Lucene search
+L

109 matches found

The Hacker News
The Hacker News
β€’added 2026/07/10 9:0 a.m.β€’19 views

Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom , and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with weak randomness, an attacker can work it out a...

6.1AI score
Exploits0
SUSE CVE
SUSE CVE
β€’added 2026/05/07 2:22 a.m.β€’8 views

SUSE CVE-2026-25589

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

7.5CVSS6.2AI score0.01331EPSS
Exploits0References3
Positive Technologies
Positive Technologies
β€’added 2026/05/07 12:0 a.m.β€’15 views

PT-2026-38478

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6.2AI score0.01331EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
β€’added 2026/05/06 12:0 a.m.β€’11 views

Linux Distros Unpatched Vulnerability : CVE-2026-25589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized...

8.8CVSS6.2AI score0.01331EPSS
Exploits0References2
NVD
NVD
β€’added 2026/05/05 5:17 p.m.β€’11 views

CVE-2026-25589

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS0.01331EPSS
Exploits0References2
UbuntuCve
UbuntuCve
β€’added 2026/05/05 5:17 p.m.β€’6 views

CVE-2026-25589

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6.2AI score0.01331EPSS
Exploits0References1
Cvelist
Cvelist
β€’added 2026/05/05 4:50 p.m.β€’35 views

CVE-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

7.7CVSS0.01331EPSS
Exploits0References2
EUVD
EUVD
β€’added 2026/05/05 4:50 p.m.β€’8 views

EUVD-2026-27414

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

7.7CVSS6.2AI score0.01331EPSS
Exploits0References2
CVE
CVE
β€’added 2026/05/05 4:50 p.m.β€’47 views

CVE-2026-25589

RedisBloom module for Redis is affected. In versions before 2.8.20, RESTORE may process crafted serialized values without validation, leading to invalid memory access and potential remote code execution when an authenticated user can run RESTORE on a server with RedisBloom loaded. The issue stems...

8.8CVSS6.2AI score0.01331EPSS
Exploits0References2Affected Software1
OSV
OSV
β€’added 2026/05/05 4:50 p.m.β€’2 views

CVE-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

7.7CVSS7.6AI score0.01331EPSS
Exploits0References4
RedhatCVE
RedhatCVE
β€’added 2026/02/25 4:6 a.m.β€’9 views

CVE-2026-21864

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

7.5CVSS5.5AI score0.00257EPSS
Exploits0References1
NVD
NVD
β€’added 2026/02/24 1:16 a.m.β€’18 views

CVE-2026-21864

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

7.5CVSS0.00257EPSS
Exploits0References2
CVE
CVE
β€’added 2026/02/24 12:24 a.m.β€’20 views

CVE-2026-21864

CVE-2026-21864 affects Valkey-Bloom (a Rust module for Valkey KV) where a crafted RESTORE command can trigger a server shutdown due to an assertion during RDB parsing if the VALKEYMODULE_OPTIONS_HANDLE_IO_ERRORS flag is not set. The issue existed despite the module handling parsing; a patch (comm...

7.5CVSS5.5AI score0.00257EPSS
Exploits0References2Affected Software1
EUVD
EUVD
β€’added 2026/02/24 12:24 a.m.β€’9 views

EUVD-2026-7461

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

6.5CVSS5.4AI score0.00257EPSS
Exploits0References2
Vulnrichment
Vulnrichment
β€’added 2026/02/24 12:24 a.m.β€’5 views

CVE-2026-21864 Remote DoS from malformed RESTORE command

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

6.5CVSS5.5AI score0.00257EPSS
Exploits0References2
Cvelist
Cvelist
β€’added 2026/02/24 12:24 a.m.β€’25 views

CVE-2026-21864 Remote DoS from malformed RESTORE command

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

6.5CVSS0.00257EPSS
Exploits0References2
OSV
OSV
β€’added 2026/02/24 12:24 a.m.β€’9 views

CVE-2026-21864 Remote DoS from malformed RESTORE command

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

6.5CVSS5.6AI score0.00257EPSS
Exploits0References4
Positive Technologies
Positive Technologies
β€’added 2026/02/24 12:0 a.m.β€’10 views

PT-2026-21584

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

6.5CVSS5.4AI score0.00257EPSS
Exploits0References3
CNNVD
CNNVD
β€’added 2026/02/24 12:0 a.m.β€’62 views

valkey-bloom θΎ“ε…₯ιͺŒθ―ι”™θ――漏洞

Valkey-Bloom is a Valkey open-source module. Valkey-Bloom has a vulnerability related to input validation errors. This vulnerability arises from the lack of a flag to handle RDB parsing errors, which may allow a specially crafted RESTORE command to trigger an assertion that causes the server to...

7.5CVSS5.8AI score0.00257EPSS
Exploits0References2
Packet Storm News
Packet Storm News
β€’added 2025/12/24 12:0 a.m.β€’6 views

Assessing the Software Security Comprehension of Large Language Models

Large language models LLMs are increasingly used in software development, but their level of software security expertise remains unclear. This work systematically evaluates the security comprehension of five leading LLMs: GPT-4o-Mini, GPT-5-Mini, Gemini-2.5-Flash, Llama-3.1, and Qwen-2.5, using...

7.1AI score
Exploits0
Rows per page
Query Builder