Aggregator

CMD

Dark Feed IO
6 days 19 hours ago

You must login to view this content

cohenido

From SQLi to RCE – Exploiting LangGraph’s Checkpointer

Check Point Research
6 days 19 hours ago

By Yarden Porat AI agents need memory. Frameworks like LangGraph provide it through checkpointers – persistence layers that store execution state. But what happens when that persistence layer isn’t locked down? Key Points Background LangGraph is an open-source framework for building stateful, multi-agent AI systems with built-in persistence. It’s an extension of LangChain, with over […]

The post From SQLi to RCE – Exploiting LangGraph’s Checkpointer appeared first on Check Point Research.

stcpresearch

Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories

The Hackers News
6 days 19 hours ago
Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four main award categories. The reason is simple. Cybersecurity is full of work that deserves recognition and rarely gets it. Products that quietly close real gaps. Teams that stop incidents nobody reads about. Companies that raise the
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

The Hackers News
6 days 19 hours ago
It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials. The bigger problem is how polished this all looks now. Mule networks run like SaaS.
The Hacker News

CVE-2026-46169 | Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.6 hfsplus hfsplus_strcasecmp uninitialized pointer

Vuldb Updates
6 days 19 hours ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.6 and classified as critical. The affected element is the function hfsplus_strcasecmp of the component hfsplus. The manipulation results in uninitialized pointer. This vulnerability is identified as CVE-2026-46169. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-46234 | Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8 vsock vsock_update_buffer_size buffer overflow

Vuldb Updates
6 days 19 hours ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8. It has been declared as critical. The impacted element is the function vsock_update_buffer_size of the component vsock. Executing a manipulation can lead to buffer overflow. This vulnerability is handled as CVE-2026-46234. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-46236 | Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8 media xbox_remote buffer overflow

Vuldb Updates
6 days 19 hours ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8. It has been rated as critical. This affects the function xbox_remote of the component media. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2026-46236. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2026-46241 | Linux Kernel up to 6.12.89/6.18.31/7.0.8 spi use after free

Vuldb Updates
6 days 19 hours ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.12.89/6.18.31/7.0.8. Affected is an unknown function of the component spi. This manipulation causes use after free. The identification of this vulnerability is CVE-2026-46241. The attack needs to be done within the local network. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-46235 | Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8 media saa7164_dev_setup null pointer dereference

Vuldb Updates
6 days 19 hours ago
A vulnerability described as critical has been identified in Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8. This affects the function saa7164_dev_setup of the component media. Executing a manipulation can lead to null pointer dereference. This vulnerability is tracked as CVE-2026-46235. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-46239 | Linux Kernel up to 7.0.8 media pm_runtime_put reference count

Vuldb Updates
6 days 19 hours ago
A vulnerability classified as critical has been found in Linux Kernel up to 7.0.8. This vulnerability affects the function pm_runtime_put of the component media. The manipulation leads to improper update of reference count. This vulnerability is listed as CVE-2026-46239. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2021-4479 | Dräger Atlan A350 1.00/1.01 Medibus Interface improper validation of syntactic correctness of input

Vuldb Updates
6 days 19 hours ago
A vulnerability classified as problematic was found in Dräger Atlan A350 1.00/1.01. This affects an unknown part of the component Medibus Interface. Such manipulation leads to improper validation of syntactic correctness of input. This vulnerability is listed as CVE-2021-4479. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

CVE-2026-46240 | Linux Kernel up to 6.18.31/7.0.8/7.1-rc2 media iris_release_internal_buffers use after free (EUVD-2026-32758)

Vuldb Updates
6 days 19 hours ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.18.31/7.0.8/7.1-rc2. This impacts the function iris_release_internal_buffers of the component media. The manipulation results in use after free. This vulnerability was named CVE-2026-46240. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-46237 | Linux Kernel up to 7.1-rc1 drm privilege escalation (EUVD-2026-32755)

Vuldb Updates
6 days 19 hours ago
A vulnerability marked as critical has been reported in Linux Kernel up to 7.1-rc1. Affected by this issue is some unknown functionality of the component drm. Performing a manipulation results in privilege escalation. This vulnerability is identified as CVE-2026-46237. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-46238 | Linux Kernel up to 7.1-rc3 batman-adv neigh_node state issue (EUVD-2026-32756)

Vuldb Updates
6 days 19 hours ago
A vulnerability classified as critical was found in Linux Kernel up to 6.6.139/6.12.89/6.18.31/7.0.8/7.1-rc3. This issue affects the function neigh_node of the component batman-adv. The manipulation results in state issue. This vulnerability is cataloged as CVE-2026-46238. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

Black Box Versus Glass Box DDoS Protection

Netscout
6 days 19 hours ago
Distributed denial-of-service (DDoS) attacks continue to grow in scale, frequency, and sophistication, forcing organizations to rethink not just how they defend against attacks, but how much visibility and control they have over those defenses. At the center of this shift is a fundamental architectural choice: black...
MIke Wetherbee

Managed ad