Lucene search
K

2238 matches found

Snyk
Snyk
added 2026/06/09 6:32 p.m.10 views

Covert Channel

Overview Affected versions of this package are vulnerable to Covert Channel information exposure from CMSdecrypt and PKCS7decrypt. An attacker who can supply CMS or S/MIME messages and observe the application's error code and/or decryption output can use the victim's process as an adaptive chosen...

6.3CVSS6.7AI score0.0035EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.10 views

Now You (Still) See Me: Detecting Evasive Steganographic Payloads in LLMs

Large language models can be fine-tuned to encode prompt-borne secrets into fluent, seemingly benign outputs. This creates a steganographic exfiltration risk that is difficult to detect with output-level steganalysis. Recent work proposes mechanistic detection using linear probes that recover the...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.11 views

CVE-2025-9973

Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...

7.2CVSS5.7AI score0.00366EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/04 12:27 p.m.8 views

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

7.5CVSS5.9AI score0.00504EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/04 11:58 a.m.13 views

CVE-2026-44353

A flaw was found in Streamlink. Its HLS HTTP Live Streaming and DASH Dynamic Adaptive Streaming over HTTP parsers do not properly validate the URI Uniform Resource Identifier scheme of segment entries. A remote attacker could craft a malicious HLS playlist or DASH manifest to include local file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.9 views

Patcher: Post-Hoc Patching of Backdoored Large Language Models

Large language models remain vulnerable to jailbreak backdoor attacks, where adversaries poison safety alignment data to embed hidden triggers that bypass safety mechanisms. Existing defenses often require comprehensive attack information or multiple triggered examples, making them impractical wh...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.11 views

MaskForge: Structure-Aware Adaptive Attacks for Jailbreaking Diffusion Large Language Models

Diffusion large language models dLLMs generate text by iteratively denoising partially masked sequences under bidirectional context, exposing a safety surface distinct from autoregressive LLMs. Because mask tokens are native inputs and tokens are committed by confidence rather than position,...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.37 views

The Surface You Test Is Not the Surface That Breaks

Tool-augmented LLM agents are vulnerable to prompt injection: a third party who controls part of the agent's context can plant instructions that the agent then executes as if they came from the user. Current evaluations report a single attack success rate per model on one channel, the tool output...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/27 5:16 p.m.18 views

CVE-2026-44353

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS0.00345EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/27 3:33 p.m.12 views

EUVD-2026-32254

In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...

5.7AI score0.00126EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/27 3:10 p.m.19 views

EUVD-2026-32559

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:10 p.m.14 views

CVE-2026-44353

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.12 views

freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks

An out of bounds read flaw has been discovered in FreeRDP. This out-of-bounds read exists in the MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. An attacker may be able to leverage this weakness to leak global data...

9.4CVSS5.7AI score0.00263EPSS
Exploits1References6
Packet Storm News
Packet Storm News
added 2026/05/23 12:0 a.m.15 views

AI-Driven Adaptive Adversaries and the Erosion of Cryptographic Trust in Public Key Systems

This paper examines the erosion of Public Key Cryptography PKC security under adaptive adversarial optimisation driven by artificial intelligence. The problem addressed is the growing mismatch between algorithm-centric cryptographic security models and operational attack realities, where...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/23 12:0 a.m.57 views

Reasoning As an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs

Large Reasoning Models LRMs have demonstrated remarkable capabilities in reasoning and generation tasks and are increasingly deployed in real-world applications. However, their explicit chain-of-thought CoT mechanism introduces new security risks, making them particularly vulnerable to jailbreak...

5.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2026/05/21 1:0 p.m.9 views

Secure Identity at the Edge: Akamai Partners with Auth0

The Akamai and Auth0 partnership secures identity at the edge by combining edge intelligence and adaptive authentication to stop fraud and enhance user trust...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/20 7:46 p.m.10 views

freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0

A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...

7.5CVSS5.7AI score0.00303EPSS
Exploits1References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS operations are canceled using the cancelworksync function. This function waits for the operation to finish if it ha...

5.5CVSS6.3AI score0.00175EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86/pmu: Disabled support for adaptive PEBS. Support for virtualizing adaptive PEBS has been discontinued. This is because KVM’s implementation is architecturally broken without an obvious or easy way to address this issu...

3.3CVSS6.1AI score0.00221EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/16 10:6 p.m.115 views

Exploit for Classic Buffer Overflow in Cisco Adaptive_Security_Appliance_Software

CVE-2025-20333 Scanner A Python-based diagnostic scanner for...

9.9CVSS8AI score0.40391EPSS
Exploits1
Rows per page
Query Builder