FlowGuard: Flow Matching for Identity-Independent Detection of Data-Free Model Stealing Attacks on Energy System Intrusion Detection Systems

Artificial Intelligence AI-based Intrusion Detection Systems IDS deployed in energy infrastructure are vulnerable to model theft attacks, which allow adversaries to create evasive traffic offline. Current defences against model extraction rely either on identity-bound query monitoring, which is...

Domain-Conditioned Safety in Frontier Computer-Using Agents: A 793-Episode Browser Benchmark, a Coding-Domain Cross-Reference, and a Reproducibility Audit of Recent Red-Teaming

Recent computer-using-agent CUA red-teaming papers report prompt-injection attack success rates ASR of 42-98%, but these headline numbers cluster on retired models and on the most-vulnerable model in each paper's panel. We ask whether those techniques, reproduced as hand-crafted templates, still...

Student-Management-System 授权问题漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in the student-management-system’s authorization mechanism; this vulnerability stems from improper authentication of unknown functions, which may lead to remote attac...

WordPress plugin Wallet System for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

PT-2026-46606

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the FileSystem component allows a remote attacker who has already compromised the renderer process to bypass the same origin policy, which is a securi...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from improper implementations in the FileSystem, which could allow remote attackers with compromised rendering...

Important Photon OS Security Update - PHSA-2026-4.0-1026

Updates of 'rsync' packages of Photon OS have been released...

SourceCodester Pizzafy Ecommerce System 安全漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability, which stems from the handling of the 'page' parameter in the file/admin/index.php, potentially...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42304)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42304 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior t...

FORGE: Multi-Agent Graduated Exploitation and Detection Engineering

Vulnerability disclosure volumes now far exceed organizational assessment capacity, yet three adjacent research communities proof-of-concept generation, vulnerability prioritization, and detection rule engineering operate largely in isolation. Existing automated exploit generation systems report...

CVE-2026-10302

The CVE-2026-10302 entry concerns itsourcecode Fees Management System 1.0. The vulnerability lies in an unknown function within the file /manage_fee.php, where manipulating the ID parameter can lead to SQL injection. This allows remote exploitation, and the exploit has been published. The CVSS me...

CVE-2026-10302

A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /managefee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-10302 itsourcecode Fees Management System manage_fee.php sql injection

A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /managefee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-10302 itsourcecode Fees Management System manage_fee.php sql injection

A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /managefee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-10299

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

CVE-2026-10297

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /managecourse.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

CVE-2026-10301 itsourcecode Fees Management System index.php cross site scripting

A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

CVE-2026-10301 itsourcecode Fees Management System index.php cross site scripting

A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

CVE-2026-10301

A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...