haiku-rag (>=0.27.0 <=0.44.0), haiku-rag-slim (>=0.27.0 <=0.44.0) +3 more potentially affected by CVE-2026-44019 via docling-core (>=2.60.1 <=2.74.0)

docling-core PYPI version =2.60.1, =0.27.0, =0.27.0, =0.2.0, =0.42.0, =0.65.0 Source cves: CVE-2026-44019 Source advisory: SNYK:PYTHON-DOCLINGCORE-17151737...

haiku-rag (>=0.27.0 <=0.44.0), haiku-rag-slim (>=0.27.0 <=0.44.0) +3 more potentially affected by CVE-2026-44019 via docling-core (>=2.60.1 <=2.74.0)

docling-core PYPI version =2.60.1, =0.27.0, =0.27.0, =0.2.0, =0.42.0, =0.65.0 Source cves: CVE-2026-44019 Source advisory: OSV:GHSA-J5XP-7M2F-49JV...

haiku-rag (>=0.19.2 <=0.33.0), iatoolkit (>=1.40.0 <=1.42.0) +18 more potentially affected by CVE-2026-44020 via docling (>=2.17.0 <=2.73.1)

docling PYPI version =2.17.0, =0.19.2, =1.40.0, =0.1.0, =0.2.1, =0.6.1, =0.4.0, =1.0.0, =0.1.29, =0.3.1, =0.10.0, =0.2.1, =0.2.6 and more Source cves: CVE-2026-44020 Source advisory: SNYK:PYTHON-DOCLING-17151850...

auto-survey (>=0.1.0 <=0.2.4), gptparse (=0.3.0) +12 more potentially affected by CVE-2026-44018 via docling (>=2.51.0 <=2.90.0)

docling PYPI version =2.51.0, =0.1.0, =0.19.2, =1.40.0, =0.6.2, =0.0.1, =0.3.0, =1.0.0, =1.6.2, =1.6.2, =0.0.1, =0.0.2 Source cves: CVE-2026-44018 Source advisory: OSV:GHSA-R3XG-RG9J-67FV...

auto-survey (>=0.1.0 <=0.2.4), gptparse (=0.3.0) +5 more potentially affected by CVE-2026-44016 via docling (>=2.87.0 <=2.90.0)

docling PYPI version =2.87.0, =0.1.0, =0.40.0, =0.6.2, =0.0.1, =0.0.1, =0.0.2 Source cves: CVE-2026-44016 Source advisory: SNYK:PYTHON-DOCLING-17151857...

haiku-rag (>=0.19.2 <=0.33.0), iatoolkit (>=1.40.0 <=1.42.0) +19 more potentially affected by CVE-2026-31247 via docling (>=2.10.0 <=2.73.1)

docling PYPI version =2.10.0, =0.19.2, =1.40.0, =0.1.0, =0.2.1, =0.6.1, =1.0.1, =0.4.0, =1.0.0, =0.1.29, =0.3.1, =0.10.0, =0.11.2 and more Source cves: CVE-2026-31247 Source advisory: SNYK:PYTHON-DOCLING-16757962...

Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense

Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...

Vulnerability Detection with Interprocedural Context in Multiple Languages: Assessing Effectiveness and Cost of Modern LLMs

Large Language Models LLMs have been a promising way for automated vulnerability detection. However, most prior studies have explored the use of LLMs to detect vulnerabilities only within single functions, disregarding those related to interprocedural dependencies. These studies overlook...

OPENSUSE-SU-2025:20119-1 Security update for tcpreplay

This update for tcpreplay fixes the following issues: - update to 4.5.2: features added since 4.4.4 - fix/recalculate header checksum for ipv6-frag - IPv6 frag checksum support - AFXDP socket support - tcpreplay -w write into a pcap file - tcpreplay --fixhdrlen - --include and --exclude options -...

Fedora 39 : tcpreplay (2024-740d26aaf7)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-740d26aaf7 advisory. Announcing v4.5.1 This release contains contributions from a record number of new contributors. This is greatly appreciated since I am a team of one, and do...

haiku-restaurant.it Improper Access Control vulnerability OBB-3840715

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

haiku-first.eu Improper Access Control vulnerability OBB-3824606

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Tuxera NTFS-3G out-of-bounds read vulnerability

NTFS-3G is a stable, full-featured, read-write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. NTFS-3G versions prior to 2021.8.22 are vulnerable to an out-of-bounds read vulnerability. The vulnerability stems from an invalid...

Tuxera NTFS-3G integer overflow vulnerability

NTFS-3G is a stable, full-featured, read-write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. memmove in versions prior to NTFS-3G 2021.8.22 is vulnerable to integer overflow vulnerability. An attacker can exploit this vulnerabilit...

Tuxera NTFS-3G out-of-bounds read vulnerability (CNVD-2021-72263)

NTFS-3G is a stable, full-featured, read/write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. ntfsrunlistsmergei in versions prior to NTFS-3G 2021.8.22 is vulnerable to an out-of-bounds read. runlistsmergei is vulnerable to...

Tuxera NTFS-3G null pointer dereference vulnerability

NTFS-3G is a stable, full-featured, read/write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. ntfs extentinodeopen is vulnerable to a null pointer dereference. An attacker could exploit the vulnerability to cause null pointer...

January 25, 2018 – Morning Cyber Coffee Headlines – “Poetry” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! January 25, 2018 - Headlines Carbon Black in the News: Wall Street to grill Int...

Pe 2.4.3 Buffer Overflow Exploit

Pe versions 2.4.3 and below suffer from a stack-based local buffer overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Program: Pe - Haiku OS Tested on: Haiku OS Alpha x86 Description: Pe v2.4.3 and prior is prone to a stack-based buffe...

WordPress Haiku Minimalist Audio Player Plugin <= 1.1.0 - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability in jPlayer.swf. Solution Update the plugin...

haiku-minimalist-audio-player <= 1.1.0 - jPlayer.swf XSS

The haiku-minimalist-audio-player WordPress plugin was affected by a jPlayer.swf XSS security vulnerability...