Lucene search
+L

3492 matches found

CVE
CVE
added 6 days ago16 views

CVE-2026-15502

Affected software: AojiaoZero Antaris 1.0.** Component/affected function:** PayPal IPN Payment Handler, file /ipn.php, function _rewardPurchase.** Vulnerability:** SQL injection triggered by manipulating the argument item_number.** Attack surface/impact:** remote exploitation possible; CVSS vecto...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-43238

A vulnerability was detected in AojiaoZero Antaris 1.0. This affects the function rewardPurchase of the file /ipn.php of the component PayPal IPN Payment Handler. The manipulation of the argument itemnumber results in sql injection. The attack may be performed from remote. The vendor was contacte...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 6 days ago3 views

CVE-2026-15502

A vulnerability was detected in AojiaoZero Antaris 1.0. This affects the function rewardPurchase of the file /ipn.php of the component PayPal IPN Payment Handler. The manipulation of the argument itemnumber results in sql injection. The attack may be performed from remote. The vendor was contacte...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.26 views

FuzzPilot: Plateau-Triggered Recipe Validation for Structured Text Fuzzing

FuzzPilot is a controller for AFL++ that moves expensive reasoning out of the mutation hot path. When coverage plateaus, it snapshots the corpus, prepares candidate mutation recipes, evaluates them in short isolated AFL++ micro-campaigns, and promotes only recipes with positive validation reward...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.12 views

PT-2026-41417

Claude Mythos Preview case studies also, read your transcripts! https://t.co/drNlAH5mLE "Mythos demonstrates its bug reproduction and exploitation capabilities on CVE-2024-051912, an in-the-wild exploited bug that has no public report nor a working PoC whatsoever in the public domain. This bug ha...

5.8AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.31 views

Do Androids Dream of Breaking the Game? Systematically Auditing AI Agent Benchmarks with BenchJack

Agent benchmarks have become the de facto measure of frontier AI competence, guiding model selection, investment, and deployment. However, reward hacking, where agents maximize a score without performing the intended task, emerges spontaneously in frontier models without overfitting. We argue tha...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/20 12:0 a.m.20 views

ARES: Adaptive Red-Teaming and End-To-End Repair of Policy-Reward System

Reinforcement Learning from Human Feedback RLHF is central to aligning Large Language Models LLMs, yet it introduces a critical vulnerability: an imperfect Reward Model RM can become a single point of failure when it fails to penalize unsafe behaviors. While existing red-teaming approaches...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/17 12:0 a.m.11 views

Privacy-Aware Machine Unlearning with SISA for Reinforcement Learning-Based Ransomware Detection

Ransomware detection systems increasingly rely on behavior-based machine learning to address evolving attack strategies. However, emerging privacy compliance, data governance, and responsible AI deployment demand not only accurate detection but also the ability to efficiently remove the influence...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/14 10:18 a.m.107 views

starknet-staking_audit1

Markdown https://dev.to/rdin777/starknet-btc-staking-how-to-ext...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.7 views

CVE-2026-40093

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...

8.1CVSS5.8AI score0.00314EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 7:55 p.m.6 views

EUVD-2026-21146

nimiq-blockchain is missing a wall-clock upper bound on block timestamps...

8.1CVSS5.8AI score0.00314EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/10 7:55 p.m.10 views

nimiq-blockchain is missing a wall-clock upper bound on block timestamps

Impact Block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper bound check against the wall clock. A malicious block-producing validator can set block timestamps...

8.1CVSS5.8AI score0.00314EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/10 7:55 p.m.4 views

GHSA-49XC-52MP-CC9J nimiq-blockchain is missing a wall-clock upper bound on block timestamps

Impact Block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper bound check against the wall clock. A malicious block-producing validator can set block timestamps...

9.1CVSS5.8AI score0.00314EPSS
Exploits0References3
NVD
NVD
added 2026/04/09 9:16 p.m.8 views

CVE-2026-40093

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...

8.1CVSS0.00314EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 8:29 p.m.4 views

CVE-2026-40093

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...

8.1CVSS5.9AI score0.00314EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 8:29 p.m.3 views

CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...

8.1CVSS5.8AI score0.00314EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 8:29 p.m.2 views

CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...

8.1CVSS5.9AI score0.00314EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/04/09 4:42 p.m.119 views

Exploit for CVE-2025-15260

CVE-2025-15260: Missing Authorization / Broken Access Control...

6.5CVSS5.9AI score0.00274EPSS
Exploits2
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

core-rs-albatross 安全漏洞

core-rs-albatross is a Rust implementation of the Albatross protocol developed by Nimiq. Versions of core-rs-albatross 1.3.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a lack of upper limit checks on block timestamps, allowing malicious validators to set...

8.1CVSS5.9AI score0.00314EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.8 views

PT-2026-31733

Name of the Vulnerable Software and Affected Versions nimiq-blockchain versions 1.3.0 and earlier Description nimiq-blockchain, used for persistent block storage in Nimiq's Rust implementation, has an issue where block timestamp validation lacks an upper bound check against the wall clock in...

9.1CVSS5.8AI score0.00314EPSS
Exploits0References7
Rows per page
Query Builder