37 matches found
ClawGuard: Out-Of-Band Detection of LLM Agent Workflow Hijacking Via EM Side Channel
Autonomous LLM agents face a critical security risk known as workflow hijacking, where attackers subtly alter tool and skill invocations. Existing defenses rely on host-internal telemetry such as audit logs, which can be forged if the host OS is compromised. To solve this, we introduce ClawGuard,...
CVE-2025-1727
The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...
DeepGuard: Defending Deep Joint Source-Channel Coding against Eavesdropping at Physical-Layer
Deep joint source-channel coding DeepJSCC has emerged as a promising paradigm for efficient and robust information transmission. However, its intrinsic characteristics also pose new security challenges, notably an increased vulnerability to eavesdropping attacks. Existing studies on defending...
EUVD-2017-9053
Malware in sbrugna...
EUVD-2025-21087
Malicious code in bioql PyPI...
EUVD-2024-39166
Malicious code in bioql PyPI...
CVE-2025-1727 End-of-Train and Head-of-Train Remote Linking Protocol Weak Authentication
The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...
CVE-2024-47127
In the goTenna Pro App there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing goTenna mesh networks. This vulnerability can be exploited if the device is being used in an unencrypted environment or if the...
CVE-2025-32885
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message into existing v1 networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...
CVE-2025-32883
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The app there makes it possible to inject any custom message into existing mesh networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...
CVE-2025-32885
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message into existing v1 networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...
CVE-2025-32885
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message into existing v1 networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...
CVE-2025-32885
Affected software/hardware: goTenna v1 devices with app 5.5.3 and firmware 0.25.5. Vulnerability: The app enables injection of custom messages into existing v1 networks via a software‑defined radio, using any GID and Callsign. Root cause/condition: exploitation in unencrypted environments or when...
CVE-2025-32885
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message into existing v1 networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...
CVE-2025-32883
...
CVE-2025-32883
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The app there makes it possible to inject any custom message into existing mesh networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...
PT-2025-18670 · Gotenna · Gotenna Mesh
Name of the Vulnerable Software and Affected Versions: goTenna Mesh versions 5.5.3 and firmware 1.1.12 Description: An issue was discovered that allows the injection of custom messages into existing mesh networks with any GID and Callsign via a software defined radio. This can be exploited if the...
CVE-2025-32883
The CVE-2025-32883 entry concerns goTenna Mesh versions 5.5.3 and firmware 1.1.12. A vulnerability allows injection of custom messages into existing mesh networks using a software defined radio, with attacker-supplied GID and Callsign. The issue is exploitable in unencrpyted environments or when ...
CVE-2025-32885
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message into existing v1 networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...
CVE-2024-47127
In the goTenna Pro App there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing goTenna mesh networks. This vulnerability can be exploited if the device is being used in an unencrypted environment or if the...