Lucene search
K

170 matches found

CVE
CVE
added 6 days ago14 views

CVE-2026-14070

CVE-2026-14070 affects Google Chrome’s WebNN component. The root cause is an integer overflow in WebNN that could allow a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. Affected software is Chrome prior to version 150.0.7871.47; the impact i...

6.5CVSS5.9AI score0.0025EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-54345

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An integer overflow in WebNN allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. WebNN is an API that enables web...

9.6CVSS6AI score0.00413EPSS
Exploits0References437
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-54344

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An integer overflow in the WebNN component allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML page...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 4:22 p.m.11 views

Malicious code in neural-network-scan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 898c75e5a6ae94d115820736ffd2ca4cb948f72655d5c0175a3432cec835768c The package ships a collect.js script that imports childprocess and performs an HTTP POST carrying host identifiers hostname referenced multiple time...

5.3AI score
Exploits0References4
OSV
OSV
added 2026/06/15 4:22 p.m.8 views

MAL-2026-5794 Malicious code in neural-network-scan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 898c75e5a6ae94d115820736ffd2ca4cb948f72655d5c0175a3432cec835768c The package ships a collect.js script that imports childprocess and performs an HTTP POST carrying host identifiers hostname referenced multiple time...

5.4AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.10 views

CVE-2026-44246

nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in .github/workflows/issue-triage.yml is vulnerable to Agentic Workflow Injection. The workflow sets allowednonwriteusers: $...

7.2CVSS5.5AI score0.00242EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

ONNX-MLIR 安全漏洞

ONNX-MLIR is an open-source compiler tool developed by Open Neural Network Exchange that converts ONNX graphs into efficient code. Versions of ONNX-MLIR prior to 0.5.0.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of a weak hash function in the generatehashkey...

3.6CVSS4.9AI score0.00078EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the WebNN component, which could allow a remote attacker with access to a...

9.6CVSS5.4AI score0.00234EPSS
Exploits0References3
NVD
NVD
added 2026/05/22 6:16 p.m.12 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6.2CVSS0.00132EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/22 6:16 p.m.21 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6.2CVSS6AI score0.00132EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/22 12:0 a.m.13 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

0.00132EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.22 views

PT-2026-42819

Name of the Vulnerable Software and Affected Versions Arm ArmNN versions prior to 2026-03-28 Description An integer overflow exists in the TensorShape::GetNumElements function within armnn/Tensor.cpp. This occurs when tensor dimensions are multiplied using 32-bit unsigned arithmetic without...

6.2CVSS6AI score0.00132EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.12 views

TriSweep: A Four-Drone Swarm Framework for Electromagnetic Side-Channel Analysis

Electromagnetic EM side-channel analysis traditionally assumes a stationary, close-proximity probe - a threat model that underestimates aerial adversaries. TriSweep is a simulation framework that designs and evaluates a four-drone swarm architecture for autonomous standoff EM-SCA of embedded...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/05/19 12:0 a.m.45 views

CVE-2025-51427

An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file deymini.yaml under the key 'nnet''module'...

0.00529EPSS
Exploits0References3
Veracode
Veracode
added 2026/05/05 6:40 a.m.15 views

Information Exposure

org.springframework.ai, spring-ai-autoconfigure-model-transformers is vulnerable to information exposure. The vulnerability is due to improper isolation in a shared environment, which allows an attacker to access and retrieve the ONNX model used by the application...

6.1CVSS5.8AI score0.00105EPSS
Exploits0References4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/01 12:1 p.m.6 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses onnx-1.20.1-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-28500.

Summary IBM Maximo Application Suite - Monitor Component uses onnx-1.20.1-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-28500. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-28500 DESCRIPTION: Open Neural...

9.1CVSS5.7AI score0.00318EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/04/28 7:31 a.m.9 views

EUVD-2026-26012

In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

6.1CVSS5.2AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:31 a.m.5 views

CVE-2026-40979

In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

6.1CVSS5.2AI score0.00105EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/28 7:31 a.m.32 views

CVE-2026-40979

In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

6.1CVSS0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

VMware Spring AI 安全漏洞

VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. Versions 1.0.0 to 1.0.5, as well as 1.1.0 to 1.1.4 of VMware Spring AI, have security vulnerabilities. These...

6.1CVSS5.8AI score0.00105EPSS
Exploits0References1
Rows per page
Query Builder