EUVD-2026-25494

In the Linux kernel, the following vulnerability has been resolved: vfio/xe: Reorganize the init to decouple migration from reset Attempting to issue reset on VF devices that don't support migration leads to the following: BUG: unable to handle page fault for address: 00000000000011f8 PF:...

CVE-2026-31601

CVE-2026-31601 affects the Linux kernel vfio/xe driver. When resetting a Virtual Function (VF) device that does not support migration, a kernel page fault can occur due to the vfio_pci core structure not being fully initialized until migration init. The root cause described in connected docs is t...

CVE-2026-34840 OneUptime SSO: Multi-Assertion Identity Injection via Decoupled Signature Verification

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, OneUptime's SAML SSO implementation App/FeatureSet/Identity/Utils/SSO.ts has decoupled signature verification and identity extraction. isSignatureValid verifies the first element in the XML DOM using...

CVE-2026-34840

CVE-2026-34840 – OneUptime SSO (SAML) decoupled signature verification . Prior to 10.0.42, OneUptime’s SSO.ts uses isSignatureValid() to verify only the first in the XML DOM with xml-crypto while getEmail() reads identity from assertion[0] via xml2js, enabling an attacker to prepend an unsigned ...

DKD-KAN: A Lightweight Knowledge-Distilled KAN Intrusion Detection Framework, Based on MLP and KAN

Cyber-security systems often operate in resource-constrained environments, such as edge environments and real-time monitoring systems, where model size and inference time are crucial. A light-weight intrusion detection framework is proposed that utilizes the Kolmogorov-Arnold Network KAN to captu...

STARDIS: Strategic Scheduling and Deceptive Signaling for Satellite Intrusion Detection System Deployment

Satellite communication networks operate under stringent computational constraints and are susceptible to sophisticated cyberattacks. This paper introduces a novel defense framework that decouples security optimization into ground-based analysis and onboard real-time execution. In the long-term...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004956)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004956 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srptport from regular...

Large Language Models for Cyber Security

This paper studies the integration off Large Language Models into cybersecurity tools and protocols. The main issue discussed in this paper is how traditional rule-based and signature based security systems are not enough to deal with modern AI powered cyber threats. Cybersecurity industry is...

Under the engineering hood: Why Malwarebytes chose WordPress as its CMS

It might surprise some that a security company would choose WordPress as the backbone of its digital content operations. After all, WordPress is often associated with open-source plugins, community themes, and a wide range of deployment practices—some stronger than others. But that perception...

EUVD-2018-19401

Malware in sbrugna...

Malicious code in decoupled-local-node-rig (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 25f0aee1e117152ac6f4bf01df0fc766d85a482953feea9fdece74e016a3cc65 The OpenSSF Package Analysis project identified...

MAL-2025-41380 Malicious code in decoupled-local-node-rig (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 25f0aee1e117152ac6f4bf01df0fc766d85a482953feea9fdece74e016a3cc65 The OpenSSF Package Analysis project identified...

IPIGuard: a Novel Tool Dependency Graph-Based Defense against Indirect Prompt Injection in LLM Agents

Large language model LLM agents are widely deployed in real-world applications, where they leverage tools to retrieve and manipulate external data for complex tasks. However, when interacting with untrusted data sources e.g., fetching information from public websites, tool responses may contain...

LURK-T: Limited Use of Remote Keys with Added Trust in TLS 1.3

In many web applications, such as Content Delivery Networks CDNs, TLS credentials are shared, e.g., between the website's TLS origin server and the CDN's edge servers, which can be distributed around the globe. To enhance the security and trust for TLS 1.3 in such scenarios, we propose LURK-T, a...

DEBIAN-CVE-2022-50129

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srptport from regular members into pointers. Allocate the LIO port data structures from inside srptmaketport and free these from inside srptmaketport. Keep...

BadVLA: Towards Backdoor Attacks on Vision-Language-Action Models Via Objective-Decoupled Optimization

Vision-Language-Action VLA models have advanced robotic control by enabling end-to-end decision-making directly from multimodal inputs. However, their tightly coupled architectures expose novel security vulnerabilities. Unlike traditional adversarial perturbations, backdoor attacks represent a...

CVE-2024-57992 wifi: wilc1000: unregister wiphy only if it has been registered

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: unregister wiphy only if it has been registered There is a specific error path in probe functions in wilc drivers both sdio and spi which can lead to kernel panic, as this one for example when using SPI: Unable to...

CVE-2022-48588

A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2022-48588

A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2022-48588

CVE-2022-48588 is a confirmed SQL injection vulnerability in the “schedule editor decoupled” feature of ScienceLogic SL1 . Multiple connected sources (e.g., Red Hat CVE entry, CNVD-2023-66420, and others) describe that unsanitized, user-controlled input is passed directly into a SQL query, enabli...