CVE-2026-32981 Ray Dashboard <= 2.8.0 Path Traversal Leading to Local File Disclosure

A path traversal vulnerability was identified in Ray Dashboard default port 8265 in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traversal sequences e.g., ../ to access files outside the...

CVE-2026-32981

Ray Dashboard on port 8265 has a path traversal flaw in versions prior to 2.8.1 due to improper validation/sanitization of user-supplied paths in the static file handling, allowing access to files outside the static directory and causing local file disclosure. Reported with high severity (CVSS 3....

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

Ray 路径遍历漏洞

Ray is an open-source framework developed by ray-project, designed to extend AI and Python applications. Versions of Ray prior to 2.8.1 contained a path traversal vulnerability. This vulnerability stemmed from improper validation and cleaning of paths provided by users during the static file...

PT-2026-25933

A path traversal vulnerability was identified in Ray Dashboard default port 8265 in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traversal sequences e.g., ../ to access files outside the...

EUVD-2026-12160

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-3559

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

Philips Hue Bridge 安全漏洞

The Philips Hue Bridge is a smart lighting gateway device developed by the Japanese company Philips Hue. There is a security vulnerability in the Philips Hue Bridge, which stems from the use of static random numbers in the SRP authentication mechanism, potentially allowing authentication bypass...

Hybrid-Vulnerability-Analyzer

🛡️ Hybrid AI Vulnerability Analyzer & PoC/Exploit Generator A...

Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence

YARA has established itself as the de facto standard for "Detection as Code," enabling analysts and DevSecOps practitioners to define signatures for malware identification across the software supply chain. Despite its pervasive use, the open-source YARA ecosystem remains characterized by ad-hoc...

CVE-2026-3559 Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-3559

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-3559 Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability

Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-3559

Philips Hue Bridge is affected by a vulnerability in the HomeKit Accessory Protocol SRP authentication, due to a static nonce value that allows authentication bypass. The issue occurs in the SRP configuration used by the service listening on TCP port 8080 by default. Evidence from multiple source...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the resolveURI function while performing directory validation when the configuration value livy.file.local-dir-whitelist is set to a non-default value. An attacker can gain unauthorized access to arbitrary...

deep-code-security

deep-code-security Multi-language Static Application Security...

Ransomware and Artificial Intelligence: A Comprehensive Systematic Review of Reviews

This study provides a comprehensive synthesis of Artificial Intelligence AI, especially Machine Learning ML and Deep Learning DL, in ransomware defense. Using a "review of reviews" methodology based on PRISMA, this paper gathers insights on how AI is transforming ransomware detection, prevention,...

SentinelX

SentinelX SentinelX — статический анализатор безопасности...