Hijacking Agent Memory: Stealthy Trojan Attacks through Conversational Interaction

Large language model LLM agents increasingly leverage long term memory to support persistent and autonomous task execution. However, this capability also introduces a new attack surface: memory poisoning, where adversaries can inject malicious information to influence future behavior. Existing...

OESA-2026-2220 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads wi...

CVE-2025-14857

CVE-2025-14857 affects Semtech LoRa LR11xxx transceivers on early firmware versions. The flaw is an improper access control: memory write via the physical SPI interface does not enforce write protection on the program call stack, enabling overwriting of stack memory and limited arbitrary code exe...

MiracleLinux 7 : microcode_ctl-2.1-29.16.el7 (AXEA:2018-3321:06)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXEA:2018-3321:06 advisory. - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002009)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002009 advisory. The scosockbind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive...

Linux Distros Unpatched Vulnerability : CVE-2021-3491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin...

CVE-2025-31173

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

OESA-2024-2568 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Integer Underflow Wrap or Wraparound vulnerability in Renesas arm-trusted-firmware. An integer underflo...

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. Recen...

CVE-2023-41981

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

CVE-2023-38236

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

SUSE CVE-2017-7064

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-rea...

PHP PHP_INI_SYSTEM Ineffective Controls Vulnerability

Security controls configured via php.ini directives at the PHPINISYSTEM level are ineffective as they could be bypassed by malicious scripts via writing their own process memory on the Linux platform. Proof of concept code included. "PHP is a popular general-purpose scripting language that is...

Apple macOS High Sierra Intel Graphics Driver Out-of-Bounds Read Vulnerability (CNVD-2018-00334)

Apple macOS High Sierra is a dedicated operating system developed by Apple for Mac computers.Intel Graphics Driver is one of the drivers for the graphics card. A security vulnerability exists in the Intel Graphics Driver component of Apple macOS High Sierra versions prior to 10.13.2. An attacker...

Kernel Security Bypass Vulnerability in Multiple Apple Products (CNVD-2018-00179)

Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. macOS High Sierra is a specialized operating system developed for Mac computers. tvOS is a smart TV operating system. watchOS is a smart watch operating system...

Apple macOS High Sierra QuickTime Address Bar Deception Vulnerability

Apple macOS High Sierra is a proprietary operating system developed by Apple Inc. for Mac computers.QuickTime is one of the multimedia playback components. A security vulnerability exists in the QuickTime component of Apple macOS High Sierra versions prior to 10.13.1. An attacker can exploit this...

Kernel Security Bypass Vulnerability in Multiple Apple Products (CNVD-2017-16876)

Apple iOS, macOS Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; watchOS is a smartwatch operating system. kernel is a kernel component. The Kernel is one of the kernel components. A security vulnerability exists in the Kernel...

DEBIAN-CVE-2017-7064

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-rea...

CVE-2017-7029

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a...

UBUNTU-CVE-2017-7064

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-rea...