3782 matches found
PT-2026-48350
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esp tee component exposes secure-service wrappers in esp secure services.c and esp secure services iram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware...
EUVD-2026-35457
Authenticated administrators connected to the local network can modify router functionality beyond what is intended through the standard management interface...
CVE-2026-9210 Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...
Microsoft Visual Studio Code 输入验证错误漏洞
Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a vulnerability related to input validation. Attackers can exploit this vulnerability to bypass certain features...
Microsoft Windows Secure Boot 访问控制错误漏洞
Microsoft Windows Secure Boot is a security boot mechanism developed by Microsoft Corporation. There is an access control error vulnerability in Microsoft Windows Secure Boot. Attackers can exploit this vulnerability to bypass certain features. The following products and versions are affected:...
Microsoft Office Excel 安全漏洞
Microsoft Office Excel is a spreadsheet software developed by Microsoft and open source. There are security vulnerabilities in Microsoft Office Excel. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Microsoft 365 Apps for...
Microsoft Windows 安全漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows UEFI. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Windows 11...
PT-2026-48105
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally, which can affect the system. Recommendations At the moment, there is ...
defi-exploit-pipeline
DeFi Exploit Pipeline Pipeline otomatis untuk menganalisis sm...
SUSE CVE-2023-43633
On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system's configuration, which also includes some debug functions...
CVE-2026-10800
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-3646
The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to missing authentication, authorization, and nonce verification on a standalone PHP file that...
CVE-2026-8938
The auto making JSON-LD plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the amJLcertification function. This makes it possible for unauthenticated attackers to update the plugin's...
Rethinking IoT Intrusion Detection: Augmenting Routing Metrics with Radio Features
Machine learning-based intrusion detection systems IDS for RPL-based IoT networks often rely solely on routing layer features, which provide only a partial view of network behaviour. In this work, we investigate whether incorporating Transmit TX and Receive RX radio features alongside the standar...
CVE-2026-5228
Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...
kernel: Bluetooth: hci_sync: Fix UAF in le_read_features_complete
A flaw was found in the Bluetooth Host Controller Interface HCI synchronization module hcisync of the Linux kernel. A use-after-free UAF vulnerability exists in the lereadfeaturescomplete function, where a freed hciconn object is accessed. This can allow an attacker to cause a system crash, leadi...
CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10800
The CVE-2026-10800 entry concerns PaddlePaddle FastDeploy up to 2.4.1, specifically the MultimodalHasher component’s hasher.py hash_features function. The weakness can allow manipulation that leads to the use of a weak hash, with exploitation requiring local access and carries a high attack compl...
EUVD-2026-34239
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
MalTree: Tracing Malware Evolution from Embeddings at Scale
Malware detection remains largely reactive: machine learning models trained on known samples degrade as threats evolve. Understanding evolutionary relationships among malware families can inform proactive defense, but traditional reverse engineering can take months to years to uncover such lineag...