Lucene search
+L

292 matches found

CVE
CVE
added 2026/05/27 12:17 p.m.39 views

CVE-2026-45942

Summary of CVE-2026-45942 : A race condition in the Linux kernel ext4 bitmap handling enables inconsistent bitmap reporting due to concurrent page migration and bitmap modification in the load_buddy path. The root cause is that the fast load_buddy path only increments the folio refcount and can o...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43809

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ext4 file system between page migration and bitmap modification during mixed huge-page workloads. The issue occurs because the fast path of the load buddy...

7.8CVSS5.5AI score0.00126EPSS
Exploits0References144
The Hacker News
The Hacker News
added 2026/05/25 11:30 a.m.29 views

The Alert Firehose Finally Meets Its Match

Ask a cybersecurity pro about Network Detection and Response NDR and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earlier, triage faster, and chase fewer false positive...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.16 views

On Reliability of Efficient Membership Inference Vulnerability Evaluation

Membership inference attacks MIAs are popular methods for empirically assessing the leakage of sensitive information in the training data through models or statistics learned from the data. The MIA vulnerability is often evaluated through false positive rate FPR and true positive rate TPR of a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.20 views

Are Frontier LLMs Ready for Cybersecurity? Evidence for Vertical Foundation Models from Dual-Mode Vulnerability Benchmarks

We evaluate whether frontier LLMs are ready for cybersecurity through a dual-mode benchmark: white-box function-level vulnerability detection VulnLLM-R, across C/Java/Python and black-box web application security testing five production-style applications with 118 ground-truth vulnerabilities...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is pointless and harmful. revert to using checkforlocks, and change it to not sleep. Firstly, it’s harmful. As documented in the kdoc comment for...

5.5CVSS6.1AI score0.00195EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/17 12:0 a.m.29 views

ADR: An Agentic Detection System for Enterprise Agentic AI Security

We present the Agentic AI Detection and Response ADR system, the first large-scale, production-proven enterprise framework for securing AI agents operating through the Model Context Protocol MCP. We identify three persistent challenges in this domain: 1 limited observability -- existing Endpoint...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.22 views

WARD: Adversarially Robust Defense of Web Agents against Prompt Injections

Web agents can autonomously complete online tasks by interacting with websites, but their exposure to open web environments makes them vulnerable to prompt injection attacks embedded in HTML content or visual interfaces. Existing guard models still suffer from limited generalization to unseen...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.11 views

Characterizing AI-Assisted Bot Traffic in Darknet Data: Implications for ICS and IIoT Security

The rise of automated scanning tools and AI assisted reconnaissance agents has significantly altered internet background traffic patterns, threatening the baseline assumptions underlying intrusion detection systems IDS deployed in critical infrastructure networks. This paper characterizes the...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

Official Clerk JavaScript SDKs 代码问题漏洞

The Official Clerk JavaScript SDKs are an open-source repository for Clerk authentication purposes. These SDKs have code vulnerabilities that can lead to false positives during authorization checks. This occurs when functions like has and auth.protect, along with related authorization predicates,...

8.1CVSS5.9AI score0.00246EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.13 views

Securing the Dark Matter: A Semantic-Enhanced Neuro-Symbolic Framework for Supply Chain Analysis of Opaque Industrial Software

Automated vulnerability detection in critical-infrastructure software confronts a fundamental barrier: industrial software is routinely deployed as stripped, symbol-free binaries that deprive conventional Software Composition Analysis of the source-level transparency it requires. Existing binary...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/06 9:48 p.m.105 views

alika-vuln-shield

Vuln Shield Fast container vulnerability scanner that filters...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.16 views

Evolution of Log-Based Detection Rules in Public Repositories

Log-based detection rules remain central to modern security operations, encoding domain expertise that analysts iteratively refine to balance detection coverage against alert volume. Yet while prior work has examined the evolution of network intrusion detection signatures, the longitudinal behavi...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.15 views

Rayhunter IMSI Catcher Detector

Rayhunter is a project for detecting IMSI catchers, also known as cell-site simulators or stingrays. It was first designed to run on a cheap mobile hotspot called the Orbic RC400L, but thanks to community efforts, it can support some other devices as well. It's also designed to be as easy to...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/03 12:0 a.m.8 views

QASecClaw: A Multi-Agent LLM Approach for False Positive Reduction in Static Application Security Testing

Static Application Security Testing tools help developers find security vulnerabilities before release, but they often produce many false positives. This increases manual review effort, reduces developer trust, and may cause real vulnerabilities to be ignored among noisy reports. We present...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/30 12:0 a.m.10 views

How Code Representation Shapes False-Positive Dynamics in Cross-Language LLM Vulnerability Detection

How code representation format shapes false positive behaviour in cross-language LLM vulnerability detection remains poorly understood. We systematically vary training intensity and code representation format, comparing raw source text with pruned Abstract Syntax Trees at both training time and...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/29 1:13 p.m.168 views

WP-Plugin-Fuzzer-PoC-

wpgarlic A proof-of-concept WordPress plugin fuzzer that led t...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/29 12:0 a.m.24 views

Beyond Code Reasoning: A Specification-Anchored Audit Framework for Expert-Augmented Security Verification

Security-critical software is routinely audited by tools that reason about vulnerabilities as repository-local code patterns. Yet specification-governed systems -- protocol stacks, consensus implementations, cryptographic libraries -- are constrained by invariants and correctness conditions defin...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.25 views

EDySec: A Deep Learning-Based Explainable Dynamic Analysis Framework for Detecting Malicious Packages in PyPI Ecosystem

The security of open-source software repositories is increasingly threatened by next-gen software supply chain attacks. These attacks include multiphase malware execution, remote access activation, and dynamic payload generation. Traditional Machine Learning ML detectors struggle to detect these...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.10 views

Detecting Avalanche Effect in Adversarial Settings: Spotting the Encryption Loops in Ransomware

Spotting encryption loops in binary-only ransomware is a critical reverse engineering task. Since the existence of avalanche effect, an intrinsic characteristic of any secure encryption algorithms, is unavoidable during a victim data encryption attack, it is a very promising direction to spot...

5.4AI score
Exploits0
Rows per page
Query Builder