Cisco Catalyst SD-WAN Manager（Cisco SD-WAN vManage） 安全漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is a security vulnerability present in Cisco Catalyst SD-WAN Manager. This vulnerability stems from the...

Note Mark 加密问题漏洞

Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Versions of Note Mark prior to 0.19.4 contained a security vulnerability related to encryption. This vulnerability stemmed from the JWTSECRET configuration value not having a mandatory minimum length or entropy,...

Medium: xdg-desktop-portal

Issue Overview: Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash. CVE-2026-40354 Affected Packages: xdg-desktop-portal Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

PT-2026-40885

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.5.13. This is due to insufficient role validation in the 'register user' function, which only blocks the 'administrator'...

PT-2026-40902

Comarch ERP Optima client connects to a database using a high privileged account regardless of an application account to which a user logs in. It is possible for a local attacker who controls the client process to dump it's memory, extract credentials and use them to gain a privileged access to t...

PT-2026-40966

A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...

Joern 4.0.539

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

PT-2026-41088

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An integer overflow in the Internationalization component allows a remote attacker to perform an out-of-bounds memory write by inducing the user to visit a crafted HTML page. An...

PT-2026-41014

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server ABAP affected versions not specified Description Improper input handling under certain conditions allows an attacker to inject custom Cascading Style Sheets CSS data into a web page served by the application. T...

PT-2026-41177

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.5.11 Description A blind server side request forgery SSRF exists in the PDF generate function. User inputs are interpreted as HTML and embedded into the PDF. While scripts and certain dangerous tags like iFrame a...

PT-2026-41205

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description The 'checkBasicAuth' endpoint validates credentials in plaintext using direct comparison without rate limiting. This allows attackers to perform unlimited brute-force attempts against the username an...

Toward Securing AI Agents like Operating Systems

Autonomous agents based on large language models LLMs are rapidly emerging as a general-purpose technology, with recent systems such as OpenClaw extending their capabilities through broad tool use, third-party skills, and deeper integration into user environments. At the same time, these agentic...

WARD: Adversarially Robust Defense of Web Agents against Prompt Injections

Web agents can autonomously complete online tasks by interacting with websites, but their exposure to open web environments makes them vulnerable to prompt injection attacks embedded in HTML content or visual interfaces. Existing guard models still suffer from limited generalization to unseen...

Capacitive Touchscreens at Risk: A Practical Side-Channel Attack on Smartphones Via Electromagnetic Emanations

Capacitive touchscreens in modern smartphones introduce severe side-channel vulnerabilities. However, existing attacks often require restrictive conditions or invasive measurements. This paper presents TESLA, a novel, contactless electromagnetic EM side-channel attack that exploits inherent EM...

MetaBackdoor: Exploiting Positional Encoding As a Backdoor Attack Surface in LLMs

Backdoor attacks pose a serious security threat to large language models LLMs, which are increasingly deployed as general-purpose assistants in safety- and privacy-critical applications. Existing LLM backdoors rely primarily on content-based triggers, requiring explicit modification of the input...

Exploiting LLM Agent Supply Chains Via Payload-Less Skills

Autonomous agents powered by Large Language Models LLMs acquire external functionalities through third-party skills available in open marketplaces. Adopting these integrations broadens the potential attack surface, prompting a need for systematic security evaluation. Current auditing mechanisms a...

Hidden in Memory: Sleeper Memory Poisoning in LLM Agents

Large language models are increasingly augmented with persistent memory, allowing assistants to store user-specific information across sessions for personalization and continuity. This statefulness introduces a new security risk: adversarial content can corrupt what an assistant remembers and...

Amazon Linux 2 : opencryptoki, --advisory ALAS2-2026-3283 (ALAS-2026-3283)

The version of opencryptoki installed on the remote host is prior to 3.7.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3283 advisory. openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to...

Linux Distros Unpatched Vulnerability : CVE-2026-8052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad's exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink...

Security Updates for Microsoft Windows Admin Center (May 2026)

The Microsoft Windows Admin Center installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network. CVE-2026-35438 - Improper access...