Lucene search
K

20 matches found

Microsoft Secure
Microsoft Secure
added 2026/03/20 4:19 p.m.119 views

CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents

Excerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence CTI into validated detections. Instead of measuring “CTI trivia,” CTI-REALM tests end-to-end workflows: reading threat reports, exploring telemetr...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/20 1:37 p.m.4 views

CVE-2026-26939

A flaw was found in Kibana. An authenticated attacker with rule management privileges could exploit a missing authorization vulnerability in the server-side Detection Rule Management. This allows the attacker to configure unauthorized endpoint response actions, such as host isolation, process...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References4
NVD
NVD
added 2026/03/19 6:16 p.m.4 views

CVE-2026-26939

Missing Authorization CWE-862 in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration host isolation, process termination, and process suspension via CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs. This requires an...

6.5CVSS0.00175EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/19 5:11 p.m.2 views

Missing Authorization

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Missing Authorization in the Detection Rule Management. An attacker can perform unauthorized system actions, such as host isolatio...

7.1CVSS5.9AI score0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 5:11 p.m.2 views

CVE-2026-26939

Missing Authorization CWE-862 in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration host isolation, process termination, and process suspension via CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs. This requires an...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/19 5:11 p.m.21 views

CVE-2026-26939

CVE-2026-26939 affects Kibana’s server-side Detection Rule Management. Missing Authorization (CWE-862) could allow an authenticated attacker with rule management privileges to configure Unauthorized Endpoint Response Actions (host isolation, process termination, process suspension). Root cause an...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/02/02 1:32 a.m.16 views

CVE-2026-1738

Open5GS SGWC (up to 2.7.6) is affected by a flaw in sgwc_tunnel_add in /src/sgwc/context.c. Manipulating the pdr argument can trigger a reachable assertion, and the issue can be exploited remotely. The exploit has been published, and a patch to correct the issue is indicated as already-fixed in t...

6.9CVSS5.6AI score0.00659EPSS
Exploits1References7Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/19 4:32 p.m.4 views

CVE-2025-14955 Open5GS PFCP handler.c ogs_pfcp_handle_create_pdr initialization

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is...

6.3CVSS6.4AI score0.00468EPSS
Exploits1References8
NVD
NVD
added 2025/12/19 4:15 p.m.5 views

CVE-2025-14953

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

5.3CVSS0.00387EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.5 views

PT-2025-52490

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.5 Description A flaw exists within Open5GS, specifically in the ogs pfcp handle create pdr function located in the lib/pfcp/handler.c library of the PFCP component. This issue involves improper initialization and...

6.3CVSS4.2AI score0.00468EPSS
Exploits1References13
Packet Storm News
Packet Storm News
added 2025/10/05 12:0 a.m.5 views

Cyber Warfare during Operation Sindoor: Malware Campaign Analysis and Detection Framework

Rapid digitization of critical infrastructure has made cyberwarfare one of the important dimensions of modern conflicts. Attacking the critical infrastructure is an attractive pre-emptive proposition for adversaries as it can be done remotely without crossing borders. Such attacks disturb the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/17 12:0 a.m.5 views

Simultaneously Exposing and Jamming Covert Communications Via Disco Reconfigurable Intelligent Surfaces

Covert communications provide a stronger privacy protection than cryptography and physical-layer security PLS. However, previous works on covert communications have implicitly assumed the validity of channel reciprocity, i.e., wireless channels remain constant or approximately constant during the...

6.9AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.5 views

jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common.

...

6.1CVSS6.8AI score0.08632EPSS
Exploits6
Vulnrichment
Vulnrichment
added 2023/03/03 10:44 p.m.6 views

CVE-2023-26047 teler-waf contains detection rule bypass via entities payload

teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version v0.2.0 is vulnerable to a bypass attack when a specific case-sensitive hex entities payload with special characters such as CR/LF and horizontal tab is used...

6.5CVSS6.5AI score0.00516EPSS
Exploits0References3
OSV
OSV
added 2023/03/01 8:37 p.m.32 views

GHSA-P2PF-G8CQ-3GQ5 teler-waf contains detection rule bypass via Entities payload

Description teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. teler-waf prior to version v0.2.0 is vulnerable to a bypass attack when a specific case-sensitive hex entities payload with special characters such as CR/LF and horizontal tab...

6.1CVSS6.3AI score0.00516EPSS
Exploits0References8
Rapid7 Blog
Rapid7 Blog
added 2022/09/20 3:14 p.m.1231 views

CVE-2022-36804: Easily Exploitable Vulnerability in Atlassian Bitbucket Server and Data Center

On August 24, 2022, Atlassian published an advisory for Bitbucket Server and Data Center alerting users to CVE-2022-36804. The advisory reveals a command injection vulnerability in multiple API endpoints, which allows an attacker with access to a public repository or with read permissions to a...

10CVSS0.8AI score0.99174EPSS
Exploits25
Rapid7 Blog
Rapid7 Blog
added 2022/05/31 3:15 p.m.186 views

CVE-2022-30190: "Follina" Microsoft Support Diagnostic Tool Vulnerability

On May 30, 2022, Microsoft Security Response Center MSRC published a blog on CVE-2022-30190, an unpatched vulnerability in the Microsoft Support Diagnostic Tool msdt in Windows. Microsoft’s advisory on CVE-2022-30190 indicates that exploitation has been detected in the wild. According to Microsof...

9.3CVSS1.1AI score0.99374EPSS
Exploits62
GithubExploit
GithubExploit
added 2022/03/31 4:14 p.m.332 views

Exploit for Code Injection in Vmware Spring_Framework

CVE-2022-22965 aka "Spring4Shell" Vulnerabilidad RCE en Spri...

9.8CVSS9AI score0.99939EPSS
Exploits136
Microsoft Secure
Microsoft Secure
added 2018/12/19 9:52 p.m.111 views

Windows Defender ATP has protections for USB and removable devices

Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers official title. Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That something is a 512GB USB flash drive! Jimmy picks up the drive, whistlin...

0.1AI score
Exploits0
n0where
n0where
added 2018/03/13 7:51 p.m.137 views

Information Security Preparedness Tool: Metta

Metta is an open-source information security preparedness tool for adversarial simulation. As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating components of targeted attacks in order to test both an organization’s...

1AI score
Exploits0References3
Rows per page
Query Builder