6661 matches found
Swiss-Bench 003: Evaluating LLM Reliability and Adversarial Security for Swiss Regulatory Contexts
The deployment of large language models LLMs in Swiss financial and regulatory contexts demands empirical evidence of both production reliability and adversarial security, dimensions not jointly operationalized in existing Swiss-focused evaluation frameworks. This paper introduces Swiss-Bench 003...
OSV-2026-535 Security exception in org.htmlunit.cyberneko.HTMLTagBalancer.endElement
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499447433 Crash type: Security exception Crash state: org.htmlunit.cyberneko.HTMLTagBalancer.endElement java.base/sun.nio.cs.CESU8.updatePositions java.base/sun.nio.cs.CESU8$Encoder.encodeArrayLoop...
OSV-2026-532 Heap-buffer-overflow in regsub
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499446092 Crash type: Heap-buffer-overflow READ 1 Crash state: regsub formatreplace formatexpand1...
OSS Weekend 代码注入漏洞
OSS Weekend is an AI agent development and LLM deployment management tool developed by Mario Zechner as a personal project. Versions of OSS Weekend prior to 0.58.4 contained a code injection vulnerability. This vulnerability stemmed from the discoverAndLoadExtensions function in the...
OSS Weekend 安全漏洞
OSS Weekend is an AI development and LLM deployment management tool developed by Mario Zechner as a personal project. Versions of OSS Weekend prior to 0.58.4 contained security vulnerabilities, which were caused by an authentication bypass vulnerability in the packages/mom/src/slack.ts file...
OSV-2026-521 UNKNOWN READ in unsigned long Assimp::StreamReader<true, true>::Get<unsigned long>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499121788 Crash type: UNKNOWN READ Crash state: unsigned long Assimp::StreamReader::Get bool Assimp::Blender::Structure::ResolvePointerstd::1::sharedptr, Assimp::Bl bool Assimp::Blender::Structure::ReadFieldPtr2,...
OSV-2026-514 Heap-buffer-overflow in format_expand1
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=498472071 Crash type: Heap-buffer-overflow READ 1 Crash state: formatexpand1 formatexpand format-fuzzer.c...
OSV-2026-504 Heap-use-after-free in ObjectStream::getObject
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=498251261 Crash type: Heap-use-after-free READ 4 Crash state: ObjectStream::getObject XRef::fetch XRef::fetch...
OSV-2026-481 Security exception in org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=496552925 Crash type: Security exception Crash state: org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII...
CVE-2026-21724
A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission...
UBUNTU-CVE-2026-21724
A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission...
pqc-combo (=0.1.0), pqc-fips (=0.0.3) +1 more potentially affected by unknown CVE via libcrux-ml-dsa (=0.0.4)
libcrux-ml-dsa CARGO version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on libcrux-ml-dsa and may be impacted: - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-XRF2-5R3P-5WGJ...
Grafana OSS 安全漏洞
Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from an authorization bypass in the configuration contact point API. This vulnerability could allow users with the Editor role to modify protected Webhook URLs...
OSV-2026-417 Segv on unknown address in arrow::Array::IsNull
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=493063924 Crash type: Segv on unknown address Crash state: arrow::Array::IsNull arrow::Status arrow::VisitArrayInline arrow::ArrayPrinter::Print...
OSV-2026-392 UNKNOWN READ in pcpp::BgpLayer::getHeaderLen
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=491687588 Crash type: UNKNOWN READ Crash state: pcpp::BgpLayer::getHeaderLen pcpp::Packet::shortenLayer pcpp::Layer::shortenLayer...
OSV-2026-370 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490658507 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/java.lang.System$2.encodeASCII java.base/sun.nio.cs.UTF8$Encoder.encodeArrayLoop...
OSV-2026-359 Segv on unknown address in gpsd_vlog
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490142464 Crash type: Segv on unknown address Crash state: gpsdvlog gpsdlog processGSV...
CVE-2026-30790
Improper Restriction of Excessive Authentication Attempts, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Peer authentication, API login modules, rustdesk-server RustDesk Server OSS...
CVE-2026-30790
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-30790
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...