7860 matches found
Symlink Attack
Overview apm-cli is a MCP configuration tool Affected versions of this package are vulnerable to Symlink Attack during the integration when symbolic links under certain directories are dereferenced and their target file contents are copied into project deployment directories. An attacker can acce...
Explainable Machine Learning for Phishing Detection on Heterogeneous Datasets with MCP-Enabled Deployment
With the growth in digital transformation and Internet usage, the Social Engineering techniques such as Phishing have become a major concern for the users and the organizations. Phishing attacks involve deceptive techniques to trick users into revealing confidential information that causes...
ADR: An Agentic Detection System for Enterprise Agentic AI Security
We present the Agentic AI Detection and Response ADR system, the first large-scale, production-proven enterprise framework for securing AI agents operating through the Model Context Protocol MCP. We identify three persistent challenges in this domain: 1 limited observability -- existing Endpoint...
Exploit for Server-Side Request Forgery in Apache Axis
Axis1.4 CVE-2019-0227 Remote Command Execution Vulnerability E...
CVE-2026-44552 Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the toolservers and terminalservers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database a supported and documented deployment pattern...
PT-2026-41316
Name of the Vulnerable Software and Affected Versions Microsoft APM versions 0.5.4 through 0.12.4 Description Two primitive integrators in apm-cli use Path.glob and Path.rglob to enumerate package files and Path.read text to read matches, which transparently follows symbolic links. A symlink with...
APM – Agent Package Manager 后置链接漏洞
APM – Agent Package Manager is an open-source AI-based dependency management tool developed by Microsoft. In versions 0.5.4 to 0.12.4 of APM, there was a post-link vulnerability. This vulnerability stemmed from calls to functions like Path.glob and Path.rglob, which followed symbolic links. As a...
On-Device Interpretable Tsetlin Machine-Based Intrusion Detection for Secure IoMT
The rapid evolution of digital health technologies is redefining healthcare services worldwide. The integration of wireless communication and Internet-enabled medical devices within Internet of Medical Things IoMT networks enables continuous, real-time patient monitoring. However, this increased...
EUVD-2026-30493
The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.6, the client-side and server-side GitHub OIDC flow is bound only to a global audience string, not to the specific registry instance being targeted. On the client side, the publisher...
CVE-2026-44679 Tuist: Forgot password flow lacks throttling for reset email delivery
Tuist is a virtual platform team for Swift app devs. Prior to 1.180.10, the forgot password flow allows an unauthenticated attacker to repeatedly trigger password reset emails for a known account without server-side throttling. In self-hosted deployments, this can be abused to send large volumes ...
CVE-2026-44514 Kubetail: Cross-Site WebSocket Hijacking allows attacker to read Kubernetes logs from authenticated users
Kubetail is a real-time logging dashboard for Kubernetes. Prior to 0.14.0, Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to th...
CVE-2026-44514
Kubetail is a real-time logging dashboard for Kubernetes. Prior to 0.14.0, Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to th...
EUVD-2026-30331
Kubetail is a real-time logging dashboard for Kubernetes. Prior to 0.14.0, Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to th...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes over the /api/v1/chatflows endpoint. A user can gain unauthorized access to and modify sensitive attributes, such as deployment...
When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps
In this article 1. Background 2. What is an exploitable misconfiguration? 3. Exploitable misconfigurations in popular AI applications 4. Minimizing the risk: Practical deployment guidance 5. How Microsoft Defender for Cloud helps detect exposures in Kubernetes 6. Learn more AI and agentic...
Important: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.6.11
Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.6.11 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.6.11 release that simplify the process of...
PT-2026-40977
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the chatflow update endpoint. This occurs when an application takes user-provided data and applies it to an internal object without sufficient filtering, allowing...
Do Coding Agents Understand Least-Privilege Authorization?
As coding agents gain access to shells, repositories, and user files, least-privilege authorization becomes a prerequisite for safe deployment: an agent should receive enough authority to complete the task, without unnecessary authority that exposes sensitive surfaces.To study whether current...
Important: Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.8.6
Assisted installer RHEL 8 components for the multicluster engine for Kubernetes 2.8.6 General Availability release, with updates to container images. Assisted Installer RHEL 8 integrates components for the general multicluster engine for Kubernetes 2.8.6 release that simplify the process of...
agentcore-poc
Blueprint POC - Workflow Generation & Deployment A Proof of C...