CVE-2025-65000 Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule

SSH private keys of the "Remote alert handlers Linux" rule were exposed in the rule page's HTML source in Checkmk = 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed...

PT-2025-52229

SSH private keys of the "Remote alert handlers Linux" rule were exposed in the rule page's HTML source in Checkmk = 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed...

PBFuzz: Agentic Directed Fuzzing for PoV Generation

Proof-of-Vulnerability PoV input generation is a critical task in software security and supports downstream applications such as path generation and validation. Generating a PoV input requires solving two sets of constraints: 1 reachability constraints for reaching vulnerable code locations, and ...

EUVD-2018-20472

Malware in sbrugna...

EUVD-2015-8736

Malware in sbrugna...

EUVD-2020-19676

Malware in sbrugna...

EUVD-2005-1999

Malware in sbrugna...

EUVD-2022-3197

Malicious code in bioql PyPI...

EUVD-2024-47492

Malicious code in bioql PyPI...

EUVD-2023-1371

Malicious code in bioql PyPI...

EUVD-2023-1344

Malicious code in bioql PyPI...

EUVD-2022-3741

Malicious code in bioql PyPI...

EUVD-2022-7433

Malicious code in bioql PyPI...

EUVD-2023-1225

Malicious code in bioql PyPI...

EUVD-2023-39979

Malicious code in bioql PyPI...

EUVD-2023-35080

Malicious code in bioql PyPI...

EUVD-2024-47729

Malicious code in bioql PyPI...

EUVD-2022-6917

Malicious code in bioql PyPI...

EUVD-2023-2852

Malicious code in bioql PyPI...

External Data Extraction Attacks against Retrieval-Augmented Large Language Models

In recent years, RAG has emerged as a key paradigm for enhancing large language models LLMs. By integrating externally retrieved information, RAG alleviates issues like outdated knowledge and, crucially, insufficient domain expertise. While effective, RAG introduces new risks of external data...