Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

DeepStage: Learning Autonomous Defense Policies against Multi-Stage APT Campaigns

This paper presents DeepStage, a deep reinforcement learning DRL framework for adaptive, stage-aware defense against Advanced Persistent Threats APTs. The enterprise environment is modeled as a partially observable Markov decision process POMDP, where host provenance and network telemetry are fus...

SiYuan importStdMd: unvalidated localPath imports arbitrary host directories as persistent notes

Summary POST /api/import/importStdMd passes the localPath parameter directly to model.ImportFromLocalPath with zero path validation. The function recursively reads every file under the given path and permanently stores their content as SiYuan note documents in the workspace database, making them...

CVE-2013-20006

Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...

From Storage to Steering: Memory Control Flow Attacks on LLM Agents

Modern agentic systems allow Large Language Model LLM agents to tackle complex tasks through extensive tool usage, forming structured control flows of tool selection and execution. Existing security analyses often treat these control flows as ephemeral, one-off sessions, overlooking the persisten...

PT-2026-25643

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

MAL-2026-1556 Malicious code in yoshi-base (npm)

The package 'yoshi-base' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...

Malicious code in dazaar-cli (npm)

The package 'dazaar-cli' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...

CVE-2015-20113 RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities

Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when...

CVE-2015-20113

CVE-2015-20113 affects RealtyScript 4.0.2 (Next Click Ventures). Connected sources confirm multiple vulnerabilities: cross-site request forgery (CSRF) and persistent cross-site scripting (XSS). The explorable impact described is that an attacker can craft a malicious page to trigger unauthorized ...

CVE-2015-20113 RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities

Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when...

CVE-2013-20006

Qool CMS (notably version 2.0 RC2 per ZSL report) contains multiple persistent cross-site scripting vulnerabilities in administrative scripts. POST parameters such as title, name, email, username, link, and task are not properly sanitized before storage and return, allowing injected JavaScript to...

PT-2026-25716

Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when...

Microsoft Windows Service Installation Persistence

This is a Microsoft Windows persistent service installer for creating backdoor services that automatically start payloads upon system boot. This tool is designed for authorized penetration testing and security research purposes. This variant from the author is written in PHP...

EUVD-2025-208518

A Stored Cross-Site Scripting XSS vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: zarf, gitlab-kas, kube-rbac-proxy, runc, k8ssandra-operator, cass-operator, sftpgo-plugin-kms, kubernetes-csi-external-resizer, promxy, otel-cli, terragrunt, kserve, azure-service-operator, crossplane-provider-aws-iam, snyk-cli, restic, kafka-proxy, authservice,...

CVE-2026-27142 vulnerabilities

Vulnerabilities for packages: zarf, gitlab-kas, kube-rbac-proxy, runc, k8ssandra-operator, cass-operator, sftpgo-plugin-kms, kubernetes-csi-external-resizer, promxy, otel-cli, terragrunt, kserve, azure-service-operator, crossplane-provider-aws-iam, snyk-cli, restic, kafka-proxy, authservice,...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: azuredisk-csi, mariadb-operator-fips, kuma, prometheus-postgres-exporter, cloudprober, flux-kustomize-controller-fips, prometheus-blackbox-exporter-fips, kubernetes-csi-external-snapshotter, pulumi-language-yaml, crossplane-provider-aws-efs, kubescape-operator-fips,...

MAL-2026-1322 Malicious code in rtxnode-sass22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36a78ba8212bc3ab76a0cd01b40b2a3c0b18f319ccb29c6ccea455e9a89449a8 The package rtxnode-sass22 was found to contain malicious code. Source: ghsa-malware f55edfe6ea35e734acb3592f0b13348ef997c46497c2975855d609ee45912671...