Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm News
Packet Storm Newsadded 2026/06/09 12:0 a.m.5 views

A Bayesian Network Approach for Enhancing Security-Focused Decision Support Systems

The adoption and integration of heterogeneous stacks in most of today's open-source based networks brings clear benefits like interoperability and availability of advanced features. Yet, on the other hand the increasing number of interconnecting components and moving parts requires maintaining an...

5.5AI score
Exploits0
EUVD
EUVDadded 2025/10/03 8:7 p.m.7 views

EUVD-2025-23049

Malicious code in bioql PyPI...

9.9CVSS6.3AI score0.11114EPSS
Exploits1References3
Huntr
Huntradded 2025/10/02 4:18 a.m.6 views

Integer Overflow lead to DOS in API `v2/models/<model-name>/infer`

This report is not public...

6.9AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2025/08/12 12:0 a.m.4 views

Shadow in the Cache: Unveiling and Mitigating Privacy Risks of KV-Cache in LLM Inference

The Key-Value KV cache, which stores intermediate attention computations Key and Value pairs to avoid redundant calculations, is a fundamental mechanism for accelerating Large Language Model LLM inference. However, this efficiency optimization introduces significant yet underexplored privacy risk...

7AI score
Exploits0
Cvelist
Cvelistadded 2025/07/01 1:16 p.m.14 views

CVE-2025-6920 Ai-inference-server: authentication bypass via unprotected inference endpoint in api

A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/ endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an authentication bypass. This vulnerability allows...

5.3CVSS0.00268EPSS
Exploits0References2
Packet Storm News
Packet Storm Newsadded 2025/05/23 12:0 a.m.6 views

An Attack to Break Permutation-Based Private Third-Party Inference Schemes for LLMs

Recent advances in Large Language Models LLMs have led to the widespread adoption of third-party inference services, raising critical privacy concerns. Existing methods of performing private third-party inference, such as Secure Multiparty Computation SMPC, often rely on cryptographic methods...

7AI score
Exploits0
CVE
CVEadded 2025/04/09 3:30 p.m.111 views

CVE-2025-32375

Summary: CVE-2025-32375 affects BentoML prior to version 1.4.8, due to an insecure deserialization in BentoML’s runner server. The vulnerability allows an attacker to craft POST requests with specific headers/parameters to execute arbitrary code on the server, giving initial access and informatio...

9.8CVSS9.2AI score0.43809EPSS
Exploits4References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/04/06 3:30 p.m.15 views

CVE-2025-27520

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution RCE vulnerability caused by insecure deserialization has been identified in the latest version v1.4.2 of BentoML. It allows any unauthenticated user to execute...

9.8CVSS8.4AI score0.43672EPSS
Exploits5References1
Rows per page
Query Builder