Lucene search
K

258 matches found

Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.5 views

PT-2026-20563

A security vulnerability has been discovered in how the input.parsed path field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as authority components, and therefore dropping them from the parsed path. Th...

7.1CVSS5.5AI score
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.5 views

Agentic AI for Cybersecurity: A Meta-Cognitive Architecture for Governable Autonomy

Contemporary AI-driven cybersecurity systems are predominantly architected as model-centric detection and automation pipelines optimized for task-level performance metrics such as accuracy and response latency. While effective for bounded classification tasks, these architectures struggle to...

5.5AI score
Exploits0
hivepro
hivepro
added 2026/02/10 3:51 a.m.7 views

Exposure Management vs Vulnerability Management: Key Differences

Is your security program truly reducing risk, or is it just getting really good at patching? This question is at the heart of the exposure management vs vulnerability management debate. A traditional approach can tell you that a door has a weak lock, but it can't tell you if that door leads to a...

5.6AI score
Exploits0
Redos
Redos
added 2026/02/05 12:0 a.m.6 views

ROS-20260205-73-0027

A vulnerability in the rseq.c component of the Linux operating system kernel is related to the reliance on unreliable input data to make security decisions. Exploitation of the vulnerability allows an attacker to impact the confidentiality and availability of protected information...

5.5CVSS7.5AI score0.00478EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2026/01/15 5:58 p.m.7 views

Your VMDR Year in Review: Making Security Progress Visible and Actionable

Security Teams Rarely Stop to Reflect When a security program is working well, very little seems to happen. That is by design. There is no alert for the incident that was prevented. No visibility into the attack path that was quietly closed. No recognition for the vulnerability that was fixed...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.7 views

PT-2026-2696

CVE-2026-20849 Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network. https://t.co/YLkUwVtaPa...

7.5CVSS6.8AI score0.00974EPSS
Exploits0References3
OSV
OSV
added 2025/12/15 3:30 p.m.4 views

GHSA-8M3C-C723-H4P4 django-allauth's Okta and NetIQ implementations used a mutable identifier for authorization decisions

An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead...

5.4CVSS7.1AI score0.00141EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/15 12:0 a.m.26 views

CVE-2025-65431

An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead...

0.00141EPSS
Exploits0References1
Snyk
Snyk
added 2025/12/08 4:26 p.m.6 views

Use of Non-Canonical URL Paths for Authorization Decisions

Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Use of Non-Canonical URL Paths for Authorization Decisions due to improper URL decoding logic. The pathname validation used for...

6.9CVSS6.9AI score0.00481EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/12/04 3:7 p.m.5 views

org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions...

7.5CVSS7.1AI score0.0046EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/12/03 12:0 a.m.4 views

A Descriptive Model for Modelling Attacker Decision-Making in Cyber-Deception

Cyber-deception is an increasingly important defensive strategy, shaping adversarial decision making through controlled misinformation, uncertainty, and misdirection. Although game-theoretic, Bayesian, Markov decision process, and reinforcement learning models offer insight into deceptive...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/24 2:41 p.m.6 views

CVE-2025-12969 CVE-2025-12969

Fluent Bit inforward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing...

6.5CVSS6.9AI score0.00555EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/10/21 12:0 a.m.5 views

Prompting the Priorities: A First Look at Evaluating LLMs for Vulnerability Triage and Prioritization

Security analysts face increasing pressure to triage large and complex vulnerability backlogs. Large Language Models LLMs offer a potential aid by automating parts of the interpretation process. We evaluate four models ChatGPT, Claude, Gemini, and DeepSeek across twelve prompting techniques to...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/10/14 5:59 p.m.4 views

org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions...

7.5CVSS7.1AI score0.0046EPSS
Exploits0References6
Akamai Blog
Akamai Blog
added 2025/10/07 4:0 p.m.7 views

AI Inference Hardware Decisions: When to Choose CPUs vs. GPUs

...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-1084

Malware in sbrugna...

8.1CVSS8AI score0.00717EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-0314

Malware in sbrugna...

8.1CVSS8.1AI score0.00546EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-4406

Malware in sbrugna...

6.8CVSS6.4AI score0.00649EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-22162

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.01042EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29537

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.0046EPSS
Exploits0References5
Rows per page
Query Builder