PT-2025-26100

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, which could cause a kernel hang when using the hinic device as a bond slave device and reading device stats of the master bond...

The vulnerability of the Task Scheduler in Windows operating systems allows a malicious individual to escalate their privileges.

The vulnerability of the Task Scheduler in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the btrfs filesystem not unlocking a page when cowfilerange fails, which could lead to a task hang...

PT-2025-26015 · Btrfs +1 · Btrfs +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc1+ Description: A vulnerability in the Linux kernel has been resolved, related to the btrfs file system. The issue causes a hang when the cow file range function fails during allocation, leaving pages...

SHADE-Arena: Evaluating Sabotage and Monitoring in LLM Agents

As Large Language Models LLMs are increasingly deployed as autonomous agents in complex and long horizon settings, it is critical to evaluate their ability to sabotage users by pursuing hidden objectives. We study the ability of frontier LLMs to evade monitoring and achieve harmful hidden goals...

IP Leakage Attacks Targeting LLM-Based Multi-Agent Systems

The rapid advancement of Large Language Models LLMs has led to the emergence of Multi-Agent Systems MAS to perform complex tasks through collaboration. However, the intricate nature of MAS, including their architecture and agent interactions, raises significant concerns regarding intellectual...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: schedext: Corrected incorrect autogroup migration detection. The function scxmovetask is called from schedmovetask, and it informs the BPF scheduler that cgroup migration is being performed. schedmovetask is used for both cgroup...

Training RL Agents for Multi-Objective Network Defense Tasks

Open-ended learning OEL -- which emphasizes training agents that achieve broad capability over narrow competency -- is emerging as a paradigm to develop artificial intelligence AI agents to achieve robustness and generalization. However, despite promising results that demonstrate the benefits of...

Exploit for Link Following in Microsoft

Diffing cleanmgr.exe The new version of cleanmgr.exe inclu...

Multi-Modal Multi-Task Federated Foundation Models for Next-Generation Extended Reality Systems: Towards Privacy-Preserving Distributed Intelligence in AR/VR/MR

Extended reality XR systems, which consist of virtual reality VR, augmented reality AR, and mixed reality XR, offer a transformative interface for immersive, multi-modal, and embodied human-computer interaction. In this paper, we envision that multi-modal multi-task M3T federated foundation model...

CVE-2025-33067 Windows Task Scheduler Elevation of Privilege Vulnerability

...

CVE-2025-33067

CVE-2025-33067 — Windows Kernel local privilege escalation due to improper privilege management. Affects the Windows Kernel; attacker can gain elevated rights locally with no user interaction. CVSSv3.1 base score 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Connected sources confirm the impact as l...

CVE-2025-33067 Windows Task Scheduler Elevation of Privilege Vulnerability

...

Windows Task Scheduler Elevation of Privilege Vulnerability

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally...

KLA84760 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...

Attacking Attention of Foundation Models Disrupts Downstream Tasks

Foundation models represent the most prominent and recent paradigm shift in artificial intelligence. Foundation models are large models, trained on broad data that deliver high accuracy in many downstream tasks, often without fine-tuning. For this reason, models such as CLIP , DINO or Vision...

SECNEURON: Reliable and Flexible Abuse Control in Local LLMs Via Hybrid Neuron Encryption

Large language models LLMs with diverse capabilities are increasingly being deployed in local environments, presenting significant security and controllability challenges. These locally deployed LLMs operate outside the direct control of developers, rendering them more susceptible to abuse...

COALESCE: Economic and Security Dynamics of Skill-Based Task Outsourcing among Team of Autonomous LLM Agents

The meteoric rise and proliferation of autonomous Large Language Model LLM agents promise significant capabilities across various domains. However, their deployment is increasingly constrained by substantial computational demands, specifically for Graphics Processing Unit GPU resources. This pape...

ASB-A-383080440

In loadDrawableForCookie of ResourcesImpl.java, there is a possible way to access task snapshots of other apps due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Computer Vision Annotation Tool 安全漏洞

Computer Vision Annotation Tool CVAT is a cvat.ai open source interactive video and image annotation tool for computer vision. A security vulnerability exists in Computer Vision Annotation Tool versions prior to 2.4.0 through 2.38.0, which stems from the possibility that an authenticated user may...