PT-2026-44862

Name of the Vulnerable Software and Affected Versions Wikidforum version 2.20 Description A cross-site scripting issue allows authenticated attackers to inject malicious scripts by submitting crafted HTML. This is achieved by sending JavaScript code through the 'rpc.php' endpoint using the reply...

alika-vuln-shield

Vuln Shield Fast container vulnerability scanner that filters...

Joint Secrecy and Covert Communication (JSACC): An Enhanced Physical Layer Security Approach

In this paper, we propose an enhanced physical layer security approach, named joint secrecy and covert communication JSACC, which aims to improve the performance of physical layer security PLS. The JSACC system can dynamically switch between secrecy mode and covert mode according to the channel...

ZERO_SPLOIT_USB_v6

ZEROSPLOITUSB v6.0: The Singularity Edition The Si...

RPP: A Certified Poisoned-Sample Detection Framework for Backdoor Attacks under Dataset Imbalance

Deep neural networks are highly susceptible to backdoor attacks, yet most defense methods to date rely on balanced data, overlooking the pervasive class imbalance in real-world scenarios that can amplify backdoor threats. This paper presents the first in-depth investigation of how the dataset...

AmbShield: Enhancing Physical Layer Security with Ambient Backscatter Devices against Eavesdroppers

Passive eavesdropping compromises confidentiality in wireless networks, especially in resource-constrained environments where heavyweight cryptography is impractical. Physical layer security PLS exploits channel randomness and spatial selectivity to confine information to an intended receiver wit...

defacemeter

DefaceMeter DefaceMeter is a small, static, browser-based pro...

EUVD-2025-60978

In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated incorrect signature results with low probability...

CVE-2025-31719

In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated incorrect signature results with low probability...

CVE-2025-31719

In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated incorrect signature results with low probability...

CVE-2025-9230

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

CVE-2025-9230

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

Optimizing Preventive and Reactive Defense Resource Allocation with Uncertain Sensor Signals

Cyber attacks continue to be a cause of concern despite advances in cyber defense techniques. Although cyber attacks cannot be fully prevented, standard decision-making frameworks typically focus on how to prevent them from succeeding, without considering the cost of cleaning up the damages...

CovertAuth: Joint Covert Communication and Authentication in MmWave Systems

Beam alignment BA is a crucial process in millimeter-wave mmWave communications, enabling precise directional transmission and efficient link establishment. However, due to characteristics like omnidirectional exposure and the broadcast nature of the BA phase, it is particularly vulnerable to...

Beyond the Worst Case: Extending Differential Privacy Guarantees to Realistic Adversaries

Differential Privacy DP is a family of definitions that bound the worst-case privacy leakage of a mechanism. One important feature of the worst-case DP guarantee is it naturally implies protections against adversaries with less prior information, more sophisticated attack goals, and complex...

S-Leak: Leakage-Abuse Attack against Efficient Conjunctive SSE Via S-Term Leakage

Conjunctive Searchable Symmetric Encryption CSSE enables secure conjunctive searches over encrypted data. While leakage-abuse attacks LAAs against single-keyword SSE have been extensively studied, their extension to conjunctive queries faces a critical challenge: the combinatorial explosion of...

PrivacyXray: Detecting Privacy Breaches in LLMs through Semantic Consistency and Probability Certainty

Large Language Models LLMs are widely used in sensitive domains, including healthcare, finance, and legal services, raising concerns about potential private information leaks during inference. Privacy extraction attacks, such as jailbreaking, expose vulnerabilities in LLMs by crafting inputs that...

Shuffling Cards When You Are of Very Little Brain: Low Memory Generation of Permutations

How can we generate a permutation of the numbers $1$ through $n$ so that it is hard to guess the next element given the history so far? The twist is that the generator of the permutation the "Dealer" has limited memory, while the "Guesser" has unlimited memory. With unbounded memory actually $n$...

Adversarial Attack on Large Language Models Using Exponentiated Gradient Descent

As Large Language Models LLMs are widely used, understanding them systematically is key to improving their safety and realizing their full potential. Although many models are aligned using techniques such as reinforcement learning from human feedback RLHF, they are still vulnerable to jailbreakin...

EPSS Decoded: An Examination & Comparison to CVSS

Running short on time but still want to stay in the know? Well, we've got you covered! We've condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all! A Paradigm Shift in Vulnerability Management Vulnerability...