CVE-2025-40281

In the Linux kernel, CVE-2025-40281 affects SCTP in net/sctp/transport.c, where a shift-out-of-bounds could occur in sctp_transport_update_rto if rto_alpha_max/rto_beta_max were very large. The fix adds a run-time test to prevent regressions and includes READ_ONCE() annotations since sysctl value...

CVE-2025-40281 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of-bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

BIT-ENVOY-2025-64763 Envoy forwards early CONNECT data in TCP proxy mode

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, when Envoy is configured in TCP proxy mode to handle CONNECT requests, it accepts client data before issuing a 2xx response and forwards that data to the upstream TCP connection. If a forwardi...

Securing the Model Context Protocol: Defending LLMs against Tool Poisoning and Adversarial Attacks

The Model Context Protocol MCP enables Large Language Models to integrate external tools through structured descriptors, increasing autonomy in decision-making, task execution, and multi-agent workflows. However, this autonomy creates a largely overlooked security gap. Existing defenses focus on...

PT-2025-49382

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the sctp transport update rto function that may lead to a shift-out-of-bounds condition. This issue was identified by syzbot, which reported a potenti...

Envoy forwards early CONNECT data in TCP proxy mode

Summary Forwarding of early CONNECT data in TCP proxy mode. Details Per RFC 7231-4.3.6 the sender of CONNECT and all inbound proxies switch to tunnel mode only after receiving 2xx response. However in TCP proxy mode, Envoy accepts client data before it has issued a 2xx response and eagerly proxie...

GHSA-RJ35-4M94-77JH Envoy forwards early CONNECT data in TCP proxy mode

Summary Forwarding of early CONNECT data in TCP proxy mode. Details Per RFC 7231-4.3.6 the sender of CONNECT and all inbound proxies switch to tunnel mode only after receiving 2xx response. However in TCP proxy mode, Envoy accepts client data before it has issued a 2xx response and eagerly proxie...

CVE-2025-62686

A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a RESTRICT segment, a local user may exploit the DYLDINSERTLIBRARIES environment...

CVE-2025-66479

Anthropic Sandbox Runtime is a lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. Prior to 0.0.16, due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the...

CVE-2025-66479 Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing

Anthropic Sandbox Runtime is a lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. Prior to 0.0.16, due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the...

CVE-2025-66479

Anthropic Sandbox Runtime (sandbox-runtime) had a flaw where the network sandbox was not properly enforced if no allowed domains were configured, potentially allowing outbound network access from sandboxed processes prior to v0.0.16. A patch is available in v0.0.16; upgrade to 0.0.16 or later for...

CVE-2025-66479 Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing

Anthropic Sandbox Runtime is a lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. Prior to 0.0.16, due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the...

CVE-2025-66479 Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing

Anthropic Sandbox Runtime is a lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. Prior to 0.0.16, due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the...

Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing

Due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the sandbox policy did not configure any allowed domains. This could allow sandboxed code to make network requests outside of the sandbox. A patch for this was released in v0.0.16. Thank you to...

EUVD-2025-201249

Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing...

GHSA-9GQJ-5W7C-VX47 Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing

Due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the sandbox policy did not configure any allowed domains. This could allow sandboxed code to make network requests outside of the sandbox. A patch for this was released in v0.0.16. Thank you to...

BIT-GOLANG-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

Anthropic Sandbox Runtime 安全漏洞

Anthropic Sandbox Runtime is a lightweight sandboxing tool from Anthropic-experimental open source. A security vulnerability exists in Anthropic Sandbox Runtime versions prior to 0.0.16, which stems from an error in the sandbox logic that could cause network requests to bypass the sandbox...

📄 Microsoft Windows 11 Administrator Protection Bypass / Privilege Escalation

Microsoft Windows 11 suffers from an administrator protection bypass local privilege escalation vulnerability. Proof of concept Metasploit module included. =============================================================================================================================================...

PT-2025-49149

Name of the Vulnerable Software and Affected Versions Anthropic Sandbox Runtime versions prior to 0.0.16 Description Anthropic Sandbox Runtime is a sandboxing tool designed to enforce filesystem and network restrictions on processes. Prior to version 0.0.16, a flaw in the sandboxing logic allowed...