One Is a Fluke, 3 Is a Pattern: MCP Back-End Vulnerabilities

...

VulTriage: Triple-Path Context Augmentation for LLM-Based Vulnerability Detection

Automated vulnerability detection is a fundamental task in software security, yet existing learning-based methods still struggle to capture the structural dependencies, domain-specific vulnerability knowledge, and complex program semantics required for accurate detection. Recent Large Language...

InduGuard_vul_poc

ICS Vulnerability PoC Library — SCAA Benchmark Support Proof-...

Exploit for CVE-2025-48757

🛡️ Supabase Sentinel A Claude Skill that audits your Supaba...

Regular Expression Denial of Service Induced by Backreferences

This paper presents the first systematic study of denial-of-service vulnerabilities in Regular Expressions with Backreferences REwB. We introduce the Two-Phase Memory Automaton 2PMFA, an automaton model that precisely captures REwB semantics. Using this model, we derive necessary conditions under...

Automated Static Vulnerability Detection Via a Holistic Neuro-Symbolic Approach

Static vulnerability detection is still a challenging problem and demands excessive human efforts, e.g., manual curation of good vulnerability patterns. None of prior works, including classic program analysis or Large Language Model LLM-based approaches, have fully automated such vulnerability...

Git-Vuln-Finder - Finding Potential Software Vulnerabilities From Git Commit Messages

Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could contain a fix regarding a software vulnerability. The search is based on a set of regular expressions against the commit messages only. If CVE IDs are present,...