Exploit for Cross-site Scripting in Codex-Themes Thegem

TheGem-Theme-Exploit-Chain-One-Click-Full-Compromise-Subscribe...

Malicious code in @emilgroup/customer-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58c6f159066f875aefa2d05b7fe166f8b55f075694d1badead1ec998bb6e396c The package @emilgroup/customer-sdk was found to contain malicious code. Source: ghsa-malware...

DeepXplain: XAI-Guided Autonomous Defense against Multi-Stage APT Campaigns

Advanced Persistent Threats APTs are stealthy, multi-stage attacks that require adaptive and timely defense. While deep reinforcement learning DRL enables autonomous cyber defense, its decisions are often opaque and difficult to trust in operational environments. This paper presents DeepXplain, a...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via insufficient validation of the subDir parameter in volume identifiers. An attacker can cause unintended directories on the NFS server to be deleted or modified by crafting volume identifiers containing path...

Malicious code in wildhunter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd5020979c3e9df261b6bb1525d91874b0c3dd993d6007d1f5f3fe40293a9a6c The package wildhunter was found to contain malicious code. Source: ghsa-malware ef86dd0267c3525fb9b185c8193ead59125fee1e3e962e357ac027f43dfc74cf Any...

CVE-2026-32771 Monitoring is vulnerable to Archive Slip due to missing checks in sanitization

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

An Agentic Multi-Agent Architecture for Cybersecurity Risk Management

Getting a real cybersecurity risk assessment for a small organization is expensive -- a NIST CSF-aligned engagement runs $15,000 on the low end, takes weeks, and depends on practitioners who are genuinely scarce. Most small companies skip it entirely. We built a six-agent AI system where each age...

CVE-2026-32750

CVE-2026-32750 (SiYuan) affects SiYuan versions 3.6.0 and earlier. The vulnerability occurs in POST /api/import/importStdMd, where the localPath parameter is passed directly to model.ImportFromLocalPath without path validation. The function recursively reads every file under the provided path and...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

DeepStage: Learning Autonomous Defense Policies against Multi-Stage APT Campaigns

This paper presents DeepStage, a deep reinforcement learning DRL framework for adaptive, stage-aware defense against Advanced Persistent Threats APTs. The enterprise environment is modeled as a partially observable Markov decision process POMDP, where host provenance and network telemetry are fus...

SiYuan importStdMd: unvalidated localPath imports arbitrary host directories as persistent notes

Summary POST /api/import/importStdMd passes the localPath parameter directly to model.ImportFromLocalPath with zero path validation. The function recursively reads every file under the given path and permanently stores their content as SiYuan note documents in the workspace database, making them...

CVE-2013-20006

Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...

PT-2026-25643

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

Malicious code in dazaar-cli (npm)

The package 'dazaar-cli' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...

MAL-2026-1556 Malicious code in yoshi-base (npm)

The package 'yoshi-base' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...

From Storage to Steering: Memory Control Flow Attacks on LLM Agents

Modern agentic systems allow Large Language Model LLM agents to tackle complex tasks through extensive tool usage, forming structured control flows of tool selection and execution. Existing security analyses often treat these control flows as ephemeral, one-off sessions, overlooking the persisten...

CVE-2015-20113 RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities

Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when...

CVE-2015-20113

CVE-2015-20113 affects RealtyScript 4.0.2 (Next Click Ventures). Connected sources confirm multiple vulnerabilities: cross-site request forgery (CSRF) and persistent cross-site scripting (XSS). The explorable impact described is that an attacker can craft a malicious page to trigger unauthorized ...