A Multi-Agent Framework for Automated Exploit Generation with Constraint-Guided Comprehension and Reflection

Open-source libraries are widely used in modern software development, introducing significant security vulnerabilities. While static analysis tools can identify potential vulnerabilities at scale, they often generate overwhelming reports with high false positive rates. Automated Exploit Generatio...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a vulnerability related to input validation errors. This vulnerability arises due to memory corruption that occurs when decoding corrupted satellite data files with invalid signature offsets...

Theora 缓冲区错误漏洞

Theora is a reference implementation of Theora video compression format developed by Xiph open-source projects. Theora has a buffer error vulnerability, which stems from a heap out-of-bounds read in the aviparseinputfile function of the AVI parser. This vulnerability could lead to denial-of-servi...

SDL_image 缓冲区错误漏洞

SDLimage is an open-source library from Simple DirectMedia Layer that supports loading images in various formats. SDLimage has a buffer error vulnerability, which stems from the lack of validation of pixel index values, potentially leading to out-of-buffer reads...

WeGIA 输入验证错误漏洞

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation or restrictions on the nextPage parameter, which could lead to...

WeGIA 输入验证错误漏洞

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of URL validation or allowlist checks, which could lead...

PT-2026-30759

Impact PartitionedDataset in kedro-datasets was vulnerable to path traversal. Partition IDs were concatenated directly with the dataset base path without validation. An attacker or malicious input containing .. components in a partition ID could cause files to be written outside the configured...

Samsung多款产品 安全漏洞

SAMSUNG Mobile Processors are products of South Korea’s Samsung Corporation. SAMSUNG Mobile Processors are a series of mobile processors. SAMSUNG Wearable Processors are a series of wearable processors. SAMSUNG Modem Exynos is a series of modem chips. Several Samsung products have security...

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR prior to 3.1.0 and 3.2.7, as well as versions prior to 3.3.9 and 3.4.9, contain a buffer error vulnerability. This vulnerability stems from integer overflows...

PT-2026-30615

A double free vulnerability exists in librz/bin/format/le/le.c in the function le load fixup record. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...

ALSA-2026:6632 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel net/mlx5: Use-after-free in ECVF vports unload leads to denial of service CVE-2025-38109 kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setu...

CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

PT-2026-30575

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in its netfilter component related to conntrack and missing netlink policy validations. Specifically, the nlattr to sctp function improperly handles...

PT-2026-30577

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd module. Specifically, when a multichannel SMB2 SESSION SETUP request with SMB2 SESSION REQ FLAG BINDING fails, the conn-binding flag is...

RockyLinux 8 : kernel-rt (RLSA-2026:6036)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6036 advisory. kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in macvlancommonnewlink...

CVE-2019-25669

qdPM 9.1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the searchbyextrafields parameter. Attackers can send POST requests to the users endpoint with malicious searchbyextrafields values to trigger SQL syntax errors and...

SUSE-SU-2026:1187-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.31 fixes various security issues The following security issues were fixed: - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc bsc1258051. - CVE-2026-23111: netfilter: nftables: fix inverted genmask check in...

Xlight FTP Server 缓冲区错误漏洞

Xlight FTP Server is an open-source FTP server software developed by Xlight. Version 3.9.1 of Xlight FTP Server contains a buffer error vulnerability. This vulnerability stems from a coverage issue with structured exception handlers, which may allow local attackers to cause the application to cra...

Core FTP 访问控制错误漏洞

Core FTP is a file transfer server. Version Core FTP 2.0 build 653 has a vulnerability related to access control. This vulnerability stems from a denial-of-service vulnerability in the PBSZ command, which could allow unverified attackers to cause the service to crash...

FreeBSD : nghttp2 -- CWE-617: Reachable Assertion (c08273b5-30e5-11f1-b9f2-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c08273b5-30e5-11f1-b9f2-b42e991fc52e advisory. https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an...