CVE-2026-25528

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnerable to Server-Side Request Forgery via malicious HTTP headers. An attacker can inject arbitrary apiurl values through the baggage header, causing the SDK to...

I2P 2.11.0

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version...

LangSmith Client SDKs 代码问题漏洞

LangSmith Client SDKs are a developer toolkit open-sourced by LangChain. Versions of LangSmith Client SDKs prior to 0.6.3 and 0.4.6 contained code vulnerabilities. These vulnerabilities stemmed from the distributed tracking feature not verifying HTTP headers, which could lead to server-side reque...

PT-2026-7149

Name of the Vulnerable Software and Affected Versions LangSmith Client SDKs versions prior to 0.6.3 LangSmith Client SDKs versions prior to 0.4.6 Description The LangSmith SDK’s distributed tracing feature is susceptible to Server-Side Request Forgery SSRF through manipulation of HTTP headers. An...

Tenda AC9 安全漏洞

The Tenda AC9 is a wireless router produced by the Chinese company Tenda. The Tenda AC9 15.03.06.42multi version has a security vulnerability. This vulnerability stems from improper handling of the security.ddos.map parameter in the formGetDdosDefenceList function, which may lead to a stack buffe...

I Am in the Epstein Files

Once. Someone named "Vincenzo lozzo" wrote to Epstein in email, in 2016: "I wouldn't pay too much attention to this, Schneier has a long tradition of dramatizing and misunderstanding things." The topic of the email is DDoS attacks, and it is unclear what I am dramatizing and misunderstanding. Rab...

SpringBlade - Information Leakage

SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a SpringCloud distributed microservice architecture and a SpringBoot monolithic microservice architecture. The SpringBlade framework has a default SIGNKEY, which can be exploited by...

NVIDIA Megatron-LM 代码注入漏洞

NVIDIA Megatron-LM is a distributed training framework based on PyTorch developed by NVIDIA Corporation in the United States. It is specifically designed for training large-scale Transformer language models. NVIDIA Megatron-LM has a code injection vulnerability. This vulnerability stems from...

Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology OT cybersecurity company Dragos, in a new intelligence brief published Tuesday,...

SUSE CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

Unicornscan 0.4.51

Unicornscan is an information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL...

CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

UBUNTU-CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

UBUNTU-CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

CVE-2026-22259 Suricata dnp3: unbounded transaction growth

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

EUVD-2026-4789

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

Faraday 5.19.0

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

PT-2026-4981

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...