Lucene search
K

867 matches found

Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.11 views

Joern 4.0.546

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/05/20 12:15 p.m.9 views

Operationalizing CTEM Faster: Build Surface Command Dashboards in Minutes

Modern attack surfaces don’t sit still. Cloud expansion, SaaS sprawl, identity complexity, and shadow IT are continuously reshaping organizational risk. For security leaders, visibility isn’t the challenge anymore, but actually operationalizing that visibility is. Surface Command was built to uni...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for file systems will collapse the THP for files that are opened in read-only mode and mapped with VMEXEC. The intended use case is to avoid TLB misses f...

5.5CVSS5.8AI score0.0021EPSS
Exploits0References2
HackRead
HackRead
added 2026/05/19 2:0 p.m.14 views

Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM

Torrance, United States / California, 19th May 2026, CyberNewswire...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/19 12:0 a.m.19 views

Joern 4.0.542

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/15 11:0 a.m.17 views

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

In Your Biggest Security Risk Isn't Malware — It's What You Already Trust , we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil, MSBuild — the same trusted utilities your I...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/15 12:0 a.m.12 views

From AI-Generated Content to Agentic Action: Security and Safety Threats in Generative AI

Generative AI systems are increasingly used not only to produce content but also to retrieve data, invoke tools, and execute actions. This work examines the security and safety implications of that shift across content-level, model-level, and agentic threats. We analyze how attacker access...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.15 views

Joern 4.0.539

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/13 7:17 p.m.3 views

UBUNTU-CVE-2026-42579

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding. This creates a bidirectional attack surface: malicious DNS responses can exploit t...

9.1CVSS5.8AI score0.00818EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2026/05/13 1:46 p.m.42 views

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft has unveiled a new multi-model artificial intelligence AI-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for m ulti-mod el a gentic s canning h...

9.8CVSS7.1AI score0.5585EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.13 views

Joern 4.0.538

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2026/05/12 4:54 p.m.10 views

Extending Security to MCP Servers: Closing a Critical Gap

The Model Context Protocol MCP is a de facto standard for providing structured access to privileged systems for AI agents and external integrations. It acts as a USB-C port for AI, enabling faster innovation by allowing organizations to expose tools, resources, and workflows without the...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.14 views

Joern 4.0.537

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/08 2:21 a.m.9 views

SUSE CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.8 views

Joern 4.0.536

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.14 views

PT-2026-38624

Name of the Vulnerable Software and Affected Versions Microsoft APM versions prior to 0.8.12 Description Microsoft APM normalizes marketplace plugins by copying components referenced in plugin.json into the .apm/ directory. The implementation fails to verify that the paths specified in the agents...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References6
OSV
OSV
added 2026/05/06 8:53 p.m.3 views

GHSA-PGGP-6C3X-2XMX Snappier has an infinite loop during SnappyStream decompression with malformed framed input

Summary Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. Details The hang manifests as a userspace busy loop with SnappyStreamDecompressor.Decompress repeatedly calling Crc32CAlgorithm.Append. The exact...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References3
Wiz blog
Wiz blog
added 2026/05/06 3:10 p.m.7 views

The Jenkins Threat Landscape

What usage patterns, plugin adoption, and configuration choices reveal about the Jenkins attack surface...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

runZero Platform 安全漏洞

runZero Platform is an asset discovery and attack surface management platform developed by the US company runZero. Versions of runZero Platform prior to v4.0.260416.0 contained security vulnerabilities. These vulnerabilities were due to improper permission management, which could allow dashboard...

5CVSS5.8AI score0.00168EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.4 views

Firmware Distribution As Attack Surface: A Security Study of ASIC Cryptocurrency Miners

ASIC cryptocurrency miners are a core component of blockchain infrastructures, directly converting computation and energy into monetary value. Despite their economic im- portance, their security is rarely evaluated in a structured manner. In this paper, we show that the firmware distribution...

5.8AI score
Exploits0
Rows per page
Query Builder