided in the supplied documents. Monitor for updates as information may be added later.

CVE-2025-55263 HCL Aftermarket DPC is affected by Hardcoded Sensitive Data

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263 HCL Aftermarket DPC is affected by Hardcoded Sensitive Data

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

CVE-2025-55263

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets...

TOR Virtual Network Tunneling Tool 0.4.9.6

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

PT-2026-28288

Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description The software contains hardcoded sensitive data, potentially allowing an attacker to gain access to the source code. If the source code is stored in insecure repositories, the...

CVE-2026-4743 Null-Pointer Dereference Vulnerability in taurusxin/ncmdump

NULL Pointer Dereference vulnerability in taurusxin ncmdump ‎src/utils‎ modules. This vulnerability is associated with program files cJSON.Cpp‎. This issue affects ncmdump: before 1.4.0...

Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach

LAPSUS$ claims it breached AstraZeneca, offering alleged source code, credentials, cloud configs, and employee data for sale in leaked samples...

Wazuh 4.14.4

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

EUVD-2016-10813

ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive information including...

PT-2026-25834

Name of the Vulnerable Software and Affected Versions ChargePoint Home Flex affected versions not specified Description The ChargePoint Home Flex software contains an information disclosure issue. Sensitive information was included in the source code. The issue was discovered by Sina Kheirkhah of...

binary-exploitation

binary-exploitation A collection of binary exploitation...

CVE-2026-3957

A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...

Coverage-Guided Multi-Agent Harness Generation for Java Library Fuzzing

Coverage-guided fuzzing has proven effective for software testing, but targeting library code requires specialized fuzz harnesses that translate fuzzer-generated inputs into valid API invocations. Manual harness creation is time-consuming and requires deep understanding of API semantics,...

Security Bulletin: Source Code Exposure Vulnerability in webpack-dev-server (Fixed in Version 5.2.1) affects watsonx.data

Summary webpack-dev-server versions prior to 5.2.1 are vulnerable to source code exposure when users visit a malicious website. Due to classic script requests not being restricted by the same-origin policy, an attacker who knows the dev server port and entry script path can inject a script, acces...

CVE-2025-15598

A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The attack can be...

ZeroDayBench: Evaluating LLM Agents on Unseen Zero-Day Vulnerabilities for Cyberdefense

Large language models LLMs are increasingly being deployed as software engineering agents that autonomously contribute to repositories. A major benefit these agents present is their ability to find and patch security vulnerabilities in the codebases they oversee. To estimate the capability of...

AWE: Adaptive Agents for Dynamic Web Penetration Testing

Modern web applications are increasingly produced through AI-assisted development and rapid no-code deployment pipelines, widening the gap between accelerating software velocity and the limited adaptability of existing security tooling. Pattern-driven scanners fail to reason about novel contexts,...