Towards Optimal Agentic Architectures for Offensive Security Tasks

Agentic security systems increasingly audit live targets with tool-using LLMs, but prior systems fix a single coordination topology, leaving unclear when additional agents help and when they only add cost. We treat topology choice as an empirical systems question. We introduce a controlled...

Remote Code Execution (RCE)

LibreNMS is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of Binary Locations configuration and the Netcommand feature, which allows an attacker with administrative privileges to execute arbitrary commands on the server...

CVE-2026-29013

CVE-2026-29013 affects libcoap with out-of-bounds read vulnerabilities in OSCORE CBOR unwrap handling (get_byte_inc in src/oscore/oscore_cbor.c relies on assert for bounds, removed under NDEBUG). Attackers can send crafted CoAP messages during OSCORE negotiation to trigger reads beyond bounds, po...

CVE-2026-40527

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DWTAGformalparameter names. Attackers can craft a binary with shell commands in DWARF parameter names that execute...

CVE-2026-40527 radare2 Command Injection via DWARF Parameter Names

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DWTAGformalparameter names. Attackers can craft a binary with shell commands in DWARF parameter names that execute...

PT-2026-33515

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DW TAG formal parameter names. Attackers can craft a binary with shell commands in DWARF parameter names that...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007543)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007543 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase...

[SECURITY] Fedora 44 Update: kf6-kpackage-6.25.0-1.fc44

KDE Frameworks 6 Tier 2 library to load and install non-binary packages as if they were plugins...

ofensive-playbook

HackTheBox — Writeups Collection A collection of HackTheBox m...

binutils: Fix of CVE-2025-11082

CVE-2025-11082: fix heap-based buffer overflow in bfdelfparseehframe...

GHSA-2689-5P89-6J3J UEFI Firmware Parser has a stack out-of-bounds write in tiano decompressor MakeTable

uefi-firmware contains a stack out-of-bounds write vulnerability in the native tiano/EFI decompressor. in uefifirmware/compression/Tiano/Decompress.c, MakeTable does not validate that bit-length values read from the compressed bitstream are within the expected range 0..16. a crafted firmware blob...

PT-2026-33373

Name of the Vulnerable Software and Affected Versions openCryptoki versions prior to 3.26.1 Description The BER/DER decoding functions in the shared common library asn1.c accept a raw pointer without a buffer length parameter and trust attacker-controlled BER length fields without validating them...

EUVD-2026-23031

CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...

CVE-2026-5189

CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...

CVE-2026-5189 Nexus Repository 3 - Hardcoded Credential in Internal Database Component

CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...

CVE-2026-5189 Nexus Repository 3 - Hardcoded Credential in Internal Database Component

CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...

CVE-2026-5189

CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...

PT-2026-33132

CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...

Challenges and Future Directions in Agentic Reverse Engineering Systems

Agentic systems built on large language models LLMs are increasingly being used for complex security tasks, including binary reverse engineering RE. Despite recent growth in popularity and capability, these systems continue to face limitations in realistic settings. Cutting-edge systems still fai...

catbyte-toolkit

cb - Binary Analysis Toolkit for macOS/iOS Security Research...