IMVU-Exploits

IMVU Exploits IMVU Classic Client v3.6.15 - Complete exploita...

OSV-2026-788 UNKNOWN READ in Mat_VarGetStructsLinear

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=515086854 Crash type: UNKNOWN READ Crash state: MatVarGetStructsLinear matiostructcellfuzzer.cpp...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/intel: Fixed an access error when accessing the IA32PMCxCFGB MSRs. When running perffuzzer on PTL, sometimes the “unchecked MSR access error” is observed when accessing the IA32PMCxCFGB MSRs. 55.611268 Unchecked MSR...

FuzzingBrain V2: A Multi-Agent LLM System for Automated Vulnerability Discovery and Reproduction

Software vulnerabilities pose critical security threats, with nearly 50,000 CVEs reported in 2025. While Large Language Models LLMs show promise for automated vulnerability detection, three key challenges remain. First, LLM-generated vulnerability reports suffer from high false positive rates and...

Continuous Discovery of Vulnerabilities in LLM Serving Systems with Fuzzing

LLM inference and serving systems have become security-critical infrastructure; however, many of their most concerning failures arise from the serving layer rather than from model behavior alone. Modern inference engines combine KV cache, batching, prefix sharing, speculative decoding, adapters,...

OSV-2026-699 Use-of-uninitialized-value in Mat_VarGetSize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=510360595 Crash type: Use-of-uninitialized-value Crash state: MatVarGetSize MatioRead matiofuzzer.cpp...

Astra Linux - уязвимость в linux

In intelpmudrainpebsnhm in arch/x86/events/intel/ds.c of the Linux kernel, up to version 5.11.8 on some Haswell CPUs, user-space applications such as perf-fuzzer can cause a system crash due to improper handling of the PEBS status in a PEBS record, also known as CID-d88d05a9e0b6...

WP-Plugin-Fuzzer-PoC-

wpgarlic A proof-of-concept WordPress plugin fuzzer that led t...

JLSEC-2026-194

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function SkipSpaces in the library assimp/include/assimp/ParsingUtils.h. The manipulation leads to out-of-bounds read. Local access is required to approach this...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013186)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013186 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem i...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006970)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006970 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem i...

AppleSEPKeyStore Stress Tester / Fuzzer

This code is not a fully functional exploit, but rather a concurrency stress test and race-condition trigger targeting the Apple Secure Enclave key management driver AppleSEPKeyStore...

GHSA-3H9H-QFVW-98HQ OpenEXR Makes Use of Uninitialized Memory

Summary While fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on uninitialized data inside genericunpack. This indicates a use of uninitialized memory CWE-457. The issue is reproducible with the current OSS-Fuzz harness and a single-file PoC. Details Environment: -...

OESA-2026-1762 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1...

kernel: bpf: Don't use tnum_range on array range checking for poke descriptors

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

WAV Fuzzer 1.0

This script is a fuzzer tool for WAV file processing programs that targets memory corruption vulnerabilities...

On the Effectiveness of Mutational Grammar Fuzzing

Posted by Ivan Fratric Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar that describes the structure of the samples. When a sample gets mutated, the mutations happen in such a way that any resulting samples still adhere to the grammar rules, thus the...

OSV-2026-121 Use-of-uninitialized-value in trySubset

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=477657796 Crash type: Use-of-uninitialized-value Crash state: trySubset hb-subset-fuzzer.cc...

GHSA-5VX3-WX4Q-6CJ8 ImageMagick has a NULL pointer dereference in MSL parser via <comment> tag before image load

Summary NULL pointer dereference in MSL Magick Scripting Language parser when processing tag before any image is loaded. Version - ImageMagick 7.x tested on current main branch - Commit: HEAD Steps to Reproduce Method 1: Using ImageMagick directly bash magick MSL:poc.msl out.png Method 2: Using...

OSV-2026-91 Use-after-poison in compress.cc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476224483 Crash type: Use-after-poison READ 1 Crash state: compress.cc LLVMFuzzerRunDriver selfdestruct...