Lucene search
K

469 matches found

Vulnrichment
Vulnrichment
added 2026/06/22 9:9 p.m.4 views

CVE-2026-48516 MessagePack-CSharp: InterfaceLookupFormatter bypasses collision-resistant comparer settings

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, InterfaceLookupFormatter constructs an internal Dictionary with the default equality comparer instead of the security-aware comparer supplied by options.Security.GetEqualityComparer. This formatter omission allows...

6.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.10 views

PT-2026-51400

Name of the Vulnerable Software and Affected Versions MessagePack for C versions prior to 2.5.301 MessagePack for C versions prior to 3.1.7 Description The InterfaceLookupFormatter constructs an internal Dictionary using the default equality comparer instead of the security-aware comparer provide...

7.5CVSS5.9AI score0.00231EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 1:55 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in NLTK bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the Natural Language Toolkit NLTK library, which is susceptible to several critical security vulnerabilities. These flaws could allow a remote attacker to execute arbitrary code, perform arbitrary file reads via path...

10CVSS6.8AI score0.00924EPSS
Exploits9Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 12:16 p.m.9 views

Security Bulletin: Vulnerability in Python-Multipart bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage

Summary IBM Fusion Content-Aware Storage includes the python-multipart library, which is susceptible to a Path Traversal vulnerability. This flaw exists when specific non-default configuration options, such as UPLOADKEEPFILENAME=True, are utilized. A remote attacker could exploit this vulnerabili...

8.6CVSS5.7AI score0.02228EPSS
Exploits5Affected Software2
Fedora
Fedora
added 2026/06/15 12:51 a.m.11 views

[SECURITY] Fedora 44 Update: dnsdist-2.0.6-1.fc44

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

9.1CVSS5.4AI score0.01073EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.12 views

ViPER: Vision-Based Packing-Aware Encoder for Robust Malware Detection

Visualization-based malware detection maps raw binary bytes to grayscale images and applies learned visual classifiers, providing an evasion-resistant and disassembly-free alternative to conventional analysis pipelines. However, executable packing remains a critical failure mode: packed binaries...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.8 views

PI-Hunter: Automated Red-Teaming for Exposing and Localizing Prompt Injections

Large Language Models LLMs are rapidly evolving into agentic systems that interact with external tools and environments, introducing new security risks such as indirect prompt injection attacks through untrusted external sources. Existing defenses mainly focus on blocking malicious content at...

5.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/09 9:19 a.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.20. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

9.1CVSS6.4AI score0.01557EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/08 3:50 p.m.10 views

EUVD-2026-35120

In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1drmcleanup where it should be calling...

5.5AI score0.00154EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.9 views

Semantic Multi-Agent Intrusion Detection for IoT:Zero-Day and Adversarial Threats with Risk-Aware Reasoning

The rapid proliferation of Internet of Things IoT devices has enabled unprecedented automation and connectivity, but it has also substantially increased the attack surface, exposing networks to sophisticated cyber threats, including zero-day and adversarial intrusions. Traditional Intrusion...

5.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/06 3:18 a.m.4 views

SUSE CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it's considere...

4.3CVSS7AI score0.00282EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.5 views

POISE: Position-Aware Undetectable Skill Injection on LLM Agents

Agent skills provide a lightweight mechanism for extending general-purpose agents, but their open format exposes them to skill-poisoning attacks. A practically dangerous injection must stay invisible: if executing the payload derails the user's legitimate task, the resulting failure signal invite...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.7 views

Empirical Evaluation of Large Language Models for Migration of Code Fragments to Post-Quantum Cryptography

The transition to post-quantum cryptography PQC requires not only replacing vulnerable cryptographic primitives, but also refactoring the surrounding software logic. While existing PQC migration frameworks provide organizational guidance, practical code-level remediation remains largely manual an...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.5 views

MalTree: Tracing Malware Evolution from Embeddings at Scale

Malware detection remains largely reactive: machine learning models trained on known samples degrade as threats evolve. Understanding evolutionary relationships among malware families can inform proactive defense, but traditional reverse engineering can take months to years to uncover such lineag...

5.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/03 12:10 p.m.9 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.21. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

9.1CVSS7.3AI score0.01557EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.12 views

SECUREVENT: Hybrid AI/ML Security Monitoring for Distributed Event-Based Systems

Distributed event-based systems have become a common substrate for Internet-scale publish/subscribe services, IoT telemetry, cloud-native microservices, and security operations pipelines. Their loose coupling and asynchronous delivery improve scalability, but they also expand the attack surface:...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.22 views

A Wolf in Sheep'S Clothing: Targeted Routing Hijacking in Federated RAG

Federated Retrieval-Augmented Generation FedRAG is attractive for privacy-sensitive applications because raw data remain local. As a result, routing must rely on client-provided semantic profiles, creating a new opportunity for manipulation. We introduce Routing Hijacking, a routing-stage attack ...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.17 views

Check Point Security Gateway 安全漏洞

Check Point Security Gateway is a series of network security gateway devices developed by the Israeli company Check Point. There is a security vulnerability in Check Point Security Gateway, which arises when the identity-aware module based on browser authentication is enabled, allowing...

7.5CVSS5.8AI score0.0475EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.10 views

Falco 0.44.0

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/23 12:0 a.m.11 views

CyberMaskQA: A Privacy-Aware Benchmark for Evaluating Large Language Models in Cybersecurity Question Answering

Large language models LLMs are increasingly applied to cybersecurity question answering QA for critical tasks such as incident response and vulnerability analysis. However, real-world operational contexts, including system logs and network configurations, inherently contain sensitive identifiers,...

5.8AI score
Exploits0
Rows per page
Query Builder