Lucene search
K

394 matches found

EUVD
EUVD
added 2026/07/02 2:2 p.m.8 views

EUVD-2026-41374

In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System ADS may send specially crafted requests that could result in unauthorized access to application data and its...

8.7CVSS5.8AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 2:2 p.m.38 views

CVE-2026-9272 Possibility of unintended database operations when querying data related to detected anomalies in Progress Flowmon ADS

In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System ADS may send specially crafted requests that could result in unauthorized access to application data and its...

8.7CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:2 p.m.20 views

CVE-2026-9272

CVE-2026-9272 affects Progress Flowmon ADS prior to 12.5.6 and 13.0.5. An adversary authenticated as a low-privileged ADS user can send specially crafted requests that lead to unauthorized access to and modification of application data. The CVE’s metrics indicate HIGH impact on confidentiality, i...

8.7CVSS5.8AI score0.00247EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.16 views

PT-2026-55260

Name of the Vulnerable Software and Affected Versions Flowmon ADS versions prior to 12.5.6 Flowmon ADS versions prior to 13.0.5 Description An authenticated low-privileged user in the Anomaly Detection System ADS can send specially crafted requests to gain unauthorized access to application data...

8.7CVSS5.9AI score0.00247EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/18 1:7 p.m.7 views

ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers

Summary A flaw in the user lifecycle enforcement allowed deleted users to retain their original organization/tenant association. Recreating a deleted user under a distinct organization can cause the new user instance to be incorrectly provisioned within the original organization if the previous I...

2.3CVSS5.5AI score0.00286EPSS
Exploits0References4Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.19 views

DNGBehaviorAnalyzer Telemetry-Based DNG/TIFF Metadata Parser and Anomaly Detection

This Python script provides a telemetry-driven analysis framework for inspecting Digital Negative DNG files through low-level TIFF metadata parsing and runtime event logging. The tool reads and validates TIFF headers, traverses Image File Directory IFD entries, and records parser activity using...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.33 views

DNGInspector Structural Analyzer for DNG/TIFF Metadata and IFD Anomaly Detection

This Python script implements a static inspection tool for Digital Negative DNG files by parsing the TIFF-based header and analyzing Image File Directory IFD entries for structural anomalies. The tool validates basic header fields, traverses IFD records, and flags suspicious metadata patterns suc...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.10 views

SwarmSense-DNN: A Trustworthy and Decentralized Neural Framework for Proactive Anomaly Defense in Consumer IoT

The rapid growth of consumer IoT devices has introduced unprecedented challenges in trustworthy anomaly detection against AI-enabled cyber threats, requiring real-time, privacy-preserving, and scalable defense mechanisms. Traditional centralized strategies face critical limitations, including...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/06 12:0 a.m.28 views

An AI Security Agent for University ACMIS: Multi-Vector Threat Detection and Automated Response

University Academic Management Information Systems ACMIS are high-value targets for a wide spectrum of security threats including brute-force login attacks, payment fraud, privilege escalation, insider data theft, and academic integrity violations. Traditional rule-based intrusion detection syste...

5.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-38950

An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load with unrestricted deserialization...

7.8CVSS6AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-5943

Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...

7.8CVSS7.2AI score0.00181EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.10 views

NLLog: Lightweight, Explainable SOC Anomaly Detection Via Log-To-Language Rewriting

System-generated logs underpin security monitoring, yet their rigid template-based format hinders both automated analysis and human comprehension. We present NLLog Natural-Language Log, a lightweight pipeline that deterministically rewrites parsed templates into WHO-WHAT-SEVERITY sentences, pools...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.10 views

CLIF: Cross-Layer LEO-ISL Fingerprinting for Physical and Network Attack Detection in Dense LEO Constellations

Low-Earth Orbit LEO mega-constellations such as Starlink by SpaceX and Kuiper by Amazon rely on optical Inter-Satellite Links ISLs for autonomous mesh routing to provide low-latency telecommunication, Internet of Things IoT, and security services globally. As commercial operators and governments...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

AnomalyMatch 安全漏洞

AnomalyMatch is a semi-supervised image anomaly detection tool open source by the European Space Agency. Versions of AnomalyMatch prior to 1.3.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of torch.load to load model files without proper deserialization...

7.8CVSS6AI score0.00144EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.14 views

SECUREVENT: Hybrid AI/ML Security Monitoring for Distributed Event-Based Systems

Distributed event-based systems have become a common substrate for Internet-scale publish/subscribe services, IoT telemetry, cloud-native microservices, and security operations pipelines. Their loose coupling and asynchronous delivery improve scalability, but they also expand the attack surface:...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/01 12:0 a.m.2 views

CVE-2026-38950

An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load with unrestricted deserialization...

7.8CVSS6.3AI score0.00144EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.32 views

FALCON-C: Flow-Based Analysis and Labeling for Connected Vehicular Network Cybersecurity

Along with the recent rise in popularity of Electric Vehicles EVs, Electric Vehicle Supply Equipment EVSE has emerged as a new target for cyber attacks. Therefore, ensuring the security and integrity of network communication between EVSE components and vehicular clients is a significant challenge...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/20 6:46 a.m.9 views

CVE-2026-6405

The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS in versions up to and including 0.3.6. This is due to missing nonce verification on the settings page handler and insufficient output...

4.3CVSS6AI score0.00168EPSS
Exploits0References8
Patchstack
Patchstack
added 2026/05/19 5:36 p.m.10 views

WordPress Anomify AI – Anomaly Detection and Alerting plugin <= 0.3.6 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Anomify AI – Anomaly Detection and Alerting versions = 0.3.6...

4.3CVSS5.8AI score0.00168EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/19 12:5 p.m.10 views

WordPress Anomify AI – Anomaly Detection and Alerting plugin <= 0.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Anomify AI – Anomaly Detection and Alerting versions = 0.3.6...

4.4CVSS5.8AI score0.00239EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder