PT-2026-3001

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The device's passwords have not been adequately salted, making them vulnerable to password extraction attacks. Recommendations At the moment, there is no...

Exploiting Latent Space Discontinuities for Building Universal LLM Jailbreaks and Data Extraction Attacks

The rapid proliferation of Large Language Models LLMs has raised significant concerns about their security against adversarial attacks. In this work, we propose a novel approach to crafting universal jailbreaks and data extraction attacks by exploiting latent space discontinuities, an architectur...

EUVD-2014-5163

Malware in sbrugna...

EUVD-2025-12574

Malicious code in bioql PyPI...

Private Memorization Editing: Turning Memorization into a Defense to Strengthen Data Privacy in Large Language Models

Large Language Models LLMs memorize, and thus, among huge amounts of uncontrolled data, may memorize Personally Identifiable Information PII, which should not be stored and, consequently, not leaked. In this paper, we introduce Private Memorization Editing PME, an approach for preventing private...

System Prompt Extraction Attacks and Defenses in Large Language Models

The system prompt in Large Language Models LLMs plays a pivotal role in guiding model behavior and response generation. Often containing private configuration details, user roles, and operational instructions, the system prompt has become an emerging attack target. Recent studies have shown that...

ProxyPrompt: Securing System Prompts against Prompt Extraction Attacks

The integration of large language models LLMs into a wide range of applications has highlighted the critical role of well-crafted system prompts, which require extensive testing and domain expertise. These prompts enhance task performance but may also encode sensitive information and filtering...

Linux Distros Unpatched Vulnerability : CVE-2014-5270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it...

Prompt Injection/Extraction Attacks against AI Systems

This is an interesting attack I had not previously considered. The variants are interesting, and I think were just starting to understand their implications...

Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-2006)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...