Quality-Diversity Evolution for Discovering Diverse Vulnerabilities in LLM Safety

Current approaches to LLM adversarial testing suffer from coverage gaps: manual red-teaming does not scale, LLM-as-attacker methods exhibit mode collapse, and gradient-based approaches produce uninterpretable gibberish. We introduce a quality-diversity evolutionary framework that operates at the...

CVE-2026-45944

A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit VT-d Virtualization Technology for Directed I/O component. When a context entry is being torn down, the 'Present' bit might not be cleared before other parts of the entry are zeroed. This can lead to the hardware...

SUSE CVE-2024-5154

A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal “../“. This flaw allows the container to read and write to arbitrary files on the host system...

PT-2026-43947

In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via following call trace: ocfs2 dio end io write ocfs2 mark extent written ocfs2 change extent flag ocfs...

PT-2026-43932

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb info Hold state of deferred I/O in struct fb deferred io state. Allocate an instance as part of initializing deferred I/O and remove it only after the final...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper transaction splitting during direct I/O completion in ocfs2, potentially leading to...

PT-2026-43903

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIO DEVICE SET IRQS with a per-device mutex vfio cdx set msi trigger reads vdev-config msi and operates on the vdev-cdx irqs array based on its value, but provides no serialization against concurrent VFIO...

CVE-2026-7374

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

PT-2026-43242

Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw in the virt-handler component allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Ipados

dyld-signing-oracle-poc A controlled exploration of dyld's pa...

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.42 security and extras update

Red Hat OpenShift Container Platform release 4.18.42 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the idatasem unlock order in ext4indmigrate Fuzzing reported a possible deadlock in jbd2logwaitcommit. This issue occurs when an EXT4IOCMIGRATE ioctl is set to require synchronous updates because the file descripto...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fixed the omission of the NOWAIT check for ODIRECT write operations. When iouring initiates a write operation, it calls kiocbstartwrite, which triggers the super block rwsem. This prevents any freezes from occurring...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. The -oP option is available to the exim user, and it could lead to a denial of service, as files owned by root could be overwritten...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a race condition between direct IO writes and fsync operations when using the same file descriptor. If we have two threads that use the same file descriptor, and one of them performs direct IO writes while the other...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: block: Do not revert the iterator for -EIOCBQUEUED. The blkdevreaditer function includes some unusual checks. For example, it gates the position and count adjustment based on whether the result is greater than or equal to zero...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘f2fs: block cache/dio write during f2fsenablecheckpoint’” This issue is resolved through commit 196c81fdd438f7ac429d5639090a9816abb9760a. The original patch might cause a deadlock; therefore, it should be reverted. Chang...

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...