9590 matches found
CVE-2026-48128 Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step
Budibase is an open-source low-code platform. Prior to 3.39.0, the executeQuery automation step in Budibase accepts a queryId from automation step inputs and passes it directly to the query execution controller without additional validation. When combined with a REST datasource configured to targ...
CVE-2026-48128 Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step
Budibase is an open-source low-code platform. Prior to 3.39.0, the executeQuery automation step in Budibase accepts a queryId from automation step inputs and passes it directly to the query execution controller without additional validation. When combined with a REST datasource configured to targ...
CVE-2026-42459
CVE-2026-42459 documents an improper input validation flaw in free5GC UDM: the SDM (nudm-sdm) service does not validate the SUPI parameter in six GET handlers, allowing an unauthenticated attacker to inject control characters into SUPI. This can cause UDM to forward a malformed URL to UDR and ret...
Distributed AI Inference: Why Placement Is the New Bottleneck
In real AI systems, bottlenecks don't disappear, they move. Learn about why inference placement, not raw compute, is the decisive infrastructure question...
Critical: Red Hat Security Advisory: Red Hat Update Infrastructure 5.1 security update
The latest release of Red Hat Update Infrastructure. For more details, see the product documentation. Red Hat Update Infrastructure RHUI container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images. This release updates to the latest version...
Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
Overview Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-23865,...
S3C2 Summit 2025-07: Government Secure Supply Chain Summit
Software supply chains, while providing immense economic and software development value, are only as strong as their weakest link. Over the past several years, there has been an exponential increase in cyberattacks specifically targeting vulnerable links in critical software supply chains. The...
CVE-2026-3314
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
EUVD-2026-31795
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314
CVE-2026-3314 describes a missing password masking vulnerability in Hitachi Ops Center Analyzer (detail view and probe modules) and Hitachi Ops Center Analyzer viewpoint, plus Hitachi Infrastructure Analytics Advisor (Data Center Analytics, Analytics probe modules). Affected versions: Ops Center ...
CVE-2026-3314 Missing Password Masking in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314 Missing Password Masking in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
Batch Me If You Can: Coverage-Guided RPKI Fuzzing at Scale
The Resource Public Key Infrastructure RPKI has become essential to secure inter-domain routing. Despite its critical role, RPKI software remains largely untested beyond shallow parsing. Existing fuzzers, like AFL++ or libFuzzer, do not work well for RPKI as they assume a single, self-contained...
PT-2026-43189
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
Hitachi多款产品 安全漏洞
Hitachi Ops Center Analyzer, among others, are products of Hitachi, Ltd., a Japanese company. Hitachi Ops Center Analyzer is a data center management software. Hitachi Infrastructure Analytics Advisor is an IT operations intelligence platform, including Hitachi data center analysis capabilities...
USN-8296-2 linux-nvidia-tegra vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...
Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
From Frontier to Shadow AI: A Simmering Threat to Assurance and Security in Critical Infrastructure
Frontier AI systems, including large language models and emerging agentic AI tools, offer significant operational benefits but present unique challenges to critical infrastructure CI environments due to their non-deterministic and emergent properties. While formal adoption is inherently cautious...
Microsoft Azure Stack HCI 输入验证错误漏洞
Microsoft Azure Stack HCI is a hybrid product developed by Microsoft Corporation. It can host Windows and Linux VMs or containerized workloads along with their storage. There is an input validation vulnerability in Microsoft Azure Stack HCI, which stems from improper input validation. This...