1517 matches found
Enhancing REST API Fuzzing with Access Policy Violation Checks and Injection Attacks
Due to their widespread use in industry, several techniques have been proposed in the literature to fuzz REST APIs. Existing fuzzers for REST APIs have been focusing on detecting crashes e.g., 500 HTTP server error status code. However, security vulnerabilities can have major drastic consequences...
penclaw
🦀 PenClaw AI-powered penetration testing CLI. One command...
OSV-2026-455 UNKNOWN READ in mkv::matroska_segment_c::TrackInit
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=495498906 Crash type: UNKNOWN READ Crash state: mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::TrackInit mkv::matroskasegmentc::ParseTrackEntry...
XSStrike 3.1.6
XSStrike is a cross site scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler. Instead of injecting payloads and checking it works like all the other tools do, XSStrike analyses the response...
Not All Tokens Are Created Equal: Query-Efficient Jailbreak Fuzzing for LLMs
Large Language ModelsLLMs are widely deployed, yet are vulnerable to jailbreak prompts that elicit policy-violating outputs. Although prior studies have uncovered these risks, they typically treat all tokens as equally important during prompt mutation, overlooking the varying contributions of...
Auditing MCP Servers for Over-Privileged Tool Capabilities
The Model Context Protocol MCP has emerged as a standard for connecting Large Language Models LLMs to external tools and data. However, MCP servers often expose privileged capabilities, such as file system access, network requests, and command execution that can be exploited if not properly...
Weaver: Fuzzing JavaScript Engines at the JavaScript-WebAssembly Boundary
The security of modern JavaScript JS engines is critical since they provide the primary defense mechanism for executing untrusted code on the web. The recent integration of WebAssembly Wasm has transformed these engines into complex polyglot environments, creating a novel attack surface at the...
CVE-2026-23265
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...
Hunting CUDA Bugs at Scale with cuFuzz
GPUs play an increasingly important role in modern software. However, the heterogeneous host-device execution model and expanding software stacks make GPU programs prone to memory-safety and concurrency bugs that evade static analysis. While fuzz-testing, combined with dynamic error checking tool...
American Fuzzy Lop plus plus 4.40c
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...
OSV-2026-386 Use-of-uninitialized-value in pcpp::byteArrayToHexString
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=491288647 Crash type: Use-of-uninitialized-value Crash state: pcpp::byteArrayToHexString pcpp::PacketTrailerLayer::toString FuzzTarget.cpp...
ChainFuzzer: Greybox Fuzzing for Workflow-Level Multi-Tool Vulnerabilities in LLM Agents
Tool-augmented LLM agents increasingly rely on multi-step, multi-tool workflows to complete real tasks. This design expands the attack surface, because data produced by one tool can be persisted and later reused as input to another tool, enabling exploitable source-to-sink dataflows that only...
RUSTSEC-2026-0037 Denial of service in Quinn endpoints
Receiving QUIC transport parameters containing invalid values could lead to a panic. Unfortunately the maintainers did not properly assess usage of unwrap calls in the transport parameters parsing code, and we did not have sufficient fuzzing coverage to find this issue. We have since added a...
Denial of service in Quinn endpoints
Receiving QUIC transport parameters containing invalid values could lead to a panic. Unfortunately the maintainers did not properly assess usage of unwrap calls in the transport parameters parsing code, and we did not have sufficient fuzzing coverage to find this issue. We have since added a...
Coverage-Guided Multi-Agent Harness Generation for Java Library Fuzzing
Coverage-guided fuzzing has proven effective for software testing, but targeting library code requires specialized fuzz harnesses that translate fuzzer-generated inputs into valid API invocations. Manual harness creation is time-consuming and requires deep understanding of API semantics,...
OSS-CRS: Liberating AIxCC Cyber Reasoning Systems for Real-World Open-Source Security
DARPA's AI Cyber Challenge AIxCC showed that cyber reasoning systems CRSs can go beyond vulnerability discovery to autonomously confirm and patch bugs: seven teams built such systems and open-sourced them after the competition. Yet all seven open-sourced CRSs remain largely unusable outside their...
Plasma
Plasma !Pythonhttps://img.shields.io/badge/python-3.10%2B-...
SemFuzz: A Semantics-Aware Fuzzing Framework for Network Protocol Implementations
Network protocols are the foundation of modern communication, yet their implementations often contain semantic vulnerabilities stemming from inadequate understanding of specification semantics. Existing gray-box and black-box testing approaches lack semantic modeling of protocols, making it...
Adobe SDK 1.7.1 2410 Overflow Analysis / Fuzzing Model
This Python script implements a comprehensive framework to model, detect, and analyze integer overflows in 32-bit arithmetic, particularly in the context of image memory allocation. The framework combines formal methods, stepwise arithmetic, symbolic execution, SMT-style constraint solving,...
Challenges and Design Considerations for Finding CUDA Bugs through GPU-Native Fuzzing
Modern computing is shifting from homogeneous CPU-centric systems to heterogeneous systems with closely integrated CPUs and GPUs. While the CPU software stack has benefited from decades of memory safety hardening, the GPU software stack remains dangerously immature. This discrepancy presents a...