Unity Linux 20.1060e / 20.1070e Security Update: nodejs-hosted-git-info (UTSA-2026-016626)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016626 advisory. The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the fromUrl function in...

Encrypted Neural Networks without Overflows

Fully homomorphic encryption FHE enables private inference by evaluating neural networks on encrypted data. In this way, we can delegate the computation to a third party server without ever revealing the user's data. Currently, the CKKS scheme is the backbone of most efficient FHE implementations...

ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation.

When performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments...

GHSA-PFVH-M9XV-8966 ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation.

When performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments...

PT-2026-41780

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An out-of-bounds over-read of 24 bytes can occur when performing a polynomial distortion if specific arguments are specified...

Astra Linux - уязвимость в libcrypto++

In gf2n.cpp within Crypto++ also known as cryptopp, available from version 8.9.0, attackers can cause a denial of service application crash by exploiting DER public-key data for an F2^m curve. This occurs when the degree of each term in the polynomial is not strictly decreasing...

Decryption Thorough Polynomial Ambiguity: Noise-Enhanced High-Memory Convolutional Codes for Post-Quantum Cryptography

We present a novel approach to post-quantum cryptography that employs directed-graph decryption of noise-enhanced high-memory convolutional codes. The proposed construction generates random-like generator matrices that effectively conceal algebraic structure and resist known structural attacks...

Quantum Ramp Secret Sharing from Haar Scrambling

Quantum information scrambling has emerged as a powerful tool for studying the dynamics of chaotic quantum many-body systems, assessing benchmarking protocols, and even investigating exotic black hole models. During quantum information scrambling, localized quantum information disperses across th...

EUVD-2021-1748

Malware in sbrugna...

EUVD-2021-0928

Malware in sbrugna...

EUVD-2023-26630

Malicious code in bioql PyPI...

EUVD-2023-28818

Malicious code in bioql PyPI...

EUVD-2023-30291

Malicious code in bioql PyPI...

EUVD-2024-32440

Malicious code in bioql PyPI...

A Novel Post-Quantum Secure Digital Signature Scheme Based on Neural Network

Digital signatures are fundamental cryptographic primitives that ensure the authenticity and integrity of digital documents. In the post-quantum era, classical public key-based signature schemes become vulnerable to brute-force and key-recovery attacks due to the computational power of quantum...

Efficient Private Inference Based on Helper-Assisted Malicious Security Dishonest Majority MPC

Private inference based on Secure Multi-Party Computation MPC addresses data privacy risks in Machine Learning as a Service MLaaS. However, existing MPC-based private inference frameworks focuses on semi-honest or honest majority models, whose threat models are overly idealistic, while malicious...

CVE-2025-53539 ReDoS in fastapi-guard's penetration attempts detector

FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. fastapi-guard's penetration attempts detection uses regex to scan incoming requests. However, some of the regex patterns used in detection are extremely...

CVE-2025-48059

PowSyBl Core contains a polynomial Regular Expression Denial of Service (ReDoS) in the RegexCriterion class used by powsybl-iidm-criteria (versions 6.3.0–6.7.1 and powsybl-contingency-api 5.0.0–6.3.0). The vulnerability arises from unvalidated user-supplied regex patterns compiled and evaluated a...

CVE-2025-48059 PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion

PowSyBl Power System Blocks is a framework to build power system oriented software. In com.powsybl:powsybl-iidm-criteria versions 6.3.0 to before 6.7.2 and com.powsybl:powsybl-contingency-api versions 5.0.0 to before 6.3.0, there is a a potential polynomial Regular Expression Denial of Service...

CVE-2025-48058 PowSyBl Core contains Polynomial REDoS’es

PowSyBl Power System Blocks is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service ReDoS vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause...