Lucene search
K

2990 matches found

NCSC
NCSC
added 2026/06/05 8:34 a.m.17 views

The vulnerability was exploited in SolarWinds Serv-U.

SolarWinds has identified a vulnerability in Serv-U. A malicious individual could exploit this vulnerability to cause a Denial-of-Service attack by sending a specially crafted POST message. SolarWinds has released a hotfix and published mitigation measures to address this vulnerability and preven...

7.5CVSS5.5AI score0.10659EPSS
Exploits2References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/05 12:0 a.m.26 views

VulnCheck KEV: CVE-2026-28318

SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update...

7.5CVSS5.5AI score0.10659EPSS
In wildExploits2References3
GithubExploit
GithubExploit
added 2026/06/04 8:54 p.m.82 views

exploit-labs

exploit-labs Companion code for the Windows-security blog at...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/06/04 7:14 p.m.20 views

Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us

In this article 1. Why the Taxonomy Needed Updating 2. Seven new failure modes 3. Operational findings: What red teaming showed 4. New mitigations 5. What to do this quarter When the Microsoft AI Red Team published the Taxonomy of Failure Modes in Agentic AI Systems in April 2025, the goal was a...

8.8CVSS5.8AI score0.08016EPSS
Exploits5
Microsoft Secure
Microsoft Secure
added 2026/06/04 7:14 p.m.10 views

Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us

In this article 1. Why the Taxonomy Needed Updating 2. Seven new failure modes 3. Operational findings: What red teaming showed 4. New mitigations 5. What to do this quarter When the Microsoft AI Red Team published the Taxonomy of Failure Modes in Agentic AI Systems in April 2025, the goal was a...

8.8CVSS7.2AI score0.08016EPSS
Exploits5
EUVD
EUVD
added 2026/06/04 2:5 p.m.16 views

EUVD-2026-34268

SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update...

7.5CVSS5.8AI score0.10659EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:5 p.m.9 views

CVE-2026-28318

SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update...

7.5CVSS5.8AI score0.10659EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2026/06/04 2:5 p.m.12 views

CVE-2026-28318 SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability

SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the update...

7.5CVSS5.8AI score0.10659EPSS
Exploits2References2
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.66 views

WebMCP Tool Surface Poisoning: Runtime Manipulation Attacks on LLM Agents

WebMCP is a newly emerging protocol that enables websites to expose tools directly to AI agents, bypassing traditional user interfaces and introducing new security risks. The dynamic exposure of agent-accessible tools in WebMCP expands the attack surface of web sessions, especially when third-par...

5.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/03 7:0 p.m.15 views

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow

Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...

5.8AI score
Exploits0Affected Software2
GithubExploit
GithubExploit
added 2026/06/02 11:39 a.m.258 views

Exploit for CVE-2026-46243

CIFSwitch Checker - CVE-2026-46243 Checker para Linux que p...

7.8CVSS5.8AI score0.00353EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/06/01 9:25 a.m.102 views

bastion-waf-simulator

BASTION — Web Application Firewall Simulator A real-time We...

6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/27 8:6 a.m.102 views

web-vulnerabilities-labs

Web Vulnerabilities Labs Notes techniques issues de labs web...

5.9AI score
Exploits0
NCSC
NCSC
added 2026/05/20 6:21 a.m.42 views

Vulnerabilities found in Microsoft Windows

Microsoft has published measures to address a vulnerability in Windows operating systems that could allow malicious individuals to access data encrypted via BitLocker. The vulnerability involves bypassing a security feature in Windows, known as “YellowKey”. A proof of concept is available that...

6.8CVSS6AI score0.01249EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in unbound

A vulnerability called “Non-Responsive Delegation Attack” NRDelegation Attack has been discovered in various DNS resolution software. The NRDelegation Attack operates by creating a malicious delegation with a significant number of non-responsive name servers. The attack begins by querying a...

7.5CVSS6.9AI score0.01293EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/srso: Added SRSO mitigation for Hygon processors. Added mitigation for the speculative return stack overflow vulnerability, which also exists on Hygon processors...

7.8CVSS5.7AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thermal/debugfs: Fixed two locking issues related to the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone before the...

5.5CVSS6.4AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cpu: Re-enable CPU mitigations by default for !X86 architectures. Rename the configuration for x86 to CPUMITIGATIONS, define it in the generic code, and apply it to all architectures except x86. A recent commit that turned...

5.5CVSS6.8AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in the Linux kernel’s EBPF verifier when handling internal data structures. Internal memory locations could be exposed to userspace. A local attacker with the permission to insert eBPF code into the kernel can exploit this vulnerability to leak internal kernel memor...

4.4CVSS6.7AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Do not perform the PV iret hypercall through the hypercall page. Instead of jumping to the Xen hypercall page to execute the iret hypercall, the required sequence is directly coded in the xen-asm.S file. This action is...

5.5CVSS6.5AI score0.00304EPSS
Exploits0References2
Rows per page
Query Builder