Lucene search
K

470 matches found

NVD
NVD
added 2026/03/19 3:16 p.m.4 views

CVE-2026-32843

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

5.1CVSS0.00454EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/19 2:39 p.m.18 views

CVE-2026-32843 Linkit ONE Location Aware Sensor System (LASS) Reflected XSS via PM25.php

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

5.1CVSS0.00454EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 2:39 p.m.3 views

CVE-2026-32843 Linkit ONE Location Aware Sensor System (LASS) Reflected XSS via PM25.php

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

5.1CVSS6AI score0.00454EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 2:39 p.m.3 views

CVE-2026-32843

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

5.1CVSS6AI score0.00454EPSS
Exploits0References3
CVE
CVE
added 2026/03/19 2:39 p.m.12 views

CVE-2026-32843

A reflected cross-site scripting (XSS) vulnerability affects Location Aware Sensor System by LinkIt ONE up to commit f06bd20 (2023-04-26) in PM25.php. The issue arises from allowing unencoded payloads via GET parameters (site, city, district, channel, or apikey), enabling remote attackers to exec...

5.1CVSS6AI score0.00454EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/19 12:0 a.m.4 views

Weaver: Fuzzing JavaScript Engines at the JavaScript-WebAssembly Boundary

The security of modern JavaScript JS engines is critical since they provide the primary defense mechanism for executing untrusted code on the web. The recent integration of WebAssembly Wasm has transformed these engines into complex polyglot environments, creating a novel attack surface at the...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/17 12:0 a.m.5 views

DeepStage: Learning Autonomous Defense Policies against Multi-Stage APT Campaigns

This paper presents DeepStage, a deep reinforcement learning DRL framework for adaptive, stage-aware defense against Advanced Persistent Threats APTs. The enterprise environment is modeled as a partially observable Markov decision process POMDP, where host provenance and network telemetry are fus...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/16 11:58 a.m.4 views

Why Security Validation Is Becoming Agentic

If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one corner. A pentest engagement, or maybe an automated pentesting product, in another. A vulnerability scanner feeding an attack surface management platform somewhe...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.2 views

Execution Is the New Attack Surface: Survivability-Aware Agentic Crypto Trading with OpenClaw-Style Local Executors

OpenClaw-style agent stacks turn language into privileged execution: LLM intents flow through tool interception, policy gates, and a local executor. In parallel, skill marketplaces such as skills.sh make capability acquisition as easy as installing skills and CLIs, creating a growing capability...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.3 views

OSS-CRS: Liberating AIxCC Cyber Reasoning Systems for Real-World Open-Source Security

DARPA's AI Cyber Challenge AIxCC showed that cyber reasoning systems CRSs can go beyond vulnerability discovery to autonomously confirm and patch bugs: seven teams built such systems and open-sourced them after the competition. Yet all seven open-sourced CRSs remain largely unusable outside their...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/08 12:0 a.m.0 views

Broken Access: On the Challenges of Screen Reader Assisted Two-Factor and Passwordless Authentication

In today's technology-driven world, web services have opened up new opportunities for blind and visually impaired people to interact independently. Securing interactions with these services is crucial; however, currently deployed authentication mainly concentrate on sighted users, overlooking the...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.31 views

SemFuzz: A Semantics-Aware Fuzzing Framework for Network Protocol Implementations

Network protocols are the foundation of modern communication, yet their implementations often contain semantic vulnerabilities stemming from inadequate understanding of specification semantics. Existing gray-box and black-box testing approaches lack semantic modeling of protocols, making it...

5.8AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2026/03/05 12:0 a.m.6 views

On the Effectiveness of Mutational Grammar Fuzzing

Posted by Ivan Fratric Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar that describes the structure of the samples. When a sample gets mutated, the mutations happen in such a way that any resulting samples still adhere to the grammar rules, thus the...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/02 12:0 a.m.12 views

TraceGuard: Process-Guided Firewall against Reasoning Backdoors in Large Language Models

The deployment of Large Reasoning Models LRMs in high-stakes decision-making pipelines has introduced a novel and opaque attack surface: reasoning backdoors. In these attacks, the model's intermediate Chain-of-Thought CoT is manipulated to provide a linguistically plausible but logically fallacio...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/28 12:0 a.m.4 views

AMDS: Attack-Aware Multi-Stage Defense System for Network Intrusion Detection with Two-Stage Adaptive Weight Learning

Machine learning based network intrusion detection systems are vulnerable to adversarial attacks that degrade classification performance under both gradient-based and distribution shift threat models. Existing defenses typically apply uniform detection strategies, which may not account for...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/23 10:30 p.m.182 views

pwn-claude-plugin

pwn-claude-plugin Claude Code plugin for binary exploitation...

5.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/23 4:14 p.m.8 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.82 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.12. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

7.5CVSS7.2AI score0.00585EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/02/21 12:0 a.m.4 views

Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection

Mixture-of-Experts MoE offers flexible graph reasoning by combining multiple views of a graph through a learned router. We investigate routing-aware explanations for MoE graph models in malware detection using control flow graphs CFGs. Our architecture builds diversity at two levels. At the node...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/17 7:8 p.m.6 views

Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotat...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.6 views

Resource-Aware Deployment Optimization for Collaborative Intrusion Detection in Layered Networks

Collaborative Intrusion Detection Systems CIDS are increasingly adopted to counter cyberattacks, as their collaborative nature enables them to adapt to diverse scenarios across heterogeneous environments. As distributed critical infrastructure operates in rapidly evolving environments, such as...

5.6AI score
Exploits0
Rows per page
Query Builder