CVE-2026-46071

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

EUVD-2026-32453

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

Quality and Security Signals in AI-Generated Python Refactoring Pull Requests

As AI agents increasingly contribute to code development and maintenance, there is still limited empirical evidence on the quality and risk characteristics of their changes in real-world projects, particularly for refactoring-oriented contributions. It remains unclear how agent-authored refactori...

GHSA-Q49F-XG75-M9XW Wasmtime has host panic when Winch compiler executes `table.fill`

Impact Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture, and cause the host to panic. This represents a denial-of-service vulnerability i...

EUVD-2026-21025

Wasmtime has host panic when Winch compiler executes table.fill...

Wasmtime has host panic when Winch compiler executes `table.fill`

Impact Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture, and cause the host to panic. This represents a denial-of-service vulnerability i...

Moving beyond Strings in Spring Data

If you've worked with data access in Java and especially with Spring Data for a while, then you are familiar with various Query and Update programming models. You write data access code. You refactor a property name. You run your tests. They fail. Your query strings? Still pointing to the old...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003945)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003945 advisory. In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to sndtimerope...

LLM-Based Vulnerable Code Augmentation: Generate or Refactor?

Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented CWEs. In this context, we investigate LLM-based augmentation for...

CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

CLSA-2025-1763122640 edk2: Fix of 3 CVEs

CVE-2022-36763: fix heap buffer overflow in TPM2 measure boot library when processing GPT partition tables - CVE-2022-36764: fix heap buffer overflow in TPM measure boot library when calculating PE image event size - CVE-2022-36765: fix integer overflow in CreateHob function that could lead to...

When AI Accelerates Cloud Migrations, Don't Let Security Be an Afterthought

The era of on-premises infrastructure is quickly becoming a thing of the past, with research from Pluralsight showing that over 90% of organizations now leverage the cloud. What’s driving the even faster shift over the last few years? Consider AWS's foray into generative AI programs and agents fo...

EUVD-2013-0292

Malware in sbrugna...

EUVD-2019-9405

Malware in sbrugna...

EUVD-2025-18286

Malicious code in bioql PyPI...

EUVD-2025-16128

Malicious code in bioql PyPI...

MAL-2025-32015 Malicious code in refactoring_toolkit (npm)

The package refactoringtoolkit was found to contain malicious code...

Malicious code in refactoring_toolkit (npm)

The package refactoringtoolkit was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2019-19807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to...

CVE-2025-38447

In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix potential out-of-bounds page table access during batched unmap As pointed out by David1, the batched unmap logic in trytounmapone may read past the end of a PTE table when a large folio's PTE mappings are not fully...