Login
Linux CVEs, more than you ever wanted to know
(kroah.com) by voxadam | view | 54 comments
FFmpeg Calls Google's AI Bug Reports "CVE Slop"
(itsfoss.com) by speckx | view | 0 comments
React2Shell (CVE-2025-55182/CVE-2025-66478)
(react2shell.com) by orkj | view | 3 comments
CVE-2025-55182: pre-auth remote code execution in React Server Components
(nvd.nist.gov) by janandonly | view | 0 comments
Red Hat Introduces Project Hummingbird focused on Cloud-Native Dev & "Zero-CVE"
(redhat.com) by boilerupnc | view | 1 comments
CVE-2025-50165: Critical Flaw in Windows Graphics Component
(zscaler.com) by galenelias | view | 0 comments
Runc container breakouts: CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881
(openwall.com) by eyberg | view | 0 comments
Bitcoin Value Overflow Incident (CVE-2010-5139)
(learnbitcoin.com) by granya | view | 0 comments
Postgres minor releases closing 11 CVEs
(postgresql.org) by tee-es-gee | view | 0 comments
Original PoCs for React2Shell CVE-2025-55182
(github.com) by dbushell | view | 0 comments
High fidelity check for Next.js/RSC RCE (CVE-2025-55182 and CVE-2025-66478)
(slcyber.io) by infosecau | view | 0 comments
PoC for React RCE CVE-2025-55182
(github.com) by croemer | view | 1 comments
RunC vulnerabilities CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881
(seclists.org) by moebrowne | view | 0 comments
Before it gets a number – About CVE, CWE and vulnerabilities prevention
(quodeq.ai) by quodeq | view | 0 comments
The Apple macOS Security Update Review (3 macOS Versions; 82 Unique CVEs)
(thezdi.com) by alwillis | view | 0 comments
Mythos Discovered a CVE in Its Training Data – and That's Still Worrying
(rival.security) by chris_j | view | 0 comments
Dirty Frag (CVE-2026-43284, CVE-2026-43500): Mitigation
(blog.cloudlinux.com) by abdelhousni | view | 0 comments
Show HN: Free no-signup site auditor – secrets, subdomain takeover, CVEs
(theionproject.com) by TheIOn-Project | view | 0 comments
FreeBSD CVE-2026-4747 Log Suggests Mythos Is a Marketing Trick
(flyingpenguin.com) by jgalt212 | view | 0 comments
HAProxy HTTP/3 to HTTP/1 desync via a standalone QUIC FIN (CVE-2026-33555)
(r3verii.github.io) by r3verii | view | 0 comments
We love open source: finding a critical auth bypass in etcd (CVE-2026-33413)
(strix.ai) by bearsyankees | view | 0 comments
Vibe Security Radar: Real CVEs where AI-generated code introduced Bugs
(vibe-radar-ten.vercel.app) by tsgates | view | 0 comments
Security advisory for Cargo (CVE-2026-33056)
(blog.rust-lang.org) by tcbrah | view | 0 comments
Discord won't fix the invisibility bypass CVE, so I made a PoC
(greasyfork.org) by xmrcat | view | 0 comments
New Vulnerability in n8n – CVE-2026-21858
(schneier.com) by 882542F3884314B | view | 0 comments
Ni8mare – Unauthenticated Remote Code Execution in N8n (CVE-2026-21858)
(cyera.com) by tamnd | view | 0 comments
POC for CVE-2025-55182 (react4shell)
(gist.github.com) by jimmyl02 | view | 0 comments
November CVEs Fell 25% YoY, Driven by Slowdowns at Major CNAs
(socket.dev) by feross | view | 0 comments
Some thoughts around Django SQL Injection CVE-2025-64459
(shivasurya.me) by shivasurya | view | 0 comments
BlackSun: Defender for macOS quarantine restore TOCTOU (CVE-2026-45647)
(bountyy.fi) by chinesemango | view | 0 comments
Protecting against HTTP/2 Bomb vulnerability (CVE-2026-49975) with HAProxy
(haproxy.com) by owenthejumper | view | 0 comments
Zorv-Self-hosted autonomous AI that fixes CVEs
(zorv.openyf.dev) by youelfedr | view | 0 comments
AI Vulnerability Intelligence Agent Converts CVEs to Actionable Security Reports
(github.com) by gtamir02 | view | 1 comments
CVE-2026-31525: Linux Kernel Privilege Escalation Flaw
(sentinelone.com) by Wingy | view | 0 comments
CVE-2026-41089
(gemini.google.com) by redog | view | 1 comments
CVE-Bench: testing LLM agents on real-world vulnerability patches
(giovannigatti.github.io) by logickkk1 | view | 0 comments
CVE-2026-48710: A Maintainer's Perspective
(marcelotryle.com) by kludex | view | 0 comments
Two RCE vulnerabilities in Notepad++ (CVE-2026-48778, CVE-2026-48800)
(ringzeropirate.github.io) by ringzeropirate | view | 0 comments
Glibc CVE-2026-5450 9.8
(app.opencve.io) by euoia | view | 0 comments
Gitea CVE-2026-27771 exposed private container images without authentication
(noscope.com) by logickkk1 | view | 0 comments
Atom Exhaustion Is Not a Footgun. It's One Third of Our CVEs
(erlef.org) by birdculture | view | 0 comments
Show HN: CVE-2026-40369 Windows Kernel Arbitrary Write Chrome SBX
(pwn2nimron.com) by orinimron123 | view | 0 comments
We Benchmarked Claude Code, Codex, Semgrep, CodeQL, Trent on 28 CWE-Bench CVEs
(trent.ai) by geopsist | view | 0 comments
1-Click RCE in Flowise (CVE-2026-40933)
(obsidiansecurity.com) by 13ph03nix | view | 0 comments
Atom Exhaustion Is Not a Footgun. It's One Third of Our CVEs
(erlef.org) by croottree | view | 0 comments
Atom Exhaustion Is Not a Footgun. It's One Third of Our CVEs
(erlef.org) by Tomte | view | 0 comments
The bug bounty market is bifurcating: notes from finding 7 CVEs for $96
(alexrhickey.substack.com) by boundary_check | view | 0 comments
BadHost – CVE-2026-48710 Starlette Host-Header Auth Bypass
(badhost.org) by ylk | view | 0 comments
BadHost – CVE-2026-48710 Starlette Host-Header Auth Bypass
(mcp-scan.nemesis.services) by ylk | view | 0 comments
OWASP CVE Lite CLI
(github.com) by mjtk | view | 0 comments