Lucene search
K

3802 matches found

Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.13 views

PT-2026-48974

Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description Cross site scripting can be triggered remotely via the manipulation of the todo data argument within the '/dashboard/add tod' endpoint of the Dashboard Interface component...

5.1CVSS4.7AI score0.00203EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.17 views

PT-2026-49000

Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description An SQL injection issue exists within the Payroll Invoice Module. The flaw is located in the Invoice function of the applicationcontrollersPayroll.php file, where improper...

6.5CVSS6.6AI score0.0025EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.20 views

PT-2026-48975

Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description A security flaw in the Projects Management Page component allows for remote cross-site scripting XSS, which is a technique where malicious scripts are injected into trusted...

5.1CVSS4.5AI score0.00203EPSS
Exploits0References9
Wired Threat Level
Wired Threat Level
added 2026/06/10 10:0 a.m.16 views

Amnesty International Warns That World Cup Fans Face Potential Human Rights Violations

The organization claims that the FIFA tournament could have impacts on the rights of local people and visiting soccer fans in all three host countries...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.17 views

Smarter Saboteurs, Better Fixers: Scaling and Security in Linear Multi-Agent Workflows

As LLM-based multi-agent systems MAS are deployed in the wild, the resilience of their collaboration structures against adversarial compromise becomes a critical safety concern. Attackers may leverage prompt-injection or jailbreaking to sabotage individual agents within MAS workflows, but the...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/09 11:59 a.m.11 views

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without...

9.8CVSS6.4AI score0.95645EPSS
Exploits11
The Hacker News
The Hacker News
added 2026/06/09 11:30 a.m.21 views

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.14 views

CVE-2026-11491

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/Allnotice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input as part of POST leads to cross site scripting. It...

4.8CVSS3.7AI score0.00223EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 7:16 a.m.20 views

CVE-2026-11491

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/Allnotice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input as part of POST leads to cross site scripting. It...

4.8CVSS0.00223EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 5:15 a.m.12 views

EUVD-2026-35022

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/Allnotice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input as part of POST leads to cross site scripting. It...

4.8CVSS3.6AI score0.00223EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 5:15 a.m.44 views

CVE-2026-11491

CodeAstro Human Resource Management System 1.0 is affected in the Notice Board Management component, file /notice/All_notice. The vulnerability is a cross-site scripting flaw triggered by manipulating the Notice Title with an input like in a POST. This allows remote exploitation with a publicly ...

4.8CVSS3.7AI score0.00223EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.17 views

The Human Vulnerabilities and Exploits (HVE) Framework

The cybersecurity community has invested over two decades in building standardized frameworks, the Common Vulnerabilities and Exposures CVE system, the Common Vulnerability Scoring System CVSS, and the Common Weakness Enumeration CWE to identify, classify, and remediate threats to digital...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.8 views

AI Assurance in UK Defence: Challenges in Operationalising JSP 936

This report examines practical challenges in operationalising JSP 936 Part 1 for AI assurance in UK Defence. Using a structured interpretive review of the directive's requirements, the analysis identifies eight thematic challenge areas adequacy of evidence and argument, management of human...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.22 views

PT-2026-47253

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All notice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input as part of POST leads to cross site scripting. I...

4.8CVSS3.8AI score0.00223EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

CodeAstro Human Resource Management System 跨站脚本漏洞

The CodeAstro Human Resource Management System is a human resource management system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Human Resource Management System has a cross-site scripting vulnerability. This vulnerability stems from incorrect handling of the Notice Title...

4.8CVSS4.3AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-38743

The authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in-the-Loop HITL and TaskInstance records: a logged-in Airflow user with read access to at least one DAG could retrieve HITL prompts including their request parameters and full TaskInstance details for DA...

4.3CVSS5.4AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.12 views

CVE-2026-10624

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS5AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.11 views

CVE-2026-34284

Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Human workflow 11g+. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS7.3AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.13 views

CVE-2026-34280

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Job Profile Manager. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS7.3AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.11 views

CVE-2026-34264

During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...

6.5CVSS5.4AI score0.00269EPSS
Exploits0References1
Rows per page
Query Builder