705 matches found
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that goes off every time you burn a piec...
CVE-2025-61971
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...
PT-2026-40785
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where any user with Editor permissions can delete any snapshot, regardless of whether they have the necessary read or write access to those...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the idna.encode function when processing very large domain name inputs that exploit the validcontexto function before length validation. This is triggered by arbitrarily large inputs th...
CVE-2026-34263
SAP Commerce Cloud is affected by CVE-2026-34263 due to a Spring Security misconfiguration that allows an unauthenticated user to upload malicious configuration and inject code, enabling arbitrary server-side code execution. The entry states high impact to Confidentiality, Integrity, and Availabi...
Behavioral Integrity Verification for AI Agent Skills
Agent skills extend LLM agents with privileged third-party capabilities such as filesystem access, credentials, network calls, and shell execution. Existing safety work catches malicious prompts and risky runtime actions, but the skill artifact itself goes unverified. We formalize this as the...
MINI-2RQ6-FPRH-HM8P
Bulletin has no description...
CVE-2026-42880
A flaw was found in Argo CD, a GitOps continuous delivery tool for Kubernetes. A missing authorization and data-masking gap in the ServerSideDiff endpoint allows an attacker with read-only access to extract sensitive Kubernetes Secret data. This information disclosure occurs by leveraging the...
MINI-6MXV-28X9-257P
Bulletin has no description...
The Authorization-Execution Gap Is a Major Safety and Security Problem in Open-World Agents
This position paper argues that the Authorization-Execution Gap AEG is a major safety and security problem in open-world agents. The AEG is the divergence between what a principal intends to authorize and what an open-world agent ultimately executes. Because such agents act autonomously across...
EUVD-2026-28897
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpoints under /api/templates in Arcane's Huma backend are registered without any Security requirement, allowing any unauthenticated network client to list and read the full...
CVE-2026-42461
Arcane (Huma backend) has an unauthenticated information disclosure vulnerability prior to version 1.18.0. Four GET endpoints under /api/templates* (list, all, specific, and content) were registered without any Security requirement, enabling unauthenticated network clients to read full Compose YA...
HCL BigFix WebUI 安全漏洞
HCL BigFix WebUI is a web-based administration page from HCL India. A security vulnerability exists in HCL BigFix WebUI, which stems from an authorization gap that could result in an authenticated user without appropriate privileges accessing an unauthorized page to view sensitive environmental...
GHSA-QWFW-GGXW-577C ex_webrtc client-role handshake is missing DTLS peer fingerprint validation
Summary Missing DTLS peer certificate fingerprint validation in the DTLS client active role removes one side of WebRTC's mutual authentication. The bug is not independently exploitable for media interception in standard deployments, but enables a full man-in-the-middle attack when chained with...
Can I Check What I Designed? Mapping Security Design DSLs to Code Analyzers
When assessing the potential impact of code-level vulnerabilities, e.g., discovered by automated analyzers, it is essential to consider them in the context of the system's security design. However, this is a challenging task due to the abstraction gap between security design, often specified usin...
An Automated Framework for Cybersecurity Policy Compliance Assessment against Security Control Standards
Organizational cybersecurity policies are often examined to determine whether they adequately comply standard security controls. This task is difficult because control statements are abstract, whereas policy documents describe governance practices in varied natural language. As a result,...
CVE-2026-42880
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...
GHSA-438Q-JX8F-CCCV Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers
CVE-2026-44500: Allocation Amplification in Inbound Network Deserializers Summary Several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter protocol or consensus limits were enforced. An unauthenticated or...
Cryptographic and Information-Theoretic Security Capacities for General Arbitrarily Varying Wiretap Channels
We compare the strong secrecy capacities of Arbitrarily Varying Wiretap Channels AVWCs and General Arbitrary Varying Wiretap Channels GAVWCs with their capacities under semantic secrecy constraint and other equivalent cryptographic secrecy constraints. It turns out that the average error and stro...
ssrfcheck Vulnerable to Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs
Summary ssrfcheck v1.3.0 latest fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser built into Node.js silently normalizes the IPv4 notation inside the brackets to...