Lucene search
K

1106 matches found

Vulnrichment
Vulnrichment
added 2026/04/22 4:8 p.m.7 views

CVE-2026-35366 uutils coreutils printenv Security Inspection Bypass via UTF-8 Enforcement

The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in environment strings, the uutils implementation silently skips these entries rather than printing the raw bytes. This vulnerability allows...

4.4CVSS5.9AI score0.0017EPSS
Exploits1References3
CVE
CVE
added 2026/04/22 4:8 p.m.17 views

CVE-2026-35366

The CVE-2026-35366 entry concerns the printenv utility in uutils coreutils. Affected component: printenv reads environment strings and, when variables contain invalid UTF-8 byte sequences, uutils’ implementation silently skips printing them instead of showing the raw bytes. This can allow malicio...

4.4CVSS5.9AI score0.0017EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

uutils coreutils 代码问题漏洞

uutils coreutils is a cross-platform core command-line tool set developed by Uutils. There is a code vulnerability in uutils coreutils, which arises from the inability of printenv to display environment variables that contain invalid UTF-8 byte sequences. This could allow malicious environment...

4.4CVSS5.9AI score0.0017EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.11 views

Fudo Enterprise 安全漏洞

Fudo Enterprise is a security control platform for privileged access management and session auditing developed by the Polish company Fudo. Versions of Fudo Enterprise 5.6.2 and earlier contained security vulnerabilities. These vulnerabilities were due to inadequate protection of API endpoints,...

6.5CVSS5.8AI score0.00257EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/04/20 12:0 a.m.124 views

📄 WordPress Kali Forms 2.4.9 Remote Code Execution

WordPress Kali Forms plugin version 2.4.9 suffers from a remote code execution vulnerability. ================================================================================================================================== | Title : WordPress Kali Forms 2.4.9 Remote Code Execution Assessment | ...

9.8CVSS6.5AI score0.07239EPSS
Exploits2
Fedora
Fedora
added 2026/04/03 5:4 p.m.7 views

[SECURITY] Fedora 42 Update: openbao-2.5.2-1.fc42

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

9.6CVSS6.4AI score0.00411EPSS
Exploits0
Fedora
Fedora
added 2026/04/03 12:52 a.m.6 views

[SECURITY] Fedora 43 Update: openbao-2.5.2-1.fc43

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

9.6CVSS6.3AI score0.00411EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.5 views

Why Aggregate Accuracy Is Inadequate for Evaluating Fairness in Law Enforcement Facial Recognition Systems

Facial recognition systems are increasingly deployed in law enforcement and security contexts, where algorithmic decisions can carry significant societal consequences. Despite high reported accuracy, growing evidence demonstrates that such systems often exhibit uneven performance across demograph...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/20 12:0 a.m.5 views

Fluxion 6.28

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with hopefully fewer bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering phishing attack. It's compatible wi...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2025-208737

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes...

5.8CVSS5.8AI score0.00141EPSS
Exploits0References2
NVD
NVD
added 2026/03/16 3:16 p.m.3 views

CVE-2025-52644

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes...

8.2CVSS0.00141EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 2:29 p.m.3 views

CVE-2025-52644

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes...

5.8CVSS5.8AI score0.00141EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 2:29 p.m.1 views

CVE-2025-52644 HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged.

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes...

5.8CVSS5.8AI score0.00141EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/16 2:29 p.m.25 views

CVE-2025-52644 HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged.

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes...

5.8CVSS0.00141EPSS
Exploits0References1
CVE
CVE
added 2026/03/16 2:29 p.m.17 views

CVE-2025-52644

Technical details about CVE-2025-52644 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.

8.2CVSS5.8AI score0.00141EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.7 views

PT-2026-25749

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes...

5.8CVSS5.8AI score0.00141EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.3 views

AEGIS: No Tool Call Left Unchecked -- a Pre-Execution Firewall and Audit Layer for AI Agents

AI agents increasingly act through external tools: they query databases, execute shell commands, read and write files, and send network requests. Yet in most current agent stacks, model-generated tool calls are handed to the execution layer with no framework-agnostic control point in between...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/10 4:21 p.m.8 views

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Artificial Intelligence AI is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new "back door" f...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.7 views

CLIOPATRA: Extracting Private Information from LLM Insights

As AI assistants become widely used, privacy-aware platforms like Anthropic's Clio have been introduced to generate insights from real-world AI use. Clio's privacy protections rely on layering multiple heuristic techniques together, including PII redaction, clustering, filtering, and LLM-based...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.3 views

ESAA-Security: An Event-Sourced, Verifiable Architecture for Agent-Assisted Security Audits of AI-Generated Code

AI-assisted software generation has increased development speed, but it has also amplified a persistent engineering problem: systems that are functionally correct may still be structurally insecure. In practice, prompt-based security review with large language models often suffers from uneven...

5.9AI score
Exploits0
Rows per page
Query Builder