PickleFuzzer: A Case Study in Fuzzing for Discrepancies between Python Pickle Implementations

Python's native serialization protocol, pickle, is a powerful but insecure format for transferring untrusted data. It is frequently used, especially for saving machine learning models, despite known security challenges. While developers sometimes mitigate this risk by restricting imports during...

Universal Tool Calling Protocol 安全漏洞

Universal Tool Calling Protocol is an official Python implementation of the UTCP open-source protocol. Versions prior to 1.1.3 of Universal Tool Calling Protocol contained security vulnerabilities; these vulnerabilities stemmed from the prepareenvironment method passing complete environment...

PT-2026-41094

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.168 Description An inappropriate implementation in Downloads allows an attacker to perform UI spoofing via a crafted Chrome Extension, provided they can convince a user to install a malicious...

Universal Tool Calling Protocol 代码问题漏洞

Universal Tool Calling Protocol is an official Python implementation of the UTCP open-source protocol. Versions prior to 1.1.3 of Universal Tool Calling Protocol had code vulnerabilities, which stemmed from inconsistent trust boundaries and could lead to man-in-the-middle server request forgery...

PT-2026-41085

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An inappropriate implementation in ANGLE Almost Native Graphics Layer Engine, an abstraction layer that translates WebGL calls to native graphics APIs allows a remote attacker who has...

CVE-2026-41103

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.168 contained security vulnerabilities, which were caused by improper implementation of Views. These vulnerabilities could allow remote attackers to execute UI spoofing through...

Snappier 安全漏洞

Snappier is a pure C version of the Google Snappy compression algorithm developed by Brant Burnett. Versions prior to Snappier 1.3.1 contained a security vulnerability; this vulnerability stemmed from the inability to escape an infinite loop that occurred when SnappierStream decompressed Snappy...

Behavioral Integrity Verification for AI Agent Skills

Agent skills extend LLM agents with privileged third-party capabilities such as filesystem access, credentials, network calls, and shell execution. Existing safety work catches malicious prompts and risky runtime actions, but the skill artifact itself goes unverified. We formalize this as the...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 "Copy Fail" - Research & Pentesting Tool !Li...

CVE-2026-8022

An inappropriate implementation flaw was found in the MHTML component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499194407...

CVE-2026-8015

An inappropriate implementation flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497548558...

CVE-2026-8014

An inappropriate implementation flaw was found in the Preload component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497490364...

CVE-2026-8008

An inappropriate implementation flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496426191...

CVE-2026-7999

An inappropriate implementation flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493099941...

CVE-2026-7994

An inappropriate implementation flaw was found in the Chromoting component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499116954...

CVE-2026-7979

An inappropriate implementation flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497849876...

CVE-2026-7978

An inappropriate implementation flaw was found in the Companion component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497828892...

CVE-2026-7977

An inappropriate implementation flaw was found in the Canvas component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497821223...

CVE-2026-7939

An inappropriate implementation flaw was found in the SanitizerAPI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=492963096...