CVE-2026-32064 OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer

OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attackers on the host loopback interface can connect to the exposed noVNC port to observe or interact wi...

OpenClaw 访问控制错误漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.21 contained a security vulnerability related to access control. This vulnerability stemmed from the fact that the XaaS browser’s entry point did not perform authentication when...

rssn 代码问题漏洞

rssn is a high-performance Rust scientific computing library open source by Apich Organization. rssn has code vulnerabilities, which stem from improper input validation in the JIT compilation engine, potentially allowing arbitrary code execution...

Learning the APT Kill Chain: Temporal Reasoning over Provenance Data for Attack Stage Estimation

Advanced Persistent Threats APTs evolve through multiple stages, each exhibiting distinct temporal and structural behaviors. Accurate stage estimation is critical for enabling adaptive cyber defense. This paper presents StageFinder, a temporal graph learning framework for multi-stage attack...

Securing Cryptography in the Age of Quantum Computing and AI: Threats, Implementations, and Strategic Response

This review examines how quantum computing and artificial intelligence challenge current cryptographic systems. We analyze the literature to assess the resilience of algorithms against quantum attacks Shor's and Grover's algorithms and AI-enhanced cryptanalysis. RSA and elliptic curve cryptograph...

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

PT-2026-22782

Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011 Description An access control issue exists in the VNC component. This allows unauthorized attackers to access the HMI system. Recommendations Update to a newer version that...

EUVD-2024-55464

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

TraceGuard: Process-Guided Firewall against Reasoning Backdoors in Large Language Models

The deployment of Large Reasoning Models LRMs in high-stakes decision-making pipelines has introduced a novel and opaque attack surface: reasoning backdoors. In these attacks, the model's intermediate Chain-of-Thought CoT is manipulated to provide a linguistically plausible but logically fallacio...

Empowering Future Cybersecurity Leaders: Advancing Students through FINDS Education for Digital Forensic Excellence

The Forensics Investigations Network in Digital Sciences FINDS Research Center of Excellence CoE, funded by the U.S. Army Research Laboratory, advances Digital Forensic Engineering Education DFEE through an integrated research education framework for AI enabled cybersecurity workforce development...

Strengthening Security and Noise Resistance in One-Way Quantum Key Distribution Protocols through Hypercube-Based Quantum Walks

Quantum Key Distribution QKD is a foundational cryptographic protocol that ensures information-theoretic security. However, classical protocols such as BB84, though favored for their simplicity, offer limited resistance to eavesdropping, and perform poorly under realistic noise conditions. Recent...

CVE-2026-20091

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...

Cisco FXOS and UCS Manager Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is...

Cisco FXOS Software和Cisco UCS Manager Software 操作系统命令注入漏洞

Cisco FXOS Software and Cisco UCS Manager Software are both products of the American company Cisco. Cisco FXOS Software is a firewall software that runs on Cisco security devices. Cisco UCS Manager Software is a device management software. Both Cisco FXOS Software and Cisco UCS Manager Software...

RHEL 9 : munge (RHSA-2026:2949)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2949 advisory. MUNGE MUNGE Uid 'N' Gid Emporium is an authentication service for creating and validating credentials. It is designed to be highly scalable for use i...

DARTH-PUM: A Hybrid Processing-Using-Memory Architecture

Analog processing-using-memory PUM; a.k.a. in-memory computing makes use of electrical interactions inside memory arrays to perform bulk matrix-vector multiplication MVM operations. However, many popular matrix-based kernels need to execute non-MVM operations, which analog PUM cannot directly...

Backdoor Attacks on Contrastive Continual Learning for IoT Systems

The Internet of Things IoT systems increasingly depend on continual learning to adapt to non-stationary environments. These environments can include factors such as sensor drift, changing user behavior, device aging, and adversarial dynamics. Contrastive continual learning CCL combines contrastiv...

Intel VTune Profiler和Intel oneAPI Toolkits 代码问题漏洞

Intel VTune Profiler and Intel oneAPI Toolkits are products of Intel Corporation, a US company. Intel VTune Profiler is a performance testing tool designed to optimize software. This software can be used for performance testing in IoT embedded applications, media software, Java applications, and...

CVE-2020-37134

CVE-2020-37134 affects UltraVNC Viewer 1.2.4.0. The vulnerability is a denial-of-service triggered by pasting a malformed 256-byte payload into the VNC Server connection dialog, which crashes the application. The available connected documents corroborate the affected software and the method to re...

EVE's Debug Functions Unlockable Without Triggering Measured Boot

Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...