Beyond Text: Multimodal Jailbreaking of Vision-Language and Audio Models through Perceptually Simple Transformations

Multimodal large language models MLLMs have achieved remarkable progress, yet remain critically vulnerable to adversarial attacks that exploit weaknesses in cross-modal processing. We present a systematic study of multimodal jailbreaks targeting both vision-language and audio-language models,...

EulerOS 2.0 SP11 : libxslt (EulerOS-SA-2025-2204)

According to the versions of the libxslt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion...

EUVD-2014-2988

Malware in sbrugna...

EUVD-2016-3053

Malware in sbrugna...

EUVD-2010-0149

Malware in sbrugna...

EUVD-2020-6101

Malware in sbrugna...

EUVD-2018-4340

Malware in sbrugna...

EUVD-2004-1145

Malware in sbrugna...

NatGVD: Natural Adversarial Example Attack Towards Graph-Based Vulnerability Detection

Graph-based models learn rich code graph structural information and present superior performance on various code analysis tasks. However, the robustness of these models against adversarial example attacks in the context of vulnerability detection remains an open question. This paper proposes...

EUVD-2025-9494

Malicious code in bioql PyPI...

EUVD-2025-8224

Malicious code in bioql PyPI...

EUVD-2025-20995

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-24293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods a...

Command Injection

activestorage is vulnerable to command injection. The vulnerability is due to unsafe defaults in the allowed list of image transformation methods, which allows an attacker to supply arbitrary input and execute malicious commands...

Linux Distros Unpatched Vulnerability : CVE-2025-7425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as...

MAL-2025-23063 Malicious code in image_transformations (npm)

The package imagetransformations was found to contain malicious code...

Malicious code in image_transformations (npm)

The package imagetransformations was found to contain malicious code...

GHSA-R4MG-4433-C7G3 Active Storage allowed transformation methods that were potentially unsafe

Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allowing for the circumvention of the safe defaults which enables potential command injection vulnerabilities in cases where...

Active Storage allowed transformation methods that were potentially unsafe

Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allowing for the circumvention of the safe defaults which enables potential command injection vulnerabilities in cases where...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...