Learn from Your Mistakes: Tree-Like Self-Play for Secure Code LLMs

While Large Language Models LLMs excel in code generation, they remain prone to replicating subtle yet critical vulnerabilities endemic to their training data. Current alignment techniques, such as Supervised Fine-Tuning SFT and Reinforcement Learning RL, typically apply coarse-grained optimizati...

PT-2026-44316

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm AH implementation where the system fails to account for Extended Sequence Number ESN high bits in asynchronous callbacks. When ESN is enabled, the asynchronou...

EUVD-2026-32411

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix devicenode leak in mcprobe ofparsephandle returns a devicenode reference that must be released with ofnodeput. The original code never freed r5corenode on any exit path, causing a memory leak. Fix this by usin...

HammerSim: A System-Level Tool to Model RowHammer

Modern architecture research relies on simulators to evaluate system security, yet analyzing emerging hardware vulnerabilities like RowHammer requires full-system visibility. As RowHammer vulnerabilities worsen with continuous technology scaling, existing simulators lack the system-level models...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: hfs: Fixed a buffer overflow issue in hfsbnoderead. This patch introduces the isbnodeoffsetvalid method, which checks the requested offset value. It also introduces the checkandcorrectrequestedlength method, which checks and...

Astra Linux - уязвимость в libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.52, there was an out-of-bounds read vulnerability in libpng’s simplified API, allowing for reading of up to 10^12 bytes beyond the...

Astra Linux - уязвимость в ffmpeg

A issue was discovered in the function filterframe in libavfilter/vflenscorrection.c in Ffmpeg 4.2.1. This issue allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation faults during module unloading. The segmentation fault occurs because: During modprobe: 1. In igen6probe, igen6pvt is allocated using kzalloc. 2. In igen6registermci, mci-pvtinfo points to...

Fundamental Limitations of Post-Quantum Cryptographic Architectures

Modern lattice-based cryptography, particularly the learning with errors paradigm, relies on injecting artificial noise to secure data against quantum adversaries. This study systematically examines the theoretical and physical boundaries of this noise-reliant model across four interconnected...

PT-2026-36418

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback aml sfc probe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...

PT-2026-35495

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edac mc alloc When the mci-pvt info allocation in edac mc alloc fails, the error path will call put device which will end up calling the device's release function. However, the init ordering is...

AgentVisor: Defending LLM Agents against Prompt Injection Via Semantic Virtualization

Large Language Model LLM agents are increasingly used to automate complex workflows, but integrating untrusted external data with privileged execution exposes them to severe security risks, particularly direct and indirect prompt injection. Existing defenses face significant challenges in balanci...

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

AI Chatbots and Trust

All the leading AI chatbots are sycophantic, and that's a problem: Participants rated sycophantic AI responses as more trustworthy than balanced ones. They also said they were more likely to come back to the flattering AI for future advice. And critically ­ they couldn't tell the difference betwe...

JLSEC-2026-6 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

CVE-2026-23066 rxrpc: Fix recvmsg() unconditional requeue

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

Trojan-Resilient NTT: Protecting against Control Flow and Timing Faults on Reconfigurable Platforms

Number Theoretic Transform NTT is the most essential component for polynomial multiplications used in lattice-based Post-Quantum Cryptography PQC algorithms such as Kyber, Dilithium, NTRU etc. However, side-channel attacks SCA and hardware vulnerabilities in the form of hardware Trojans may alter...