•about 9 hours ago•CVE-2026-27480
5.3Tick-Tock: Cracking Static Web Server via Timing Side-Channels
A classic timing-based side-channel vulnerability in Static Web Server (SWS) allows remote attackers to enumerate valid usernames. By measuring the microsecond-level differences in response times during Basic Authentication, adversaries can distinguish between 'User Not Found' and 'User Found, Password Wrong' states, effectively bypassing the first layer of authentication defense.
10 views•6 min read
•about 9 hours ago•CVE-2026-2441
8.8Font of Doom: Inside CVE-2026-2441 (Chrome Blink UAF)
In the sprawling, chaotic metropolis that is the Chromium codebase, even the most obscure CSS features can hide deadly traps. CVE-2026-2441 is a textbook Use-After-Free (UAF) vulnerability buried deep within the Blink rendering engine's handling of `@font-feature-values`. By exploiting a logic error in how iterators track underlying HashMaps during mutation, attackers can trigger memory corruption leading to Remote Code Execution (RCE) inside the renderer process. This isn't theoretical—Google has confirmed active exploitation in the wild.
5 views•6 min read
•about 9 hours ago•CVE-2026-27484
2.3OpenClaw: The AI That Banned Its Own Master
A critical logic flaw in OpenClaw's Discord integration allowed unprivileged users to weaponize the AI agent against server administrators. By leveraging the inherent 'gullibility' of Large Language Models (LLMs) and a lack of backend authorization checks, attackers could perform prompt injection attacks to spoof the identity of an admin. This tricked the bot into executing high-privilege moderation commands—like bans and kicks—on the attacker's behalf, effectively turning the automated assistant into an insider threat.
5 views•6 min read
•about 10 hours ago•CVE-2026-27485
4.6OpenClaw's Sticky Paws: Symlink Following & Zip Slip (CVE-2026-27485)
A classic UNIX nuance bites a modern AI tool. OpenClaw, the open-source personal AI assistant, contained a vulnerability in its skill packaging utility that allowed for arbitrary file read via symbolic link following. By crafting a malicious skill directory containing symlinks to sensitive files (like SSH keys or password databases), an attacker could trick a developer or user into packaging those external files into a distributable archive. Additionally, a secondary path traversal (Zip Slip) vulnerability was identified in the same component, allowing for potential file overwrites during extraction.
6 views•5 min read
•about 10 hours ago•CVE-2026-27488
6.9OpenClaw: When Your Personal AI Assistant Attacks Your Intranet
OpenClaw, the increasingly popular personal AI assistant, recently patched a significant Server-Side Request Forgery (SSRF) vulnerability in its cron webhook mechanism. This flaw allowed authenticated users to coerce the OpenClaw server into making arbitrary HTTP POST requests to internal network resources, local loopback interfaces, or cloud metadata services. By exploiting the lack of destination validation in the webhook dispatch logic, attackers could map internal infrastructure or interact with sensitive services protected only by network boundaries.
6 views•6 min read
•about 11 hours ago•CVE-2026-27492
4.7Singleton Sins: Leaking Data via Lettermint's Fluent Interface
A state management vulnerability in the Lettermint Node.js SDK allows sensitive email data to persist across transactions when the client is reused. Due to an implementation flaw in the fluent interface design, properties like attachments, CCs, and headers were not cleared after sending, causing them to bleed into subsequent email requests. This effectively turns a shared client instance into a data leakage hose.
6 views•5 min read
•about 11 hours ago•CVE-2026-27576
4.8OpenClaw: Choking the AI Assistant with a Data Firehose
OpenClaw, a personal AI assistant often integrated into IDEs via the Agent Control Protocol (ACP), suffered from a classic uncontrolled resource consumption vulnerability. By feeding the local `stdio` bridge a massive prompt payload, an attacker could force the Node.js process to allocate oversized strings, leading to memory exhaustion and a Denial of Service (DoS). The vulnerability also exposed a logic flaw where failed validation left the agent in a 'zombie' state, unable to process further requests.
5 views•5 min read
•about 12 hours ago•CVE-2026-27482
5.9Ray's One-Way Ticket: The 'DELETE' Method Bypass
Ray, the popular open-source framework for scaling AI and Python applications, contained a logic flaw in its dashboard security middleware. While the developers implemented a check to block browser-based state-changing requests (CSRF protection), they explicitly blacklisted `POST` and `PUT` methods but forgot to include `DELETE`. This oversight allows an unauthenticated attacker to trick a victim's browser into deleting jobs, stopping services, and causing a Denial of Service (DoS) on the cluster.
8 views•6 min read
•about 14 hours ago•CVE-2026-27206
8.1The Zumba Class Dance: RCE via PHP Object Injection in json-serializer
A high-severity PHP Object Injection vulnerability exists in the Zumba Json Serializer library. By trusting user-controlled type hints in JSON payloads, the library allows attackers to instantiate arbitrary classes, leading to Remote Code Execution (RCE) via magic method gadget chains. While a patch exists, it requires manual configuration to be effective.
11 views•5 min read
•about 19 hours ago•CVE-2026-2473
7.7Bucket Squatting on Google Vertex AI: Stealing Models with Predictable Names
A classic 'Bucket Squatting' vulnerability in the Google Cloud Vertex AI SDK allows unauthenticated attackers to hijack the default storage used by machine learning experiments. By predicting the name of the Google Cloud Storage (GCS) bucket that the SDK automatically generates—based on the victim's Project ID and region—an attacker can pre-create this bucket in their own tenant. When the victim initializes their Vertex AI environment using default settings, their proprietary models, datasets, and training logs are unwittingly uploaded to the attacker's infrastructure. Furthermore, this channel can be reversed to inject malicious serialized objects, leading to Cross-Tenant Remote Code Execution (RCE).
5 views•6 min read
•about 22 hours ago•CVE-2026-2472
8.6Poisoned Notebooks: Stored XSS in Google Vertex AI SDK
A critical Stored Cross-Site Scripting (XSS) vulnerability in the Google Cloud Vertex AI Python SDK allows attackers to execute arbitrary JavaScript within a victim's Jupyter or Colab environment. By poisoning model evaluation datasets, an attacker can hijack the visualization rendering process to exfiltrate credentials or manipulate notebook sessions.
9 views•6 min read
•about 23 hours ago•CVE-2026-2739
6.9The Ghost in the Machine: How an Empty Number Killed the Node.js Event Loop
A logic error in the widely used 'bn.js' BigNumber library allows for a Denial of Service via state corruption. By invoking the bitwise masking function with a zero length, an attacker can violate internal object invariants, creating a 'ghost' number with a length of zero. This corrupted state forces subsequent operations like serialization or division into infinite loops, freezing the single-threaded Node.js process instantly.
3 views•6 min read