Aggregator

ZDI-CAN-30129: DLR-RM

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bongeun Koo (@kiddo_pwn)' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-30133: DLR-RM

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bongeun Koo (@kiddo_pwn)' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31961: Soda PDF

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-30130: DLR-RM

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bongeun Koo (@kiddo_pwn)' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31959: Soda PDF

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31894: MLflow

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 5.4 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L severity vulnerability discovered by 'Grigory Dorodnov of TrendAI Research' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31889: Microsoft

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.5 AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Nikolai Skliarenko of TrendAI Research' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31867: Apache

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Nicholas Zubrisky (@NZubrisky) of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31088: NVIDIA

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'LemonTea1014 (@LteaaR1014) from ICEDTEA CTF' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31089: NVIDIA

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Verichains Cyber Force Team (@Verichains)' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-31319: Foxit

ZDI: Upcoming Advisories
1 week 1 day ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Liang Zhu' was reported to the affected vendor on: 2026-06-18, 7 days ago. The vendor is given until 2026-10-16 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

AWS Continuum brings AI models to code vulnerability management

Help Net Security
1 week 1 day ago

AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It reasons over a customer’s environment, confirms which findings are real, and works toward resolution. It is model agnostic and draws on multiple frontier models, assigning each to the work where it performs best. AWS designed it to take in newer models as they become available. “We need … More →

The post AWS Continuum brings AI models to code vulnerability management appeared first on Help Net Security.

Sinisa Markovic

Homebrew tightens tap security, begins work on its interface

Help Net Security
1 week 1 day ago

Anyone who installs software through a third-party Homebrew tap runs Ruby code written by people outside the project, and that code runs without a sandbox. That risk sits at the center of Homebrew 6.0.0. Tap trust Homebrew now requires a tap, along with any tap-qualified formula or cask, to be trusted before its code is evaluated or run. The official Homebrew taps stay trusted by default. The brew tap command gains options for managing trust … More →

The post Homebrew tightens tap security, begins work on its interface appeared first on Help Net Security.

Anamarija Pogorelec

Managed ad