364 matches found
[SECURITY] Fedora 42 Update: rrdtool-1.9.0-8.fc42
RRD is the Acronym for Round Robin Database. RRD is a system to store and display time-series data i.e. network bandwidth, machine-room temperature, server load average. It stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data t...
Astra Linux – Vulnerability in Ruby 2.5
The REXML gem before version 3.2.5 in Ruby, before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly handle XML round-trip issues. An incorrect document may be generated after parsing and serializing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: schets: do not remove idle classes from the round-robin list Shuang reported that the following scripts cause issues when executed: 1 tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: do not peek at classes beyond ‘nbands’ When the number of DRR classes decreases, the round-robin active list may contain elements that have already been freed in etsqdiscchange. As a result, it’s possible to...
MAL-2026-4134 Malicious code in fixed-round (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
@join-com/jest-matchers (>=1.0.0 <=1.0.1), jest-expect (=0.0.1) +1 more potentially affected by unknown CVE via fixed-round (=1.0.2)
fixed-round NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on fixed-round and may be impacted: - @join-com/jest-matchers =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: SNYK:JS-FIXEDROUND-16754972...
@join-com/jest-matchers (>=1.0.0 <=1.0.1), jest-expect (=0.0.1) +1 more potentially affected by unknown CVE via fixed-round (=1.0.2)
fixed-round NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on fixed-round and may be impacted: - @join-com/jest-matchers =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: SNYK:JS-FIXEDROUND-16754804...
telnet-pocs-2026
All Telnet PoCs — Consolidated All proof-of-concept exploits...
When LLMs Team Up: A Coordinated Attack Framework for Automated Cyber Intrusions
Automated intrusion-style workflows require LLM agents to reason over partial observations, tool outputs, and executable artifacts under bounded budgets. A single LLM instance often compresses evidence extraction, planning, execution, and validation into one context, which increases the risk of...
Iterative Audit Convergence in LLM-Managed Multi-Agent Systems: A Case Study in Prompt Engineering Quality Assurance
Prompt specifications for multi-agent large language model LLM systems carry data contracts and integration logic across many interdependent files but are rarely subjected to structured-inspection rigor. This paper reports a single-system empirical case study of iterative, agent-driven auditing...
UBUNTU-CVE-2026-43307
In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor fills the...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the adxl380 interrupt handler’s failure to round down when reading FIFO entries. This could lead to...
Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014347)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014347 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013398)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013398 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013087)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013087 advisory. In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011088)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011088 advisory. In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and...
A Synthetic Conversational Smishing Dataset for Social Engineering Detection
Smishing SMS phishing has become a serious cybersecurity threat, especially for elderly and cyber-unaware individuals, causing financial loss and undermining user trust. Although prior work has focused on detecting smishing at the level of individual messages, real-world attackers often rely on...
Fedora 43 : bind9-next (2026-a6efefa854)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a6efefa854 advisory. Update to 9.21.20 rhbz2440560 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 - Fi...
EUVD-2026-18716
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlinkdumpexpct ctnetlinkdumpexpct stores a conntrack pointer in cb-data for the netlink dump callback ctnetlinkexpctdumptable, but drops the conntrack reference immediately after...
CVE-2026-23458
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlinkdumpexpct ctnetlinkdumpexpct stores a conntrack pointer in cb-data for the netlink dump callback ctnetlinkexpctdumptable, but drops the conntrack reference immediately after...