EUVD-2026-30760

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate existing system or custom slash...

CVE-2026-28732

Mattermost fixes are for versions 11.5.x (up to 11.5.1), 10.11.x (up to 10.11.13), and 11.4.x (up to 11.4.3). The issue is a failure to enforce slash command trigger-word uniqueness during command updates, allowing an authenticated team member with Manage Own Slash Commands permission to hijack o...

False Sense of Security: Why Probing-Based Malicious Input Detection Fails to Generalize

Large Language Models LLMs can comply with harmful instructions, raising serious safety concerns despite their impressive capabilities. Recent work has leveraged probing-based approaches to study the separability of malicious and benign inputs in LLMs' internal representations, and researchers ha...