Lucene search
K

788 matches found

CVE
CVE
added 2026/04/09 2:41 p.m.105 views

CVE-2026-34757

CVE-2026-34757 affects libpng 1.0.9 through before 1.6.57. The vulnerability arises when a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST is passed back into the corresponding setter on the same png_struct/png_info pair, causing the setter to read from freed memory and copy it ...

5.1CVSS6AI score0.00195EPSS
Exploits1References6Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/09 2:41 p.m.3 views

CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References6
Packet Storm News
Packet Storm News
added 2026/04/09 12:0 a.m.2 views

Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain

Large language model LLM agents increasingly rely on third-party API routers to dispatch tool-calling requests across multiple upstream providers. These routers operate as application-layer proxies with full plaintext access to every in-flight JSON payload, yet no provider enforces cryptographic...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/04/08 12:15 a.m.5 views

EUVD-2026-19919

Cosign's verify-blob-attestation reports false positive when payload parsing fails...

4.3CVSS5.9AI score0.00241EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/07 8:16 p.m.8 views

CVE-2026-39395

Cosign provides code signing and transparency for containers and binaries. Prior to 3.0.6 and 2.6.3, cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures,...

5.3CVSS6AI score0.00241EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.2 views

Understanding User Privacy Perceptions of GenAI Smartphones

GenAI smartphones, which natively embed generative AI at the system level, are transforming mobile interactions by automating a wide range of tasks and executing UI actions on behalf of users. Their superior capabilities rely on continuous access to sensitive and context-rich data, raising privac...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.16 views

Explainable Autonomous Cyber Defense Using Adversarial Multi-Agent Reinforcement Learning

Autonomous agents are increasingly deployed in both offensive and defensive cyber operations, creating high-speed, closed-loop interactions in critical infrastructure environments. Advanced Persistent Threat APT actors exploit "Living off the Land" techniques and targeted telemetry perturbations ...

5.9AI score
Exploits0
OSV
OSV
added 2026/04/01 9:21 a.m.2 views

CLEANSTART-2026-YR14817 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68119, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.3.2-r0

Multiple security vulnerabilities affect the certificate-transparency-trillian-ctserver package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS6.4AI score0.01945EPSS
Exploits1References11
Microsoft CVE
Microsoft CVE
added 2026/03/29 8:2 a.m.4 views

LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`

...

7.5CVSS5.8AI score0.01052EPSS
Exploits1
NVD
NVD
added 2026/03/26 5:16 p.m.2 views

CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS0.01052EPSS
Exploits1References6
OSV
OSV
added 2026/03/26 5:16 p.m.5 views

ALPINE-CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS5.9AI score0.01052EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/26 4:48 p.m.5 views

EUVD-2026-16258

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS5.9AI score0.01052EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/03/26 4:48 p.m.11 views

CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS5.9AI score0.01052EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2026/03/26 4:48 p.m.28 views

CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS0.01052EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2026/03/26 4:48 p.m.3 views

CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS5.9AI score0.01052EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.8 views

SUSE CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

8.1CVSS5.9AI score0.01052EPSS
Exploits1References28
OSV
OSV
added 2026/03/24 4:21 p.m.9 views

JLSEC-2026-6 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

7.1CVSS6.3AI score0.00299EPSS
Exploits2References8
HackRead
HackRead
added 2026/03/23 11:45 p.m.5 views

Playnance Introduces Participation-First Model for Social Gaming with New Protocol Launch

Playnance launches social gaming protocol powered by GCOIN, enabling user participation in ecosystem value, transparency, and shared digital growth...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/23 12:0 a.m.7 views

Model Context Protocol Threat Modeling and Analyzing Vulnerabilities to Prompt Injection with Tool Poisoning

The Model Context Protocol MCP has rapidly emerged as a universal standard for connecting AI assistants to external tools and data sources. While MCP simplifies integration between AI applications and various services, it introduces significant security vulnerabilities, particularly on the client...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/11 9:2 a.m.8 views

Important: Red Hat Security Advisory: RHTAS 1.3.2 - Tech Preview Release of Model Transparency

The Tech Preview release of the RHTAS Model Transparency CLI image. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Model Transparency CLI image can be used to sign and verify AI/ML workloads...

8.9CVSS6.6AI score0.02667EPSS
Exploits5References9
Rows per page
Query Builder