CVE-2026-47174 Duck Site: Untrusted pull request code can trigger privileged production deployment

In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull requests, while the deploy workflow runs with package-write permissions and deployment secrets. If an attacker can make a pull request build satisf...

CVE-2026-47174

Technical details such as affected components, versions, exploit paths, and fixes are not provided in the supplied documents; monitor for updates.

CVE-2026-47172

Quest Bot (open-source Discord bot) contains a privilege escalation in the deploy workflow prior to v1.0.3. The repository’s privileged deploy workflow runs after the unprivileged build, and when a PR from a main branch is opened, the deploy workflow can check out the PR head_sha, build it into a...

PT-2026-48711

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow that runs after the unprivileged build workflow completes. The build workflow runs on pull requests, and the deploy workflow checks ou...

Why Agentic AI Is Security's Next Blind Spot

Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The industry conversation has largely framed this as a question of policy: allow...

6 Ways Agentic AI Changes How Systems Act and Adapt

Learn how agentic AI changes system behavior in production environments through supervised fine-tuning, structured oversight, and lifecycle governance to improve reliability, manage risk, and support accountable deployment...

Clawdrain: Exploiting Tool-Calling Chains for Stealthy Token Exhaustion in OpenClaw Agents

Modern generative agents such as OpenClaw - an open-source, self-hosted personal assistant with a community skill ecosystem, are gaining attention and are used pervasively. However, the openness and rapid growth of these ecosystems often outpace systematic security evaluation. In this paper, we...

AZL-78359 CVE-2026-27969 affecting package vitess 19.0.4-7

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location e.g. an S3 bucket can manipulate backup manifest files so that files in the manifest — which may be files that they have also...

PT-2026-22109

Name of the Vulnerable Software and Affected Versions Vitess versions prior to 23.0.3 and versions prior to 22.0.4 Description Vitess, a database clustering system for horizontal scaling of MySQL, contains a path traversal issue in the builtinbackupengine component during the backup restoration...

MemoPhishAgent: Memory-Augmented Multi-Modal LLM Agent for Phishing URL Detection

Traditional phishing website detection relies on static heuristics or reference lists, which lag behind rapidly evolving attacks. While recent systems incorporate large language models LLMs, they are still prompt-based, deterministic pipelines that underutilize reasoning capability. We present...

编号撤回

update is a library from Aaron's personal developer. serve is a PyTorch open source application for provisioning, optimizing, and scaling PyTorch models in production. This CVE number has been withdrawn...

@nx/azure-cache Vulnerable to Build Cache Poisoning via Untrusted Pull Requests

A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache such as those using Amazon S3, Google Cloud Storage, or similar object storage that allows any contributor with pull request privileges to inject compromised artifacts...

Striking Back at Cobalt: Using Network Traffic Metadata to Detect Cobalt Strike Masquerading Command and Control Channels

Off-the-shelf software for Command and Control is often used by attackers and legitimate pentesters looking for discretion. Among other functionalities, these tools facilitate the customization of their network traffic so it can mimic popular websites, thereby increasing their secrecy. Cobalt...

JFrog 安全漏洞

JFrog is an application from JFrog, Inc. that provides an end-to-end pipeline to control the flow of binaries from build to production. A security vulnerability exists in JFrog. An attacker exploiting this vulnerability could remotely execute code...

GHSA-W5MJ-J45Q-M638 ZendFramework1 Potential Security Issues in Bundled Dojo Library

In mid-March, 2010, the Dojo Foundation issued a Security Advisory indicating potential security issues with specific files in Dojo Toolkit. Details of the advisory may be found on the Dojo website: http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/ In particular, several file...

PT-2024-40380 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 3.1.14 Description: The issue arises during installation, where certain parameters admin username and admin password are not properly escaped in the setup form. Recommendations: For versions prior to 3.1.14, update...

GHSA-2FFV-R4R9-R8XR Laravel RCE vulnerability in "cookie" session driver

Application's using the "cookie" session driver were the primary applications affected by this vulnerability. Since we have not yet released a security release for the Laravel 5.5 version of the framework, we recommend that all applications running Laravel 5.5 and earlier do not use the "cookie"...

This Week in Spring - October 25th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! When last we spoke, I was in Las Vegas, NV, for the JavaOne show. It was amazing! Im in sunny Singapore, then off to Malaysia and Thailand. Its the first time Ive been to any of these places since 2019! How good it is to be...

Drupal Remote code execution

A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerabl...

PT-2018-10962 · Sensiolabs · Symfony

Name of the Vulnerable Software and Affected Versions: SensioLabs Symfony version 3.3.6 Description: A reflected Cross-site scripting XSS issue exists in the web profiler, allowing remote attackers to inject arbitrary web script or HTML via the file parameter in an profiler/open?file= URI. The...