Lucene search
K

4506 matches found

Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.9 views

Pretraining Data Exposure in Large Language Models: A Survey of Membership Inference, Data Contamination, and Security Implications

Large Language Models LLMs have become the predominant paradigm in NLP, advancing both research and industry. As model sizes and pretraining data grow, concerns about Pretraining Data Exposure PDE increase due to the scale and opacity of training datasets. PDE refers to determining whether specif...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/20 12:16 p.m.7 views

CVE-2026-27405

Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpBookingly: from n/a through 1.2.9...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 12:16 p.m.11 views

EUVD-2026-31097

Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpBookingly: from n/a through 1.2.9...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 12:13 p.m.13 views

EUVD-2026-31095

Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Photo Gallery Final Tiles Grid: from n/a through 3.6.11...

4.3CVSS5.8AI score0.00206EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 12:11 p.m.6 views

CVE-2026-45443

Missing Authorization vulnerability in ADD-ONS.ORG PDF for Elementor Forms + Drag And Drop Template Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through 5.5.1...

5CVSS5.8AI score0.00194EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a memory leak in btrfsaddqgrouprelation, where the qgrouplist structure remains unleased after it is allocated by kzalloc. When btrfsaddqgrouprelation is called with invalid qgroup levels src = dst, the function...

6AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in OpenJPEG’s encoder, specifically in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can provide crafted inputs for the decomposition levels to cause a buffer overflow. The greatest threat of this vulnerability is to system availability...

5.5CVSS7.3AI score0.0161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In the SR-IOV environment, the value of pcietable-numoflinklevels will be 0, and numoflevels - 1 will cause an array index out of bounds...

7.8CVSS6.2AI score0.0026EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/19 10:54 a.m.9 views

CVE-2026-45442

Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a through 4.1.3...

4.3CVSS5.8AI score0.00238EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 10:54 a.m.13 views

EUVD-2026-30885

Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a through 4.1.3...

4.3CVSS5.8AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 8:53 a.m.8 views

BIT-MONGODB-2026-8200 Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.18 views

PT-2026-41876

Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a through 4.1.3...

4.3CVSS5.8AI score0.00238EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/15 6:45 a.m.10 views

CVE-2026-4094

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'adminhead' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Contributor-lev...

8.1CVSS5.7AI score0.00273EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/15 3:6 a.m.7 views

CVE-2025-54518

Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation...

7.3CVSS5.8AI score0.00258EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 6:16 p.m.27 views

CVE-2025-15023

Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Library Automation System: from v.19.5...

8.8CVSS0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:32 p.m.10 views

CVE-2026-25431 WordPress Hustle plugin <= 7.8.10.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 11:2 a.m.4 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 a.m.9 views

EUVD-2026-29392

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 9:16 a.m.14 views

CVE-2026-39432

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS0.00244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 7:49 a.m.7 views

CVE-2026-39432 WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.8AI score0.00244EPSS
Exploits0References1
Rows per page
Query Builder