Lucene search
K

472 matches found

EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24841

In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...

5.6AI score0.00107EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 2:16 p.m.7 views

CVE-2026-31481

In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...

5.5CVSS0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.31 views

CVE-2026-31481 tracing: Drain deferred trigger frees if kthread creation fails

In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...

0.00107EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34386

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the tracing component occurs when boot-time trigger registration fails before the trigger-data cleanup kthread is created. If kthread creation fails, the system fails to drain...

5.5CVSS5.1AI score0.00107EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013199)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013199 advisory. In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in kernfsremove Syzkaller managed to trigger concurrent calls to...

7.8CVSS6.2AI score0.0015EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011207 advisory. In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in kernfsremove Syzkaller managed to trigger concurrent calls to...

7.8CVSS6.2AI score0.0015EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007222)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007222 advisory. In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory...

5.5CVSS6.4AI score0.0025EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/09 9:20 p.m.3 views

CVE-2026-40116 PraisonAI's Unauthenticated WebSocket Endpoint Proxies to Paid OpenAI Realtime API Without Rate Limits

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call module accepts connections from any client without authentication or Twilio signature validation. Each connection opens an authenticated session to OpenAI's Realtime API using the...

7.5CVSS5.8AI score0.00372EPSS
Exploits1References1
CVE
CVE
added 2026/04/09 9:20 p.m.21 views

CVE-2026-40116

CVE-2026-40116 affects PraisonAI prior to 4.5.128: the /media-stream WebSocket endpoint accepted unauthenticated connections and bypassed Twilio validation, proxying each connection to OpenAI’s Realtime API using the server key with no concurrency/rate/size limits. This could allow an unauthentic...

7.5CVSS5.9AI score0.00372EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.8 views

PT-2026-31785

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call module accepts connections from any client without authentication or Twilio signature validation. Each connection opens an authenticated session to OpenAI's Realtime API using the...

7.5CVSS5.9AI score0.00372EPSS
Exploits1References5
Redos
Redos
added 2026/04/08 12:0 a.m.7 views

ROS-20260408-73-0033

A vulnerability in the dwc3 component of the Linux operating system kernel is related to excessive resource consumption in a loop. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS6.1AI score0.00138EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/05 9:26 p.m.2 views

CVE-2026-35679

Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...

3.5CVSS5.9AI score0.0022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of asynchronous decryption within the TLS Transport Layer Security protocol. Specifically, the async hold queue, used to manage...

7.8CVSS5.8AI score0.00238EPSS
Exploits0References265
OSV
OSV
added 2026/03/20 8:34 p.m.30 views

GHSA-38F7-945M-QR2G Effect `AsyncLocalStorage` context lost/contaminated inside Effect fibers under concurrent load with RPC

Versions - effect: 3.19.15 - @effect/rpc: 0.72.1 - @effect/platform: 0.94.2 - Node.js: v22.20.0 - Vercel runtime with Fluid compute - Next.js: 16 App Router - @clerk/nextjs: 6.x Root cause Effect's MixedScheduler batches fiber continuations and drains them inside a single microtask or timer...

7.4CVSS6.1AI score0.0027EPSS
Exploits1References3
Schneier on Security
Schneier on Security
added 2026/03/13 11:4 a.m.9 views

Academia and the “AI Brain Drain”

In 2025, Google, Amazon, Microsoft and Meta collectively spent US$380 billion on building artificial-intelligence tools. That number is expected to surge still higher this year, to $650 billion, to fund the building of physical infrastructure, such as data centers see go.nature.com/3lzf79q...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/05 3:4 p.m.161 views

poc-step-finance-2026

Step Finance Stake Authority Compromise — PoC Educational...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

SUSE SLES15: libpython2_7-1_0 / libpython2_7-1_0-32bit / python / python-32bit / etc (SUSE-SU-2026:0774-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0774-1 advisory. This update for python fixes the following issue: - CVE-2024-7592: uncontrolled CPU resource consumption when in http.cookies module...

7.5CVSS6.8AI score0.02303EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005742 advisory. In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in kernfsremove Syzkaller managed to trigger concurrent calls to...

7.8CVSS6.4AI score0.0015EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/02/28 12:0 a.m.5 views

Clawdrain: Exploiting Tool-Calling Chains for Stealthy Token Exhaustion in OpenClaw Agents

Modern generative agents such as OpenClaw - an open-source, self-hosted personal assistant with a community skill ecosystem, are gaining attention and are used pervasively. However, the openness and rapid growth of these ecosystems often outpace systematic security evaluation. In this paper, we...

6AI score
Exploits0
OSV
OSV
added 2026/02/18 4:16 a.m.5 views

AZL-77993 CVE-2026-27171 affecting package fltk 1.3.5-4

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

5.5CVSS5.7AI score0.00204EPSS
Exploits1References1
Rows per page
Query Builder