Lucene search
K

192412 matches found

Malwarebytes
Malwarebytes
added 2026/03/10 10:38 a.m.6 views

Hackers may have breached FBI wiretap network via supply chain

Investigators are worried that a recent attack on a critical FBI system was more than just a random hit, and that another nation-state might have been involved. On February 17, the FBI flagged irregular network activity that led straight to its Digital Collection System Network. That system...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/10 8:10 a.m.4 views

CVE-2026-3822

Taipower APP for Andorid developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the...

8.3CVSS5.9AI score0.00152EPSS
Exploits0References1
hivepro
hivepro
added 2026/03/10 5:11 a.m.3 views

What Is Exposure Management? A Modern Guide

Attackers don't just look for a single high-severity vulnerability; they look for a path of least resistance. They connect the dots between a misconfigured cloud service, an exposed credential, and an unpatched server to reach their goal. To build a strong defense, you need to see your environmen...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/10 2:12 a.m.6 views

CVE-2026-3786

A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument order results in sql injection. The attack can be launched remotely. The exploit...

8.8CVSS6.4AI score0.00276EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/03/10 2:12 a.m.5 views

CVE-2026-3788

A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of th...

8.8CVSS6.2AI score0.0042EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/10 12:35 a.m.0 views

Regular Expression Denial of Service (ReDoS)

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the handling of $regex in the LiveQuery component. An attacker can cause the...

8.2CVSS5.6AI score0.00446EPSS
Exploits0References2
Redos
Redos
added 2026/03/10 12:0 a.m.3 views

ROS-20260310-73-0023

Vulnerability in coredns related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.7CVSS5.8AI score0.00412EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.5 views

CLIOPATRA: Extracting Private Information from LLM Insights

As AI assistants become widely used, privacy-aware platforms like Anthropic's Clio have been introduced to generate insights from real-world AI use. Clio's privacy protections rely on layering multiple heuristic techniques together, including PII redaction, clustering, filtering, and LLM-based...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.2 views

Game-Theoretic Modeling of Stealthy Intrusion Defense against MDP-Based Attackers

The rapid expansion of Internet use has increased system exposure to cyber threats, with advanced persistent threats APTs being especially challenging due to their stealth, prolonged duration, and multi-stage attacks targeting high-value assets. In this study, we model APT evolution as a strategi...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.5 views

Git for Windows 信息泄露漏洞

Git for Windows is Git version for Windows operating systems. Versions of Git for Windows prior to 2.53.02 had a vulnerability related to information leakage. This vulnerability stemmed from the possibility of tricking users into cloning malicious servers, allowing attackers to brute-force their...

7.4CVSS5.8AI score0.00268EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.7 views

PT-2026-24416

Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, Craft Commerce is vulnerable to SQL Injection in the inventory levels table data endpoint. The sort0direction and sort0sortField parameters are concatenated directly into an addOrderBy clause without any validation or...

8.7CVSS6AI score0.00436EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.71 contained a security vulnerability. This vulnerability stemmed from WebML’s integer overflow issue, which could allow remote attackers to exploit heap corruption through specially crafted HTML...

8.8CVSS7.4AI score0.00349EPSS
Exploits0References3
Redos
Redos
added 2026/03/10 12:0 a.m.5 views

ROS-20260310-73-0046

Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.8AI score0.00993EPSS
Exploits0
Redos
Redos
added 2026/03/10 12:0 a.m.6 views

ROS-20260310-73-0044

Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.8AI score0.00993EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.2 views

PT-2026-24873

CVE-2026-3925 Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. C… https://t.co/XnxsUXtXOT...

4.3CVSS5.8AI score0.00149EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

EulerOS 2.0 SP13 : python-virtualenv (EulerOS-SA-2026-1260)

According to the versions of the python-virtualenv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use...

4.5CVSS5.8AI score0.00085EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.14 views

MCP-In-SoS: Risk Assessment Framework for Open-Source MCP Servers

Model Context Protocol MCP servers have rapidly emerged over the past year as a widely adopted way to enable Large Language Model LLM agents to access dynamic, real-world tools. As MCP servers proliferate and become easy to adopt via open-source releases, understanding their security risks become...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

Fortinet FortiAnalyzer Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory. - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0...

6.9CVSS5.9AI score0.00185EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.4 views

PT-2026-24881

🚨 CVE-2026-3934 Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium 🎖@cveNotify...

6.5CVSS5.8AI score0.00187EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.4 views

PT-2026-24328

Name of the Vulnerable Software and Affected Versions Azure MCP Server affected versions not specified Description An authorized attacker can exploit a server-side request forgery SSRF condition in Azure MCP Server to gain elevated privileges on a network. SSRF occurs when an application makes...

9CVSS6AI score0.00959EPSS
Exploits0References30
Rows per page
Query Builder