Mythos and the Unverified Cage: Z3-Based Pre-Deployment Verification for Frontier-Model Sandbox Infrastructure

The April 2026 Claude Mythos sandbox escape exposed a critical weakness in frontier AI containment: the infrastructure surrounding advanced models remains susceptible to formally characterizable arithmetic vulnerabilities. Anthropic has not publicly characterized the escape vector; some secondary...

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for January 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF006. These vulnerabilities have been also adressed in 24.0.1-IF006 and 25.0.0-IF003. Vulnerability Details CVEID:CVE-2018-5711 DESCRIPTION: gdgifin.c in the GD Graphics Library aka libgd, as used in PHP...

EUVD-2020-5848

Malware in sbrugna...

CVE-2022-24310

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Product: Interactive Graphical SCADA System Data Serv...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-31346 DESCRIPTION: AMD SEV-SNP Firmware could allow a local authenticated...

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 20 (4.2.0.20)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 20 4.2.0.20 Vulnerability Details CVEID:CVE-2024-23944 DESCRIPTION: Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in persistent watchers handling. By...

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for September 2024.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF001 Vulnerability Details CVEID:CVE-2024-43799 DESCRIPTION: pillarjs send is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this...

Security Bulletin: Due to use of International Components for Unicode, IBM Rational ClearQuest is vulnerable to buffer overflow.

Summary Multiple vulnerabilities in International Components for Unicode used within IBM Rational ClearQuest have been addressed CVE-2020-10531, CVE-2011-4599, CVE-2014-8146 Vulnerability Details CVEID:CVE-2020-10531 DESCRIPTION: International Components for Unicode ICU for C/C++ is vulnerable to...

CVE-2024-47424 Adobe Framemaker | Integer Overflow or Wraparound (CWE-190)

Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47416

Adobe Animate is affected by CVE-2024-47416: an Integer Overflow or Wraparound in Animate versions 23.0.7, 24.0.4 and earlier that could lead to arbitrary code execution in the context of the current user. Exploitation requires a user to open a malicious file. Remediation is to update to non‑affe...

GNOME Project G Structured File Library (libgsf) Compound Document Binary File Sector Allocation Table integer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2069 GNOME Project G Structured File Library libgsf Compound Document Binary File Sector Allocation Table integer overflow vulnerability October 3, 2024 CVE Number CVE-2024-42415 SUMMARY An integer overflow vulnerability exists in the Compound Document Binary...

Realtek rtl819x Jungle SDK boa updateConfigIntoFlash integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1877 Realtek rtl819x Jungle SDK boa updateConfigIntoFlash integer overflow vulnerability July 8, 2024 CVE Number CVE-2023-45742 SUMMARY An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK...

CVE-2024-1847 Multiple vulnerabilities exist in file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024...

The Biosig Project libbiosig sopen_FAMOS_read integer overflow to out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1921 The Biosig Project libbiosig sopenFAMOSread integer overflow to out-of-bounds write vulnerability February 20, 2024 CVE Number CVE-2024-21812 SUMMARY An integer overflow vulnerability exists in the sopenFAMOSread functionality of The Biosig Project...

GTKWave FST fstReaderIterBlocks2 chain_table allocation integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1798 GTKWave FST fstReaderIterBlocks2 chaintable allocation integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36915,CVE-2023-36916 SUMMARY Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation...

GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1818 GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39273,CVE-2023-39271,CVE-2023-39274,CVE-2023-39275,CVE-2023-39272,CVE-2023-39270 SUMMARY Multiple integer overflow vulnerabilities exist in the LXT2...

GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1790 GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35992 SUMMARY An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115,...

RockyLinux 8 : binutils (RLSA-2021:4364)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4364 advisory. binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection CVE-2021-3487 binutils: Race window allows...

CVE-2022-2329

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

Integer overflow

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...