Lucene search
K

50 matches found

NVD
NVD
added 2026/06/11 7:16 p.m.10 views

CVE-2026-47176

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...

5.7CVSS0.00251EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.45 views

GenTI: Benchmarking LLMs for Autonomous IDPS Rule Generation for Unseen Attacks

Rule-based Intrusion Detection and Prevention Systems IDPS offer precise attack detection as well as mitigation, however their manually crafted, signature-driven rules limit adaptability to emerging and zero-day threats. Additionally, existing public datasets e.g., CICIDS2017, UNSW-NB15 focus on...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/03 2:56 p.m.20 views

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on winning that race. You don't control which bug lands. You control what it can reach once it does. That is a question abo...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.8 views

PT-2026-48838

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

5.4AI score
Exploits0References6
Cvelist
Cvelist
added 2026/05/28 5:1 p.m.29 views

CVE-2026-44794 Nautobot: REST API permits creation of GenericForeignKey references to objects that the user should not be able to reference

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, in the case of inter-object references via GenericForeignKey a pattern allowing an object to reference another object that may belong to one of several different "content types" or database tables,...

5.4CVSS0.00177EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/05/24 12:0 a.m.14 views

SEED: Semi-Supervised Continual MalwarE Detection for Tackling ConcEpt Drift on a BuDget

Machine learning based malware detectors become obsolete over time due to concept drift in benign and malware applications. Recent methods rely on fully labeled data and use hierarchical contrastive loss HCL with active learning to improve robustness against drift by exploiting semantic structure...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/05/19 1:0 p.m.12 views

Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report

New York, United States, 19th May 2026, CyberNewswire...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/08 11:30 a.m.6 views

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems. The result is Identity Dark Matter...

6AI score
Exploits0
OSV
OSV
added 2026/03/27 7:10 a.m.3 views

BIT-DISCOURSE-2026-33291 Discourse user can create Zendesk tickets even when it does not have access to topic

Discourse is an open-source discussion platform. Prior to versions 2026.3.0, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0, 2026.2.1, and 2026.1.2 contain a patch. No...

5.4CVSS5.9AI score0.00196EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/26 12:0 a.m.2 views

Understanding AI Methods for Intrusion Detection and Cryptographic Leakage

We investigate the role of artificial intelligence in cybersecurity by evaluating how machine learning techniques can detect malicious network activity and identify potential information leakage in cryptographic implementations. We conduct a series of experiments using the NSL-KDD and CIC-IDS...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.8 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.25 contained security vulnerabilities. These vulnerabilities stemmed from a bypass of approval integrity in the system.run module, which could lead to the execution of binary...

6.5CVSS5.9AI score0.0029EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/20 10:56 p.m.8 views

EUVD-2026-13896

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...

5.1CVSS5.8AI score0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 10:56 p.m.4 views

CVE-2026-33291

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, moderators can create Zendesk tickets for topics they do not have access to view. This affects all forums that use the Zendesk plugin. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2...

5.1CVSS5.8AI score0.00196EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.6 views

PT-2026-26704

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 Description Discourse is an open-source discussion platform. Moderators can create Zendesk tickets for topics they do not...

5.4CVSS5.9AI score0.00196EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.6 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions prior to 18.7.6,...

6.5CVSS5.9AI score0.00192EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.1 views

Evaluating Generalization Mechanisms in Autonomous Cyber Attack Agents

Autonomous offensive agents often fail to transfer beyond the networks on which they are trained. We isolate a minimal but fundamental shift -- unseen host/subnet IP reassignment in an otherwise fixed enterprise scenario -- and evaluate attacker generalization in the NetSecGame environment. Agent...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/02 12:0 a.m.39 views

ZeroDayBench: Evaluating LLM Agents on Unseen Zero-Day Vulnerabilities for Cyberdefense

Large language models LLMs are increasingly being deployed as software engineering agents that autonomously contribute to repositories. A major benefit these agents present is their ability to find and patch security vulnerabilities in the codebases they oversee. To estimate the capability of...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/27 7:45 p.m.7 views

CVE-2026-26207

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, discourse-policy plugin allows any authenticated user to interact with policies on posts they do not have permission to view. The PolicyController loads posts by ID without verifying the current...

5.4CVSS6AI score0.00151EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 3:4 p.m.7 views

CVE-2026-26207

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, discourse-policy plugin allows any authenticated user to interact with policies on posts they do not have permission to view. The PolicyController loads posts by ID without verifying the current...

5.4CVSS5.6AI score0.00151EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.3 views

Predicting Known Vulnerabilities from Attack Descriptions Using Sentence Transformers

Modern infrastructures rely on software systems that remain vulnerable to cyberattacks. These attacks frequently exploit vulnerabilities documented in repositories such as MITRE's Common Vulnerabilities and Exposures CVE. However, Cyber Threat Intelligence resources, including MITRE ATT&CK and CV...

5.9AI score
Exploits0
Rows per page
Query Builder