Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded yesterday8 views

PT-2026-46251

A flaw has been found in LMCache up to 0.4.6. This affects the function hex hash to int16 of the file lmcache/integration/vllm/utils.py of the component KV Cache Handler. Executing a manipulation can lead to use of weak hash. The attack needs to be launched locally. The attack requires a high lev...

3.6CVSS5.1AI score
Exploits0References8
GithubExploit
GithubExploitadded 2026/05/17 6:52 p.m.63 views

kv-cache-side-channel-poc

KV Cache Side-Channel: Cross-Tenant Timing Oracle Proof of co...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2025/11/27 12:0 a.m.5 views

CacheTrap: Injecting Trojans in LLMs without Leaving Any Traces in Inputs or Weights

Adversarial weight perturbation has emerged as a concerning threat to LLMs that either use training privileges or system-level access to inject adversarial corruption in model weights. With the emergence of innovative defensive solutions that place system- and algorithm-level checks and correctio...

6.9AI score
Exploits0
OSV
OSVadded 2025/11/18 9:32 p.m.3 views

GHSA-7XCV-9J6C-2FMC Modular Max Serve has Unsafe Deserialization vulnerability

Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code...

9.3CVSS7.4AI score0.00076EPSS
Exploits1References8
Packet Storm News
Packet Storm Newsadded 2025/11/16 12:0 a.m.3 views

Whose Narrative Is It Anyway? A KV Cache Manipulation Attack

The Key ValueKV cache is an important component for efficient inference in autoregressive Large Language Models LLMs, but its role as a representation of the model's internal state makes it a potential target for integrity attacks. This paper introduces "History Swapping," a novel block-level...

6.3AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2025/08/12 12:0 a.m.2 views

Shadow in the Cache: Unveiling and Mitigating Privacy Risks of KV-Cache in LLM Inference

The Key-Value KV cache, which stores intermediate attention computations Key and Value pairs to avoid redundant calculations, is a fundamental mechanism for accelerating Large Language Model LLM inference. However, this efficiency optimization introduces significant yet underexplored privacy risk...

7AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2025/08/11 12:0 a.m.1 views

Selective KV-Cache Sharing to Mitigate Timing Side-Channels in LLM Inference

Global KV-cache sharing has emerged as a key optimization for accelerating large language model LLM inference. However, it exposes a new class of timing side-channel attacks, enabling adversaries to infer sensitive user inputs via shared cache entries. Existing defenses, such as per-user isolatio...

6.6AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2025/04/29 12:0 a.m.3 views

CachePrune: Neural-Based Attribution Defense against Indirect Prompt Injection Attacks

Large Language Models LLMs are identified as being susceptible to indirect prompt injection attack, where the model undesirably deviates from user-provided instructions by executing tasks injected in the prompt context. This vulnerability stems from LLMs' inability to distinguish between data and...

7.2AI score
Exploits0
Rows per page
Query Builder