CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 2026/05/28 12:0 a.m.•4 views

The Surface You Test Is Not the Surface That Breaks

Tool-augmented LLM agents are vulnerable to prompt injection: a third party who controls part of the agent's context can plant instructions that the agent then executes as if they came from the user. Current evaluations report a single attack success rate per model on one channel, the tool output...

Packet Storm News•added 2026/05/27 12:0 a.m.•5 views

Refusal Before Decoding: Detecting and Exploiting Refusal Signals in Intermediate LLM Activations

In this paper, we investigate whether refusal behavior can be predicted from LLM intermediate activations before decoding using linear probes trained on residual stream activations at each transformer block. We find that refusal is linearly decodable well before the final layer, indicating that...

5.7AI score

Packet Storm News•added 2026/05/15 12:0 a.m.•2 views

DarkLLM: Learning Language-Driven Adversarial Attacks with Large Language Models

While vision and multimodal foundation models underpin critical tasks from perception to complex reasoning, they remain highly vulnerable to adversarial attacks. However, traditional adversarial attacks are typically limited to single, predefined objectives, tightly coupling each attack to a...

Packet Storm News•added 2026/05/11 12:0 a.m.•4 views

Can You Keep a Secret? Involuntary Information Leakage in Language Model Writing

Language models are deployed in settings that require compartmentalization: system prompts should not be disclosed, chain-of-thought reasoning is hidden from users, and sensitive data passes through shared contexts. We test whether models can keep prompted information out of their writing. We giv...

5.7AI score

Packet Storm News•added 2026/05/03 12:0 a.m.•1 views

VulKey: Automated Vulnerability Repair Guided by Domain-Specific Repair Patterns

The increasing prevalence of software vulnerabilities highlights the need for effective Automatic Vulnerability Repair AVR tools. While LLM-based approaches are promising, they struggle to incorporate structured security knowledge from sources like CWE and NVD. Current methods either use this...

5.9AI score

Packet Storm News•added 2026/04/07 12:0 a.m.•1 views

Stop Fixating on Prompts: Reasoning Hijacking and Constraint Tightening for Red-Teaming LLM Agents

With the widespread application of LLM-based agents across various domains, their complexity has introduced new security threats. Existing red-team methods mostly rely on modifying user prompts, which lack adaptability to new data and may impact the agent's performance. To address the challenge,...

EUVD•added 2026/04/03 6:18 p.m.•3 views

EUVD-2025-209209

Juju: Read All Controller Logs From Compromised Workload...

6.9CVSS5.9AI score0.00013EPSS

Exploits0References3

Snyk•added 2026/04/03 5:22 p.m.•5 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization debug log endpoint in the API server. An attacker can access sensitive log data belonging to any entity across any model by compromising a workload machine under the controller. Remediation A fix was pushed into...

6.9CVSS5.9AI score0.00013EPSS

Exploits0References2

CVE•added 2026/04/03 3:25 p.m.•2 views

CVE-2025-68152

CVE-2025-68152 affects Juju, an open source application orchestration engine. The issue permits a compromised workload machine under a Juju controller to read any log file for any entity in any model at any level, affecting versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19. The flaw is mitig...

6.9CVSS5.8AI score0.00013EPSS

Exploits0References3Affected Software1

Packet Storm News•added 2026/03/24 12:0 a.m.•0 views

Not All Tokens Are Created Equal: Query-Efficient Jailbreak Fuzzing for LLMs

Large Language ModelsLLMs are widely deployed, yet are vulnerable to jailbreak prompts that elicit policy-violating outputs. Although prior studies have uncovered these risks, they typically treat all tokens as equally important during prompt mutation, overlooking the varying contributions of...

SUSE CVE•added 2026/02/07 12:26 a.m.•1 views

SUSE CVE-2026-1237

Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or...

2.1CVSS5.3AI score0.00012EPSS

Exploits0References3

Github Security Blog•added 2026/01/29 3:21 p.m.•9 views

Juju has broken CMR authorization

Impact Cross-model Relation authorization is broken and has a potential security vulnerability. If the controller does not have the root key to verify the macaroon or if the macaroon has expired, an unvalidated and therefore untrusted macaroon is used to extract declared caveats. Facts from these...

Exploits0References4Affected Software1

EUVD•added 2026/01/29 3:21 p.m.•2 views

EUVD-2026-4900

Juju has broken CMR authorization...

OSV•added 2026/01/29 3:21 p.m.•4 views

Exploits0References3

GHSA-J477-6VPG-6C8X Juju has broken CMR authorization

RedhatCVE•added 2026/01/29 3:19 p.m.•4 views

Exploits0References4

CVE-2026-1237