16820 matches found
MINI-3MPV-GH22-MVCJ
Bulletin has no description...
MINI-9JW3-V6XV-H328
Bulletin has no description...
MINI-W362-PPH6-WQ8M
Bulletin has no description...
MINI-4PV9-X4X5-G2J6
Bulletin has no description...
MINI-RVMH-3FRH-J293
Bulletin has no description...
MINI-44FP-5467-H6WR
Bulletin has no description...
MINI-V749-JJ87-5GXP
Bulletin has no description...
MINI-996J-6WXM-Q22C
Bulletin has no description...
PT-2026-46953
Name of the Vulnerable Software and Affected Versions Lyrion Music Server version 9.2.0 Description A path traversal issue exists in the web server context, allowing unauthenticated attackers to read arbitrary files. By manipulating file path parameters, an attacker can access sensitive files...
CVE-2026-10964
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
ROOT-APP-NPM-CVE-2025-66414 CVE-2025-66414 in @rootio/modelcontextprotocol__sdk - Patched by Root
Root has patched CVE-2025-66414 in the @rootio/modelcontextprotocolsdk package for Root:npm. Multiple fixed versions available...
Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us
In this article 1. Why the Taxonomy Needed Updating 2. Seven new failure modes 3. Operational findings: What red teaming showed 4. New mitigations 5. What to do this quarter When the Microsoft AI Red Team published the Taxonomy of Failure Modes in Agentic AI Systems in April 2025, the goal was a...
MINI-FVQJ-MGX9-WMMQ
Bulletin has no description...
CVE-2026-41207 netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
CVE-2026-41207
The CVE concerns the netty-incubator-codec-ohttp project. Before version 0.0.21.Final, HKDF_expand could return a non-NULL failure result and fill the output byte[] with zeros, making HKDF key material indistinguishable from a legitimate output. This zeroed material feeds directly into OHttpCrypt...
CVE-2026-41207 netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
ROOT-APP-NPM-CVE-2025-49596 CVE-2025-49596 in @rootio/modelcontextprotocol__inspector - Patched by Root
Root has patched CVE-2025-49596 in the @rootio/modelcontextprotocolinspector package for Root:npm. Multiple fixed versions available...
MINI-XHG3-PRJ8-8C9R
Bulletin has no description...
MINI-7Q2G-99CV-J99G
Bulletin has no description...
MINI-7GWR-J5MQ-MQJ9
Bulletin has no description...