6 matches found
OT Cybersecurity Challenges for ICS in 2026
OT Cybersecurity Challenges for ICS in 2026 OT cybersecurity has become a board-level risk because industrial control systems are no longer isolated, predictable, or invisible to attackers. In 2026, security teams protecting manufacturing plants, utilities, transportation systems, energy...
BIT-AIRFLOW-2025-54550 Apache Airflow: RCE by race condition in example_xcom dag
The example examplexcom that was included in airflow documentation implemented unsafe pattern of reading value from xcom in the way that could be exploited to allow UI user who had access to modify XComs to perform arbitrary execution of code on the worker. Since the UI users are already highly...
GHSA-8XQ3-W9FX-74RV webfinger.js Blind SSRF Vulnerability
Description The lookup function takes a user address for checking accounts as a feature, however, as per the ActivityPub spec https://www.w3.org/TR/activitypub/security-considerations, on the security considerations section at B.3, access to Localhost services should be prevented while running in...
Five Uncomfortable Truths About LLMs in Production
Many tech professionals see integrating large language models LLMs as a simple process -just connect an API and let it run. At Wallarm, our experience has proved otherwise. Through rigorous testing and iteration, our engineering team uncovered several critical insights about deploying LLMs secure...
CVE-2022-42467
When running in prototype mode, the h2 webconsole module accessible from the Prototype menu is automatically made available with the ability to directly query the database. It was felt that it is safer to require the developer to explicitly enable this capability. As of 2.0.0-M8, this can now be...
Logical flaws exist in the dual-control platform for production safety of Beijing Baixinan Technology Co.
Beijing Baixinan Technology Co., Ltd. is a high-tech enterprise dedicated to the construction of informationization, intelligentization and emergency management platform. A logic flaw exists in the dual-control platform of Beijing Baixin Security Technology Co., Ltd. that can be exploited by an...