Beyond Pass/Fail: Using Process Mining to Understand How LLMs Resist (And Fail) Red Team Attacks

Standard AI red teaming evaluations reduce adversarial campaigns to a single binary outcome, attack success rate ASR, not taking into account the sequential structure of how models resist or yield to attacks. We propose applying process mining, a discipline for discovering and analyzing process...

PT-2026-46890

Summary This is a vertical authorization bypass in the Admin API affecting order state transition features /api/ action/order/orderId/state/transition and similar transaction/delivery transition routes. The root cause is that the transition action routes do not declare required server-side ACL...

PT-2026-44258

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the nvmet-tcp module between the handling of Initialization Connection Requests ICReq and queue teardown. The function nvmet tcp handle icreq updates the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the md/md-llbitmap to properly raise the barrier before state machine transitions,...

From CRUD to Autonomous Agents: Formal Validation and Zero-Trust Security for Semantic Gateways in AI-Native Enterprise Systems

Enterprise software engineering is shifting away from deterministic CRUD/REST architectures toward AI-native systems where large language models act as cognitive orchestrators. This transition introduces a critical security tension: probabilistic LLMs weaken classical mechanisms for validation,...

Duplicate Advisory: OpenClaw's voice-call Twilio webhook replay could bypass manager dedupe because normalized event IDs were randomized per parse

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vqx8-9xxw-f2m7. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized...

CVE-2026-32053

OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events to trigger duplicate or stale call-state...

PT-2026-26735

OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events to trigger duplicate or stale call-state...

CVE-2026-24003

EVerest is an EV charging software stack. In versions up to and including 2025.12.1, it is possible to bypass the sequence state verification including authentication, and send requests that transition to forbidden states relative to the current one, thereby updating the current context with...

EVerest security vulnerabilities

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions of EVerest prior to 2025.12.1 contain security vulnerabilities. These vulnerabilities stem from a vulnerability that allows bypassing sequence state verification and authentication, potentiall...

It's a Feature, Not a Bug: Secure and Auditable State Rollback for Confidential Cloud Applications

Replay and rollback attacks threaten cloud application integrity by reintroducing authentic yet stale data through an untrusted storage interface to compromise application decision-making. Prior security frameworks mitigate these attacks by enforcing forward-only state transitions state continuit...

EUVD-2019-6194

Malware in sbrugna...

EUVD-2017-9438

Malware in sbrugna...

EUVD-2015-0176

Malware in sbrugna...

EUVD-2022-7106

Malicious code in bioql PyPI...

EUVD-2025-28933

Malicious code in bioql PyPI...

SUSE CVE-2025-39780

In the Linux kernel, the following vulnerability has been resolved: sched/ext: Fix invalid task state transitions on class switch When enabling a schedext scheduler, we may trigger invalid task state transitions, resulting in warnings like the following which can be easily reproduced by running t...

DEBIAN-CVE-2025-39780

In the Linux kernel, the following vulnerability has been resolved: sched/ext: Fix invalid task state transitions on class switch When enabling a schedext scheduler, we may trigger invalid task state transitions, resulting in warnings like the following which can be easily reproduced by running t...

UBUNTU-CVE-2025-39780

In the Linux kernel, the following vulnerability has been resolved: sched/ext: Fix invalid task state transitions on class switch When enabling a schedext scheduler, we may trigger invalid task state transitions, resulting in warnings like the following which can be easily reproduced by running t...

Wrangling Entropy: Next-Generation Multi-Factor Key Derivation, Credential Hashing, and Credential Generation Functions

The Multi-Factor Key Derivation Function MFKDF offered a novel solution to the classic problem of usable client-side key management by incorporating multiple popular authentication factors into a key derivation process, but was later shown to be vulnerable to cryptanalysis that degraded its...