2514 matches found
SAMSUNG Escargot 安全漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability caused by uncontrolled recursion, which may lead to the handling of...
Federated Naive Bayes with Real Mixture of Gaussians and Institutional Governance Regularization for Network Intrusion Detection
Federated learning for intrusion detection rests on a flawed premise: that every participating institution contributes equally to the shared model. In practice, a financial institution with mature security controls and low vulnerability exposure produces fundamentally different data than a...
portofolio_DWForSec
DwF — Cybersecurity Portfolio A professional cybersecurity po...
CVE-2026-44577
Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could...
CVE-2026-44577
CVE-2026-44577 affects Next.js self-hosted Image Optimization API when using the default image loader. From 10.0.0 through versions before 15.5.16 and 16.2.5, local images are read entirely into memory without a maximum size limit, enabling potential Out-Of-Memory conditions via requests to /_nex...
CVE-2026-44577
Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could...
CVE-2026-44577 Next.js: Denial of Service in the Image Optimization API
Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could...
CVE-2026-44577 Next.js: Denial of Service in the Image Optimization API
Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could...
Red-Teaming Agent Execution Contexts: Open-World Security Evaluation on OpenClaw
Agentic language-model systems increasingly rely on mutable execution contexts, including files, memory, tools, skills, and auxiliary artifacts, creating security risks beyond explicit user prompts. This paper presents DeepTrap, an automated framework for discovering contextual vulnerabilities in...
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox for Node.js developed by Patrik Simek from Czech Republic. It allows for the execution of untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have security vulnerabilities; these vulnerabilities stem fro...
Next.js 安全漏洞
Next.js is a React framework open source by Vercel. Versions of Next.js from 10.0.0 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities arise from the default image loader being hosted on the server, where the Image Optimization API loads local imag...
NPM: Next.js has a Denial of Service in the Image Optimization API
NPM: Next.js has a Denial of Service in the Image Optimization API vulnerability discovered by ? in WordPress Npm next versions = 10.0.0, 15.5.16...
Next.js has a Denial of Service in the Image Optimization API
Impact When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /next/image endpoint that match t...
Allocation of Resources Without Limits or Throttling
Overview next is a react framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Image Optimization API when handling requests to the /next/image endpoint that match the images.localPatterns configuration. An attacker can exhaust...
GHSA-H64F-5H5J-JQJH Next.js has a Denial of Service in the Image Optimization API
Impact When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /next/image endpoint that match t...
Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.3.3 (CUDA)
Red Hat AI Inference Server Model Optimization Tools 3.3.3 CUDA is now available. Red Hat® AI Inference Server Model Optimization Tools...
CTEM Business Case: CISO Guide to ROI
CTEM Business Case: CISO Guide to ROI A strong CTEM business case has to do more than explain why Continuous Threat Exposure Management matters. It has to show how a CTEM program reduces measurable business risk, improves remediation speed, consolidates security spend, and gives the board a clear...
SecureForge: Finding and Preventing Vulnerabilities in LLM-Generated Code Via Prompt Optimization
LLM coding agents now generate code at an unprecedented scale, yet LLM-generated code introduces cybersecurity vulnerabilities into codebases without human involvement. Even when frontier models are explicitly asked to write secure production code with relevant weaknesses to avoid in context, we...
trying-to-make-a-website-scanner
trying-to-make-a-website-scanner Web Vulnerability Scanner —...
next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage
An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache /next/image did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing...