CVE-2026-9426

A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/txcck/txofdm/submit-url results in stack-based buffer...

PT-2026-41547

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to be sent to the broadcast address, see IEEE Std 802.11-2020, 11.1.3.1 "The Address 1 field of the Beacon .. frame shall be set to the...

What a Mesh: Formal Security Analysis of WPA3 SAE Wireless Authentication

The latest Wi-Fi security standard, IEEE 802.11, includes a secure authentication protocol called SAE, whose use is mandatory for WPA3-Personal networks. The protocol is specified at two separate but linked levels: a traditional cryptographic description of the communication logic between network...

CVE-2026-4477

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

CVE-2026-4477 Yi Technology YI Home Camera WPA/WPS hard-coded key

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

Artificial Noise Versus Artificial Noise Elimination: Redefining Scaling Laws of Physical Layer Security

Artificial noise AN is a key physical-layer security scheme for wireless communications over multiple-input multiple-output wiretap channels. Recently, artificial noise elimination ANE has emerged as a strategy to mitigate the impact of AN on eavesdroppers. However, the influence of ANE on the...

CVE-2025-71224

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rxnosta when interface is not joined ieee80211ocbrxnosta assumes a valid channel context, which is only present after JOINOCB. RX may run before JOINOCB is executed, in which case the OCB interface is no...

AirCatch: Effectively Tracing Advanced Tag-Based Trackers

Tag-based tracking ecosystems help users locate lost items, but can be leveraged for unwanted tracking and stalking. Existing protocol-driven defenses and prior academic solutions largely assume stable identifiers or predictable beaconing. However, identifier-based defenses fundamentally break do...

WiFiPenTester: Advancing Wireless Ethical Hacking with Governed GenAI

Wireless ethical hacking relies heavily on skilled practitioners manually interpreting reconnaissance results and executing complex, time-sensitive sequences of commands to identify vulnerable targets, capture authentication handshakes, and assess password resilience; a process that is inherently...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001438 advisory. An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even...

MiracleLinux 4 : NetworkManager-0.8.1-9.AXS4.3 (AXSA:2011-534:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-534:01 advisory. NetworkManager is a system network service that manages your network devices and connections, attempting to keep active network connectivity when...

Exploit for Out-of-bounds Read in Openssl

--- Cybersecurity Labs Portfolio This repository contain...

Secure Over-The-Air Computation against Multiple Eavesdroppers Using Correlated Artificial Noise

In the era of the Internet of Things and massive connectivity, many engineering applications, such as sensor fusion and federated edge learning, rely on efficient data aggregation from geographically distributed users over wireless networks. Over-the-air computation shows promising potential for...

The Battle of Metasurfaces: Understanding Security in Smart Radio Environments

Metasurfaces, or Reconfigurable Intelligent Surfaces RISs, have emerged as a transformative technology for next-generation wireless systems, enabling digitally controlled manipulation of electromagnetic wave propagation. By turning the traditionally passive radio environment into a smart,...

Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005580 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

EUVD-2021-2695

Malware in sbrugna...

EUVD-2016-2652

Malware in sbrugna...

EUVD-2017-18074

Malware in sbrugna...