19524 matches found
Operationalizing Cybersecurity Governance for Mitigation Planning with Attack-Path Modeling and Reinforcement Learning
We address a fundamental challenge in cybersecurity operations of translating governance frameworks into actionable mitigation decisions under realistic resource constraints. Frameworks such as the NIST Cybersecurity Framework CSF provide widely adopted measures of organizational maturity, but do...
Security Risks in Tool-Enabled AI Agents: A Systematic Analysis of Privileged Execution Environments
Tool-enabled AI agents are increasingly deployed in cloud-hosted environments and offered as services, where they perform side-effecting operations through privileged tools within execution environments. While such agents enable powerful automation, the security implications of hosting autonomous...
Updated thunderbird packages fix security vulnerabilities
Use-after-free in the DOM: Core & HTML component. CVE-2026-6746 Use-after-free in the WebRTC component. CVE-2026-6747 Uninitialized memory in the Audio/Video: Web Codecs component. CVE-2026-6748 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. CVE-2026-6749...
SUSE CVE-2026-43280
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on patindex to prevent OOB kernel read in madvise When user provides a bogus patindex value through the madvise IOCTL, the xepatindexgetcohmode function performs an array access without validating bounds...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
markdown 🧬 ROSN-LR5 – Kernel LPE PoC & Mitigation Toolkit...
CVE-2026-43003
A flaw was found in OpenStack ironic-python-agent IPA. The Ironic Python Agent sometimes executes the grub-install command from within a chroot environment of a deployed partition image. This allows an attacker, by providing a malicious image, to achieve arbitrary code execution within the system...
CVE-2026-40912
A flaw was found in Traefik, an HTTP reverse proxy and load balancer. This authentication bypass vulnerability allows an unauthenticated attacker to access protected content. The flaw occurs when the StripPrefixRegex middleware is used with authentication mechanisms such as ForwardAuth, BasicAuth...
CVE-2026-34354: Guardicore Local Privilege Escalation Vulnerability
Read the technical details of a security vulnerability CVE-2026-34354 in Akamai Guardicore Platform Agent for Windows — and get clear guidance on mitigation...
CVE-2026-43864
A flaw was found in mutt. This vulnerability, a null pointer dereference in the showsigsummary function, could allow an attacker to cause a denial of service. This occurs when processing specially crafted input related to signature summaries. Mitigation Mitigation for this issue is either not...
CVE-2026-37540
A flaw was found in OpenAMP. An integer overflow vulnerability exists in the ELF loader's firmware image parsing, specifically within elfloader.c. This flaw occurs when multiplying two attacker-controlled 16-bit values from the ELF header without proper overflow checking. On 32-bit embedded...
CVE-2026-6915
A flaw was found in MongoDB. An authenticated user could exploit an authorization flaw in the user management command. This allows them to make limited changes to authentication-related data associated with another user account. Such modifications could affect how authentication is performed for...
CVE-2026-43284
A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...
Exploit for Write-what-where Condition in Linux Linux_Kernel
Dirty Frag mitigation script This script: 1. Block...
SUSE CVE-2026-43261
In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB Branch History Buffer attack, which can be exploited to leak information through branch prediction side channels. This...
Webauthn has a User Verification Downgrade via Default-Open ClientOverridePolicy
Summary In version 5.3.0 of the Symfony bundle, Webauthn\Bundle\Policy\ClientOverridePolicy defaulted to allowing all client overrides, including userVerification. A client could send "userVerification": "discouraged" in the assertion or attestation options request to override a server-configured...
Exploit for CVE-2026-38360
CVE-2026-38360: Path Traversal in dash-uploader !CVEhttps...
BIT-KEYDB-2026-23631 redis-server Lua use-after-free may allow remote code execution
Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...
SUSE-SU-2026:1741-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues Updated to Mozilla Thunderbird 140.10.1: MFSA 2026-34 bsc1262230: - CVE-2026-6746: Use-after-free in the DOM: Core & HTML component. - CVE-2026-6747: Use-after-free in the WebRTC component. - CVE-2026-6748: Uninitialized memory in the...
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the GET /api/v1/stable/dags/tasks endpoint via improper tenant checks in the listTasksByDAGIds function. An attacker can access sensitive task metadata belonging to other tenants by...