CVE-2026-3893

The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions without needing credentials...

PT-2026-34742

TRC analysis shows attackers exploiting CVE-2026-3893 in Carlson VASCO-B GNSS receivers to gain unauthenticated access, then escalating privileges and moving laterally through manufacturing networks. Runtime segmentation could help contain post-compromise activity in critical infrastructure...

CI4MS: Methods Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Methods Management Fields Global Persistent Payload Execution - Stored Cross-Site Scripting via Unsanitized Method Creation and Management Inputs - Automatic Execution Across All Pages Where Method Is Rendered in Navigation Description The application fai...

GHSA-V77R-XG3P-75G7 CI4MS: Methods Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Methods Management Fields Global Persistent Payload Execution - Stored Cross-Site Scripting via Unsanitized Method Creation and Management Inputs - Automatic Execution Across All Pages Where Method Is Rendered in Navigation Description The application fai...

CVE-2026-34558

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input within the Methods Management functionality when creating or...

Cross-site Scripting (XSS)

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Methods Management process. An attacker can execute arbitrary JavaScript code in the context of administrative interfaces and global...

GNSS SpAmming: A Spoofing-Based GNSS Denial-Of-Service Attack

GNSSs are vulnerable to attacks of two kinds: jamming i.e. denying access to the signal and spoofing i.e. impersonating a legitimate satellite. These attacks have been extensively studied, and we have a myriad of countermeasures to mitigate them. In this paper we expose a new type of attack:...

MAL-2026-139 Malicious code in rt-global-nav (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02bd8de33c5be198041c736003639439fad9b5df269d489cc4ab29b59191cab7 The package rt-global-nav was found to contain malicious code. Source: ghsa-malware e72ac5f9f497c4ba74c3c745f0cbfce94d7acf109ca98ff38f916fd8afa59e0f...

Leica Geosystems GNSS 安全漏洞

Leica Geosystems GNSS is a line of mapping equipment from Leica Germany. A security vulnerability exists in Leica Geosystems GNSS version 4.30.063, which stems from the presence of stored cross-site scripting in the configuration file upload function that could lead to the execution of arbitrary...

CVE-2025-20747

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443; Issue ID: MSV-3966...

Meta-Learning Based Radio Frequency Fingerprinting for GNSS Spoofing Detection

The rapid development of technology has led to an increase in the number of devices that rely on position, velocity, and time PVT information to perform their functions. As such, the Global Navigation Satellite Systems GNSS have been adopted as one of the most promising solutions to provide PVT...

Coordinated Position Falsification Attacks and Countermeasures for Location-Based Services

With the rise of location-based service LBS applications that rely on terrestrial and satellite infrastructures e.g., GNSS and crowd-sourced Wi-Fi, Bluetooth, cellular, and IP databases for positioning, ensuring their integrity and security is paramount. However, we demonstrate that these...

CVE-2025-20722

In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920036; Issue ID: MSV-3798...

CVE-2025-20723

In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920033; Issue ID: MSV-3797...

Authentication Security of PRF GNSS Ranging

This work derives the authentication security of pseudorandom function PRF GNSS ranging under multiple GNSS spoofing models, including the Security Code Estimation and Replay SCER spoofer. When GNSS ranging codes derive from a PRF utilizing a secret known only to the broadcaster, the spoofer cann...

A GPS Blackout Would Shut Down the World

GPS jamming and spoofing attacks are on the rise. If the global navigation system the US relies on were to go down entirely, it would send the world into unprecedented chaos...

The unexpected effects of GPS spoofing on aviation safety

GPS is one service in the Global Navigation Satellite System GNSS. Others include Russia’s GLONASS and the EU’s Galileo constellations. These are all used to provide Position, Navigation, and Timing PNT to civilian users including commercial aircraft. GPS was actually designed to have military...

PT-2024-27995 · Qualcomm · Qualcomm Snapdragon Auto

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Description: The issue is related to memory corruption during the GNSS HAL process initialization. Recommendations: At the moment, there is no information about a newer version that...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption during the initialization of the GNSS HAL process...

CVE-2023-32817

In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035...