SafeVault

SafeVault - Security and Authentication Capstone Project A pr...

SUSE CVE-2026-31648

In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nrpages calculation overflow in filemapmappages When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange crash issues showing up as "Bad page state": " 734.496287 BUG: Bad...

ARIstoteles -- Dissecting Apple's Baseband Interface

Wireless chips and interfaces expose a substantial remote attack surface. As of today, most cellular baseband security research is performed on the Android ecosystem, leaving a huge gap on Apple devices. With iOS jailbreaks, last-generation wireless chips become fairly accessible for performance...

CVE-2026-31648

In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nrpages calculation overflow in filemapmappages When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange crash issues showing up as "Bad page state": " 734.496287 BUG: Bad...

📄 MISP 2.5.27 Workflow Engine Cross Site Scripting

This Metasploit auxiliary module targets a potential stored cross site scripting vulnerability in the MISP Workflow Engine. It is designed to interact with the MISP API, create workflows, and inject malicious payloads into workflow data fields...

org.apache.httpcomponents.client5:httpclient5-cache (=5.6-alpha1), org.apache.httpcomponents.client5:httpclient5-fluent (=5.6-alpha1) +2 more potentially affected by CVE-2026-40542 via org.apache.httpcomponents.client5:httpclient5 (=5.6-alpha1)

org.apache.httpcomponents.client5:httpclient5 MAVEN version =5.6-alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.httpcomponents.client5:httpclient5 and may be impacted: - org.apache.httpcomponents.client5:httpclient5-cache =5.6-alpha1...

EUVD-2026-25160

PySpector is a static analysis security testing SAST Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the blocklist implemented in...

Oracle Application Testing Suite (April 2026 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by a vulnerability as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps BSAFE...

Transient Turn Injection: Exposing Stateless Multi-Turn Vulnerabilities in Large Language Models

Large language models LLMs are increasingly integrated into sensitive workflows, raising the stakes for adversarial robustness and safety. This paper introduces Transient Turn InjectionTTI, a new multi-turn attack technique that systematically exploits stateless moderation by distributing...

Keras 3.13.0 Safe Parallel ML Stress Test Generator

This script is a safe and lightweight stress-testing utility designed to simulate machine learning model generation workloads without actually allocating large memory or creating real heavy files. It was designed to test Keras 3.13.0...

Keras 3.13.0 HDF5 Shape Fuzzing for Robustness Testing

This script performs fuzz testing against Keras version 3.13.0 on randomly generated tensor shapes using NumPy and HDF5 to evaluate stability and error handling in file creation workflows...

Keras 3.13.0 Bulk Generator for Large-Scale HDF5 Shape Test Models

This script is a parallel batch generator designed to create multiple .keras model files using a thread pool. Each file is generated with a predefined set of large tensor shapes intended for stress testing or memory-impact evaluation in HDF5/Keras workflows...

📄 Eclipse Che WebSocket Machine-Exec Remote Code Execution

This Python script is a WebSocket-based client designed to interact with an Eclipse Che / DevSpaces machine-exec service and test for an unauthenticated remote code execution vulnerability...

HTTP Chunked Encoding Behavior Analyzer

This script is a security analysis tool designed to test how a web server such as Kestrel-based applications handles HTTP requests using chunked transfer encoding...

DNG File Generator for Security Testing

This C++ program is a complex security research tool CVE-2026-27280 designed to manually construct a DNG Digital Negative image file with fully controlled internal structures TIFF/DNG headers, IFD tables, and metadata tags...

DNG File Generator for Security Testing Masked RGB Tables

This Python script is a research-oriented DNG Digital Negative file generator designed to build a specially crafted image file with controlled metadata structures for security testing of DNG processing engines...

vulnscanx_v2

⚡ VulnScanX Advanced Vulnerability Scanning & Penetration...

UBUNTU-CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...