Lucene search
K

4 matches found

CVE
CVE
added 2026/06/24 1:37 p.m.81 views

CVE-2026-12537

Summary (CVE-2026-12537) : The vulnerability affects Google Gemini CLI container launcher (versions prior to 0.39.1) and the run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms. It stems from improper neutralization in an OS command, enabling an unprivileged attacker ...

10CVSS6.3AI score0.00134EPSS
Exploits0References1Affected Software2
The Hacker News
The Hacker News
added 2026/06/24 12:48 p.m.22 views

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Cybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains. The "critical exploitable pattern" has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/20 12:0 a.m.6 views

Software Vulnerability Management in the Era of Artificial Intelligence: An Industry Perspective

Artificial Intelligence AI has revolutionized software development, particularly by automating repetitive tasks and improving developer productivity. While these advancements are well-documented, the use of AI-powered tools for Software Vulnerability Management SVM, such as vulnerability detectio...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/23 9:20 a.m.3 views

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub on Monday announced that it will be changing its authentication and publishing options "in the near future" in response to a recent wave of supply chain attacks targeting the npm ecosystem, including the Shai-Hulud attack. This includes steps to address threats posed by token abuse and...

6.7AI score
Exploits0
Rows per page
Query Builder