AnomalyMatch security vulnerability

AnomalyMatch is a semi-supervised image anomaly detection tool open source by the European Space Agency. Versions of AnomalyMatch prior to 1.3.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of torch.load to load model files without proper deserialization...

CVE-2024-46636

NASA Earth Observing System Data and Information System EOSDIS MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter...

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

The Office of Inspector General OIG of the U.S. National Aeronautics and Space Administration NASA has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities,...

CVE-2026-5475

A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...

CVE-2026-5476

CVE-2026-5476 affects NASA cFS up to 7.0.0 on 32-bit. The vulnerability is in CFE_TBL_ValidateCodecLoadSize (cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c) and is caused by an integer overflow. The documented attack complexity is high and exploitability is described as difficult. A fix is plan...

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.4.3, which stems from a lack of capacity checking when the converthexstringtobytearray...

Hacker Claims European Space Agency Breach, Selling 200GB of Data

This article has been updated with a tweet from the agency acknowledging that it is investigating these claims.…...

PT-2025-49399

🚨 How a Grand Finalist Hacked NASA and Netflix: CVE-2023-44957 & CVE-2024-38945 Secrets https://t.co/Vi1BIVREL8 Educational Purposes!...

NASA’s Quiet Supersonic Jet Takes Flight

The X-59 successfully completed its inaugural flight—a step toward developing quieter supersonic jets that could one day fly customers more than twice as fast as commercial airliners...

EUVD-2025-32887

The NASA’s Interplanetary Overlay Network ION is an implementation of Delay/Disruption Tolerant Networking DTN. A BPv7 bundle with a malformed extension block causes uncontrolled memory allocation inside ION-DTN 4.1.3s, leading to receiver thread termination and a Denial-of-Service DoS. The...

NASA CryptoLib 安全漏洞

NASA CryptoLib is a highly optimized cryptographic library from the National Aeronautics and Space Administration NASA designed to provide software developers with a clean and easy-to-use cryptographic toolset. A security vulnerability exists in NASA CryptoLib version 1.4.0 and earlier, which ste...

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2, which stems from a failure to check the return state of the OTAR cryptographic...

CVE-2025-25372

NASA cFS Core Flight System Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module...

GHSA-JF28-V5F6-CVPR NASA AIT-Core vulnerable to remote code execution

An issue in NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via a crafted packet...

NASA AIT-Core 安全漏洞

NASA AIT-Core is a Python-based software suite organized by NASA. A security vulnerability exists in NASA AIT-Core version 2.5.2 that stems from the use of an unencrypted channel to exchange data over a network, which allows an attacker to perform a man-in-the-middle attack...

NASA AIT-Core 安全漏洞

NASA AIT-Core is a Python-based software suite organized by NASA. A security vulnerability exists in NASA AIT-Core version v2.5.2 that originates from allowing an attacker to execute arbitrary commands...

The European Space Agency Launches Hackable Satellite

Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. … Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime. … The satellite can detect and characterise any rog...

Mayday! NASA Warns Employees of Personal Information Breach

Another day, another data breach. This time it's the United States National Aeronautics and Space Administration NASA NASA today confirmed a data breach that may have compromised personal information of some of its current and former employees after at least one of the agency's servers was hacked...

Space Agency - Native code usage, Suspicious files, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Space Agency published at the 'play' market has multiple vulnerabilities...

Team Ghostshell Allegedly Dumps 1.6 M Aerospace, Nanotechnology Records

Hacktivist collective Team Ghostshell is claiming this morning to have spilled 1.6 million accounts from a handful of companies in the aerospace, nanotechnology, banking, law, education and government realm, a hack the group deems Project White Fox. The group claims White Fox is its “final stand”...