6 matches found
Turn specs into evals for any agent with ASSERT
Today, we’re releasing Adaptive Spec-driven Scoring for Evaluation and Regression Testing ASSERT, an open-source framework for turning natural-language behavior specifications into executable evaluations. Every team building an AI system starts with a clear intention for the behaviors they want t...
Smart_Contract_Researcher_POC
Smart Contract Security Research Portfolio hailthelord...
autopoc
AutoPoC Automated proof-of-concept deployments on OpenShift...
CVE-2026-5832 atototo api-lab-mcp HTTP http-server.ts test_http_endpoint server-side request forgery
A weakness has been identified in atototo api-lab-mcp up to 0.2.1. This affects the function analyzeapispec/generatetestscenarios/testhttpendpoint of the file src/mcp/http-server.ts of the component HTTP Interface. This manipulation of the argument source/url causes server-side request forgery. T...
The vulnerability of the Kiwi TCMS testing system lies in its ability to allow unlimited loading of dangerous types of files. This allows attackers to upload arbitrary attachments to testing plans and test scenarios.
The vulnerability of the Kiwi TCMS testing system lies in its ability to load files of a malicious nature without limitation. Exploiting this vulnerability allows an attacker to upload arbitrary attachments to testing plans and test scenarios remotely...
X (Formerly Twitter): SSRF in https://cards-dev.twitter.com/validator
Hello, After my previous report 2 years ago https://hackerone.com/reports/30860 you fixed the vulnerability, but now it looks like this fix was reverted and the same problem exists again. Test scenario: Open https://cards-dev.twitter.com/validator 1. Closed port on localhost http://0.0.0.0:123 -...