Overview
Description
Statistics
- 1 Post
Overview
- pnggroup
- libpng
Description
Statistics
- 1 Post
Overview
- vllm-project
- vllm
Description
Statistics
- 1 Post
Overview
- Ivanti
- Endpoint Manager Mobile
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
Overview
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
‼️ CISA has added two vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability:
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability:
React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
Overview
Description
Statistics
- 1 Post
Fediverse
To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Fediverse
To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
Description
Statistics
- 2 Posts
Overview
Description
Statistics
- 2 Posts