32 matches found
EUVD-2026-36760
An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...
CVE-2026-39007
An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...
CVE-2026-39007
Technical details about CVE-2026-39007 are not publicly available in the provided documents. Monitor for updates from vendors and advisories.
PT-2026-49300
Name of the Vulnerable Software and Affected Versions Observe versions prior to 2026-01-28 Description A flaw in the CSV Log export component allows a remote attacker to obtain sensitive information. Recommendations Update to a version released after 2026-01-28. As a temporary workaround, restric...
CVE-2026-39007
An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...
EulerOS 2.0 SP13 : tigervnc (EulerOS-SA-2026-2359)
According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application...
camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers
A flaw was found in the Apache Camel embedded HTTP server and embedded management server camel-platform-http-main. When authentication is enabled and a non-root context path is configured, the authentication handler incorrectly matches only the exact configured path, not its subpaths. This allows...
CVE-2026-40022
A flaw was found in the Apache Camel embedded HTTP server and embedded management server camel-platform-http-main. When authentication is enabled and a non-root context path is configured, the authentication handler incorrectly matches only the exact configured path, not its subpaths. This allows...
Authentication Bypass
Apache Camel is vulnerable to Authentication Bypass. The vulnerability is due to the authentication handler matching only the exact configured context path, not its subpaths, where unauthenticated requests to subpaths can reach protected business routes and management endpoints without being...
GHSA-27VM-5VPJ-RP5G Apache Camel Vulnerable to Authentication Bypass Using an Alternate Path or Channel
When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...
PT-2026-35385
When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...
CVE-2025-40932
creationtimestamp| type| source ---|---|--- 2026-02-28 09:01:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfvughjobx2s...
PT-2026-22320
An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic...
CVE-2026-22038
CVE-2026-22038 affects AutoGPT prior to platform-beta-v0.6.46. The vulnerability arises when Stagehand blocks log API keys and authentication secrets in plaintext via logger.info() in StagehandObserveBlock, StagehandActBlock, and StagehandExtractBlock, where api_key.get_secret_value() is logged. ...
Meet Moltbook, the Social Platform Where AI Agents Talk and Humans Watch
Moltbook is a new social platform where AI agents post and interact while humans observe, raising questions about autonomy, security, and agent behavior...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004259)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004259 advisory. The mincore implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on th...
1 PoCo: Agentic Proof-Of-Concept Exploit Generation for Smart Contracts
Smart contracts operate in a highly adversarial environment, where vulnerabilities can lead to substantial financial losses. Thus, smart contracts are subject to security audits. In auditing, proof-of-concept PoC exploits play a critical role by demonstrating to the stakeholders that the reported...
Rootkit Privilege Escalation Signal Hunter
This module searches for rootkits which use signals to elevate process privileges to UID 0 root. Some rootkits install signal handlers which listen for specific signals to elevate process privileges. This module identifies these rootkits by sending signals and observing UID switching to root. Thi...
Agentic AI’s OODA Loop Problem
The OODA loop --for observe, orient, decide, act--is a framework to understand decision-making in adversarial situations. We apply the same framework to artificial intelligence agents, who have to make their decisions with untrustworthy observations and orientation. To solve this problem, we need...
Countermind: A Multi-Layered Security Architecture for Large Language Models
The security of Large Language Model LLM applications is fundamentally challenged by "form-first" attacks like prompt injection and jailbreaking, where malicious instructions are embedded within user inputs. Conventional defenses, which rely on post hoc output filtering, are often brittle and fai...