2026-01 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5073457)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

KryptoPilot: An Open-World Knowledge-Augmented LLM Agent for Automated Cryptographic Exploitation

Capture-the-Flag CTF competitions play a central role in modern cybersecurity as a platform for training practitioners and evaluating offensive and defensive techniques derived from real-world vulnerabilities. Despite recent advances in large language models LLMs, existing LLM-based agents remain...

LINEture: Novel Signature Cryptosystem

We propose a novel digital signature cryptosystem that exploits the concept of the brute-force problem. To ensure the security of the cryptosystem, we employed several mechanisms: sharing a common secret for factorable permutations, associating permutations with the message being signed, and...

ZkRansomware: Proof-Of-Data Recoverability and Multi-Round Game Theoretic Modeling of Ransomware Decisions

Ransomware is still one of the most serious cybersecurity threats. Victims often pay but fail to regain access to their data, while also facing the danger of losing data privacy. These uncertainties heavily shape the attacker-victim dynamics in decision-making. In this paper, we introduce and...

CVE-2009-4192

Directory traversal vulnerability in dialog/filemanager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. dot dot in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2017-12647

XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title...

CVE-2019-2660

Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: Setup, Admin. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker wi...

CVE-2021-2198

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Setup, Admin. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

Knowledge-Driven Multi-Turn Jailbreaking on Large Language Models

Large Language Models LLMs face a significant threat from multi-turn jailbreak attacks, where adversaries progressively steer conversations to elicit harmful outputs. However, the practical effectiveness of existing attacks is undermined by several critical limitations: they struggle to maintain ...

CurricuLLM: Designing Personalized and Workforce-Aligned Cybersecurity Curricula Using Fine-Tuned LLMs

The cybersecurity landscape is constantly evolving, driven by increased digitalization and new cybersecurity threats. Cybersecurity programs often fail to equip graduates with skills demanded by the workforce, particularly concerning recent developments in cybersecurity, as curriculum design is...

CVE-2026-22539

CVE-2026-22539 describes an information disclosure in OCPP v1.6 where service interactions occur without authentication, allowing an attacker with protocol knowledge to obtain charger information. Red Hat, NVD, CVE List and other sources corroborate that the issue affects Efacec QC charging posts...

Vulnerable Python version used in Forcepoint One DLP Client

Overview A vulnerability in the Forcepoint One DLP Client allows bypass of the vendor-implemented Python restrictions designed to prevent arbitrary code execution. By reconstructing the ctypes FFI environment and applying a version-header patch to the ctypes.pyd module, an attacker can restore...

Rethinking Secure Semantic Communications in the Age of Generative and Agentic AI: Threats and Opportunities

Semantic communication SemCom improves communication efficiency by transmitting task-relevant information instead of raw bits and is expected to be a key technology for 6G networks. Recent advances in generative AI GenAI further enhance SemCom by enabling robust semantic encoding and decoding und...

Linux Distros Unpatched Vulnerability : CVE-2025-64520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can rea...

Threat Intelligence Driven IP Protection for Entrepreneurial SMEs

Entrepreneurial small to medium enterprises face significant cybersecurity challenges when developing valuable intellectual property IP. This paper addresses the critical gap in research on how E-SMEs can protect their IP assets from cybersecurity threats through effective threat intelligence and...

Bug-Bounty-and-Learning-Space

Bug Bounty & Learning Space A markdown backup of my personal...

CVE-2025-62761

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BasePress Knowledge Base documentation & wiki plugin – BasePress basepress allows Stored XSS.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through = 2.17.0.1...

CVE-2025-68992

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in xenioushk BWL Knowledge Base Manager bwl-kb-manager allows Stored XSS.This issue affects BWL Knowledge Base Manager: from n/a through = 1.6.3...

CVE-2025-62761

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BasePress Knowledge Base documentation & wiki plugin – BasePress basepress allows Stored XSS.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through = 2.17.0.1...

CVE-2025-62761 WordPress Knowledge Base documentation & wiki plugin – BasePress plugin <= 2.17.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BasePress Knowledge Base documentation & wiki plugin – BasePress basepress allows Stored XSS.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through = 2.17.0.1...