Lucene search
K

66 matches found

OSV
OSV
added 2026/07/02 5:18 p.m.4 views

GHSA-3RJW-M598-PQ24 Cmov/CmovEq on aarch64 can produce wrong results if high-bits of registers are set

Summary The aarch64 implementations of Cmov and CmovEq seem to assume that the high bits when loading a value of size smaller than a register into a register are zero-extended. However, this is not the case and these bits are unspecified. This can result in a left.cmovz&right, condition not movin...

6.9CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2026/07/02 4:58 p.m.4 views

GHSA-P39J-X9H5-Q66M OpenClaw: Embedded runner policy could be confused by provider aliases

Summary Embedded runner policy could be confused by provider aliases. In affected versions, a request using provider aliases could compare policy against an alias instead of the canonical provider identity. This advisory is scoped to the named feature and configuration. It does not change...

4.8CVSS5.9AI score0.00093EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: BPF: Narrow access to the pointer ctx fields is now rejected. The following BPF program, simplified from a syzkaller repro, causes a kernel warning: c r0 = u8 r1 + 169; exit; Here, the pointer field sk is located at offset 168 in...

5.5CVSS6.1AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2026/06/18 8:13 p.m.6 views

GHSA-FCVX-5CXC-V5P8 OpenClaw: Slack reaction events could ignore reaction notification settings

Summary Slack reaction events could ignore reaction notification settings. In affected versions, a Slack reaction event delivered to the configured app could enter the agent pipeline even when reaction notifications were disabled. This advisory is scoped to the named feature and configuration. It...

6.3CVSS5.6AI score0.00191EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.10 views

Operationalizing Cyber Attack Prediction: A Gap-Prioritized Framework with Dataset and Model Selection Guidelines

While AI and machine learning for cyber attack prediction have advanced, a critical gap persists between theoretical research and practical operational deployment. Building on Ankalaki et al. 2025, this paper provides a comprehensive analysis of 150+ benchmark datasets and 200+ studies to identif...

5.8AI score
Exploits0
Amazon
Amazon
added 2026/03/05 12:0 a.m.13 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields CVE-2025-38591 In the Linux kernel, the following vulnerability has been resolved: schedext: Fix possible deadlock in the deferredirqworkfn CVE-2025-68333 In the...

7.8CVSS5.8AI score0.00468EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/10 1:49 p.m.8 views

Malicious code in narrow-array (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 508eafee6916ba29ade3caf0722e7bffe693e53fa35a4e74f0dc385950778f34 The package narrow-array was found to contain malicious code. Source: ghsa-malware 8bbee1a11c9aa9d6feb751063161f9802c6245890a9764cdddf190d3357df462 A...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/10 1:49 p.m.7 views

MAL-2026-827 Malicious code in narrow-array (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 508eafee6916ba29ade3caf0722e7bffe693e53fa35a4e74f0dc385950778f34 The package narrow-array was found to contain malicious code. Source: ghsa-malware 8bbee1a11c9aa9d6feb751063161f9802c6245890a9764cdddf190d3357df462 A...

5.6AI score
Exploits0References1
Snyk
Snyk
added 2026/02/10 1:49 p.m.4 views

Malicious Package

Overview narrow-array is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
Schneier on Security
Schneier on Security
added 2026/01/12 12:2 p.m.6 views

Corrupting LLMs Through Weird Generalizations

Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs. Abstract LLMs are useful because they generalize so well. But can you have too much of a good thing? We show that a small amount of finetuning in narrow contexts can dramatically shift behavior outside...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:11 p.m.1 views

EUVD-2025-96245

Malicious code in narrowherringz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:11 p.m.0 views

EUVD-2025-96243

Malicious code in narrowwhitefishz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:11 p.m.0 views

EUVD-2025-96244

Malicious code in narrowlarkz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:44 a.m.4 views

EUVD-2025-76220

Malicious code in narrownightingale-teagooddev npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:44 a.m.0 views

EUVD-2025-76222

Malicious code in narrowclam-appteadev npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 7:1 a.m.2 views

Malicious code in narrow_squid_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aeb0882b90665b586991b69a06706e91b76b1b418a55ecdcb5e1381a19f4fb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.2 views

EUVD-2025-62976

Malicious code in narrowchipmunkz3n npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/11 5:18 a.m.4 views

MAL-2025-95581 Malicious code in narrow_hoverfly_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 559729deed09faf0fe25181b95476de33f16a2b95c9c1db8993e892da9594ec2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.1 views

EUVD-2025-62972

Malicious code in narrowmockingbirdrequirement npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.0 views

EUVD-2025-62977

Malicious code in narrowamphibianz3n npm...

6.6AI score
Exploits0
Rows per page
Query Builder