CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

CVE-2026-56117

CVE-2026-56117: dhcpcd up to version 10.3.2 contains a local heap use-after-free in the control socket handling (src/control.c). The root cause is that control_recvdata() can free the client object while a subsequent READ+HANGUP event reaches control_hangup() with a stale pointer, enabling memory...

EUVD-2026-38498

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

LazyAdmin-Writeup

LazyAdmin-Writeup Beginner-friendly TryHackMe LazyAdmin writeu...

AgentVisor: Defending LLM Agents against Prompt Injection Via Semantic Virtualization

Large Language Model LLM agents are increasingly used to automate complex workflows, but integrating untrusted external data with privileged execution exposes them to severe security risks, particularly direct and indirect prompt injection. Existing defenses face significant challenges in balanci...

CVE-2022-31206

The Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software which compiles IEC 61131-3 conformant POU code to native machine code for execution...

CVE-2022-27882

slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation...

EUVD-2006-5778

Malware in sbrugna...

EUVD-2015-6414

Malware in sbrugna...

EUVD-2004-2061

Malware in sbrugna...

EUVD-2016-1208

Malware in sbrugna...

EUVD-2015-6978

Malware in sbrugna...

EUVD-2015-8848

Malware in sbrugna...

EUVD-2023-59116

Malicious code in bioql PyPI...

EUVD-2022-32370

Malicious code in bioql PyPI...

EUVD-2022-32369

Malicious code in bioql PyPI...

EUVD-2024-24387

Malicious code in bioql PyPI...

Better Privilege Separation for Agents by Restricting Data Types

Large language models LLMs have become increasingly popular due to their ability to interact with unstructured content. As such, LLMs are now a key driver behind the automation of language processing systems, such as AI agents. Unfortunately, these advantages have come with a vulnerability to...

Volkswagen MIB3 Infotainment 安全漏洞

Volkswagen MIB3 Infotainment is an infotainment system on a vehicle from Volkswagen Germany. A security vulnerability exists in Volkswagen MIB3 Infotainment that stems from a lack of privilege separation in a proprietary inter-process communication mechanism, which could allow an attacker to bypa...

PT-2025-27317 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment unit affected versions not specified Description: The MIB3 infotainment unit used in Skoda and Volkswagen vehicles lacks privilege separation for its proprietary inter-process communication mechanism. This allows attackers...