Lucene search
K

7788 matches found

Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.38 views

MIRAGE: Context-Aware Prompt Injection against Mobile GUI Agents Via User-Generated Content

Mobile graphical user interface GUI agents driven by vision-language models VLMs perceive the screen as rendered pixels and choose actions from what they see, so they cannot reliably separate trusted interface elements from user-generated content. We present MIRAGE Mobile Injection of Realistic...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/26 11:39 p.m.8 views

org.yamcs:distribution (>=5.0.0 <=5.12.6), org.yamcs:packet-viewer (>=5.0.0 <=5.12.6) +9 more potentially affected by CVE-2026-42568 via org.yamcs:yamcs-core (>=5.0.0 <=5.12.6)

org.yamcs:yamcs-core MAVEN version =5.0.0, =5.0.0, =5.0.0, =5.10.0, =5.10.0, =0.1.0, =0.1, =1.0.0, =5.0.0, =5.0.0, =0.1.0, =0.8.0 Source cves: CVE-2026-42568 Source advisory: SNYK:JAVA-ORGYAMCS-17229781...

4.3CVSS5.4AI score0.01027EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/05/26 11:39 p.m.7 views

org.yamcs:distribution (>=4.7.1 <=5.12.6), org.yamcs:packet-viewer (>=4.10.3 <=5.12.6) +14 more potentially affected by CVE-2026-42568 via org.yamcs:yamcs-core (>=0.29.3 <=5.12.6)

org.yamcs:yamcs-core MAVEN version =0.29.3, =4.7.1, =4.10.3, =4.10.3, =5.10.0, =5.10.0, =3.4.0, =4.5.0, =0.1.0, =0.1, =4.5.0, =0.29.3, =1.0.0, =4.7, =4.10.3, =5.12.6 and more Source cves: CVE-2026-42568 Source advisory: OSV:GHSA-CQH3-JG8P-336J...

4.3CVSS5.4AI score0.01027EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

SUSE SLES15 Security Update : distribution (SUSE-SU-2026:2032-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2032-1 advisory. This update for distribution rebuilds it against the current go security release. Tenable has extracted the preceding description block...

5.8AI score
Exploits0References1
Amazon
Amazon
added 2026/05/26 12:0 a.m.17 views

Medium: openssh

Issue Overview: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not...

8.1CVSS7.1AI score0.0218EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.22 views

Debian dsa-6295 : ata-modules-6.12.90+deb13-armmp-di - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6295 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6295-1 [email protected] https://www.debian.org/securit...

8.8CVSS5.8AI score0.03663EPSS
Exploits18References8
Debian
Debian
added 2026/05/22 8:18 p.m.17 views

[SECURITY] [DSA 6291-1] haproxy security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6291-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 22, 2026 https://www.debian.org/security/faq -...

5.8CVSS5.8AI score0.00297EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/22 3:47 p.m.8 views

com.github.vindell:spring-boot-starter-cxf-jaxws-plus (>=1.0.0.RELEASE <=1.0.2.RELEASE), org.apache.cxf:apache-cxf (>=3.3.0 <=3.6.10) +1 more potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (>=3.2.4 <=3.6.10)

org.apache.cxf:cxf-rt-ws-transfer MAVEN version =3.2.4, =1.0.0.RELEASE, =3.3.0, =3.4.0, =3.6.10 Source cves: CVE-2026-44618 Source advisory: SNYK:JAVA-ORGAPACHECXF-17115402...

5.3CVSS5.4AI score0.00338EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/22 3:47 p.m.6 views

org.apache.cxf:apache-cxf (>=4.0.0 <=4.1.5), org.apache.cxf:cxf-distribution-javadoc (>=4.0.0 <=4.1.5) potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (>=4.0.0 <=4.1.5)

org.apache.cxf:cxf-rt-ws-transfer MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.1.5 Source cves: CVE-2026-44618 Source advisory: SNYK:JAVA-ORGAPACHECXF-17115402...

5.3CVSS5.4AI score0.00338EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-44348

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in computehashtosign in...

2.5CVSS5.8AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 2026/05/21 2:20 p.m.8 views

MAL-2026-4462 Malicious code in @vino.tian/vibe-kanban (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f1533bb7e55b1bcd10291aa9f19e2a5cbe5755a7a6a7343d38fbd3ff8064a1f This package is published as @vino.tian/vibe-kanban and copies its README, name, and feature description from BloopAI's legitimate vibe-kanban projec...

5.9AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/21 1:3 p.m.11 views

CVE-2026-41888

A flaw was found in Distribution, a software toolkit used for managing container content. This vulnerability allows a remote attacker to bypass security settings designed to prevent the deletion of container tags. By sending a specific request, an attacker can remove tags from repositories even...

6.5CVSS5.8AI score0.00294EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.22 views

Practical Countermeasure against Attacks Exploiting Detection Efficiency Mismatch in Quantum Key Distribution

We demonstrate a practical countermeasure against a well-known class of attacks on quantum key distribution QKD systems that exploit detection efficiency mismatch, where the receiver's detectors do not exhibit identical responses to incoming photons across all degrees of freedom. This class of...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
added 2026/05/20 9:36 a.m.7 views

Security update for distribution

This update for distribution rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/20 9:36 a.m.5 views

SUSE-SU-2026:2032-1 Security update for distribution

This update for distribution rebuilds it against the current go security release...

5.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in gnupg1

Libgcrypt before version 1.7.8 is vulnerable to a cache-side-channel attack that can lead to a complete failure of the RSA-1024 algorithm. This attack occurs when the left-to-right method is used for computing the sliding-window expansion. It is believed that the same attack also works on the...

6.8CVSS7AI score0.03885EPSS
Exploits0References2
OSV
OSV
added 2026/05/20 2:15 a.m.10 views

MAL-2026-4468 Malicious code in @wengine-ai/claude-code-router-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45e362000d036139e02a066a82ec157314a07796e0e855cdce184cc081ca4591 dist/index.js line 14 issues a fetch call to https://pub-0dc3e1677e894f07bbea11b17a29e032.r2.dev, an anonymous Cloudflare R2 bucket, and references...

6AI score
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/20 12:0 a.m.8 views

distribution-registry-3.1.1-1.1 on GA media (moderate)

distribution-registry-3.1.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10812-1 Rating: moderate Cross-References: CVE-2026-41888 CVSS scores: CVE-2026-41888 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVE-2026-41888 SUSE : 6.3...

6.5CVSS5.8AI score0.00294EPSS
Exploits1
OSV
OSV
added 2026/05/19 9:52 p.m.11 views

MAL-2026-4741 Malicious code in aurafarmer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 967bdc07ba43b92a320ad0ef81975a5547d24b987eda5b8cdf863fc7c18245e0 The package advertises an aurex CLI. Its login flow aurex/main.py around line 108 prompts the user for email and password and POSTs them as JSON to a...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 9:7 p.m.12 views

Malicious code in glass-of-water (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df79336313f71fac8158ff6f3e0160d0e99a8d1d84c452505fd3739af5838a69 glassofwater/init.py embeds 10 Google Gemini API keys AIzaSy... split across 5-part dictionaries and reassembled at runtime by getapikey L6-19. The...

5.8AI score
Exploits0References2
Rows per page
Query Builder