12706 matches found
EUVD-2026-21804
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34867
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34867
CVE-2026-34867 is a double-free vulnerability in the multi-mode input system with availability impact. Documentation specifies a Local attack vector, Low privileges, and User Interaction required, but the connected documents do not provide specifics on affected products, versions, root cause, or ...
CVE-2026-34867
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34867
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34867
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...
Beyond RAG for Cyber Threat Intelligence: A Systematic Evaluation of Graph-Based and Agentic Retrieval
Cyber threat intelligence CTI analysts must answer complex questions over large collections of narrative security reports. Retrieval-augmented generation RAG systems help language models access external knowledge, but traditional vector retrieval often struggles with queries that require reasonin...
A Synthetic Conversational Smishing Dataset for Social Engineering Detection
Smishing SMS phishing has become a serious cybersecurity threat, especially for elderly and cyber-unaware individuals, causing financial loss and undermining user trust. Although prior work has focused on detecting smishing at the level of individual messages, real-world attackers often rely on...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A double-release vulnerability exists in the Huawei HarmonyOS multi-mode input system, which can be exploited by an attacker to cause an availability impact...
DeepGuard Secure Code Generation
Large Language Models LLMs for code generation can replicate insecure patterns from their training data. To mitigate this, a common strategy for security hardening is to fine-tune models using supervision derived from the final transformer layer. However, this design may suffer from a final-layer...
PT-2026-32237
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...
Webite-Security-Scanner
Webite-Security-Scanner A modular web...
OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)
...
SUSE CVE-2026-39860
Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds typically the Nix daemon running as root in multi-user installations by following symlinks during...
gramps-webapi: Zip Slip Path Traversal in Media Archive Import
Summary A path traversal vulnerability Zip Slip exists in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP file with directory-traversal filenames to write arbitrary files outside the intended temporary extraction directory on the...
The Increasing Role of AI in Vulnerability Research
At Wordfence, we run a bug bounty program that pays out mid-six figures per year to researchers in bug bounties for WordPress related vulnerabilities. Funding this research helps us improve security for the WordPress community overall, and helps us secure our customers by rolling out protection f...
Improper Authentication
github.com/zitadel/zitadel is vulnerable to improper authentication. The vulnerability is due to MFA being enforced only when explicitly required by policy, which allows an attacker to bypass additional authentication factors and exploit weaker single-factor sessions, potentially compromising...
Exploit for Deserialization of Untrusted Data in Facebook React
markdown Summary CVE-2025-55182 Scanner is a high-perfor...
EUVD-2026-21126
OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access...
Duplicate Advisory: OpenClaw Bypasses DM Policy Separation via Synology Chat Webhook Path Collision
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rqp8-q22p-5j9q This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that...