Lucene search
K

168 matches found

RedhatCVE
RedhatCVE
added 2026/04/08 7:58 p.m.4 views

CVE-2026-4931

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

8.6CVSS5.9AI score0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/07 6:31 p.m.4 views

EUVD-2026-19742

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

5.9AI score0.00257EPSS
Exploits0References6
NVD
NVD
added 2026/04/07 4:16 p.m.4 views

CVE-2026-4931

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

8.6CVSS0.00257EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/07 3:22 p.m.2 views

CVE-2026-4931 CVE-2026-4931

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

5.9AI score0.00257EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/07 3:22 p.m.22 views

CVE-2026-4931 CVE-2026-4931

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

0.00257EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/07 3:22 p.m.2 views

CVE-2026-4931

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

5.9AI score0.00257EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/07 3:22 p.m.14 views

CVE-2026-4931

CVE-2026-4931 affects Smart contract Marginal v1, where an unsafe downcast in the contract enables attackers to settle a large debt position for a negligible asset cost. The publicly reported descriptions (NVD, Red Hat, ENISA EUVD, CNNVD, CVE lists) consistently state the same vulnerability and i...

8.6CVSS5.9AI score0.00257EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.6 views

PT-2026-30899

Name of the Vulnerable Software and Affected Versions Smart contract Marginal v1 affected versions not specified Description The Smart contract Marginal v1 contains an unsafe downcast issue. This allows attackers to settle a large debt position for a negligible asset cost. Recommendations At the...

6.8CVSS5.8AI score0.00257EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

Marginal 安全漏洞

Marginal is an asset trading platform developed by Marginal OpenSource. There is a security vulnerability in Marginal, which stems from the execution of insecure downcasting operations. This vulnerability could allow attackers to settle large debt positions at a negligible cost for assets...

8.6CVSS5.9AI score0.00257EPSS
Exploits0References6
Microsoft Secure
Microsoft Secure
added 2026/02/24 1:0 p.m.7 views

Scaling security operations with Microsoft Defender autonomous defense and expert-led services

Today’s security leaders are operating in an environment of truncated cyberattack timelines with aging defenses built for slower, linear cyberthreats that can no longer keep pace with advanced cyberthreats. AI-powered threat actors now use social engineering and malware that adapt in real time,...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/02/19 10:21 p.m.7 views

MVP Development in the Age of AI: How Startups Can Build Smarter, Faster and Leaner

How AI is reshaping MVP development, helping startups build faster, validate smarter, avoid overbuilding, manage tech debt, and embed security early...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/03 12:0 a.m.7 views

Reading between the Code Lines: On the Use of Self-Admitted Technical Debt for Security Analysis

Static Analysis Tools SATs are central to security engineering activities, as they enable early identification of code weaknesses without requiring execution. However, their effectiveness is often limited by high false-positive rates and incomplete coverage of vulnerability classes. At the same...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.5 views

CVE-2025-23861

Cross-Site Request Forgery CSRF vulnerability in Zack Katz Debt Calculator debt-calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through = 1.0.1...

7.1CVSS7.2AI score0.00197EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/10/29 11:55 a.m.9 views

Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc

BeyondTrust's annual cybersecurity predictions point to a year where old defenses will fail quietly, and new attack vectors will surge. Introduction The next major breach won't be a phished password. It will be the result of a massive, unmanaged identity debt. This debt takes many forms: it's the...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-3482

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00197EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2025/09/10 3:0 p.m.8 views

Outdated Tech, Rising Risk: How Federal Agencies Can Eliminate Tech Debt and Reduce Cyber Risk

Amid shrinking budgets and workforce pressures, your agency, like many across the federal government, is likely grappling with the growing challenge of technical debt tech debt. Tech debt, the accumulation of outdated or under-maintained technology, can slow progress and put your agency’s mission...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/15 12:0 a.m.4 views

Security Debt in Practice: Nuanced Insights from Practitioners

With the increasing reliance on software and automation nowadays, tight deadlines, limited resources, and prioritization of functionality over security can lead to insecure coding practices. When not handled properly, these constraints cause unaddressed security vulnerabilities to accumulate over...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.10 views

The vulnerability of the iocg_pay_debt() function in the block/blk-iocost.c module, which supports the block-level kernel in the Linux operating system. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the iocgpaydebt function in the block/blk-iocost.c module, which supports the block-level kernel in the Linux operating system, is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity...

7.1CVSS6.7AI score0.00234EPSS
Exploits0References20Affected Software4
The Hacker News
The Hacker News
added 2025/02/21 11:40 a.m.13 views

Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025

In today's rapidly evolving digital landscape, weak identity security isn't just a flaw—it's a major risk that can expose your business to breaches and costly downtime. Many organizations are overwhelmed by an excess of user identities and aging systems, making them vulnerable to attacks. Without...

7.1AI score
Exploits0
NVD
NVD
added 2025/01/16 9:15 p.m.6 views

CVE-2025-23861

Cross-Site Request Forgery CSRF vulnerability in Zack Katz Debt Calculator debt-calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through = 1.0.1...

7.1CVSS0.00197EPSS
Exploits0References1
Rows per page
Query Builder