Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Id...
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-ope...
Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be r...
Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 serv...
The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may no...
ML-KEM-1024 x64 AVX2 implicit rejection failure in the Fujisaki-Okamoto transform breaks IND-CCA2 security, allowing decapsulation to deviate from ...
BlueDucky Ver 2.1 Android 🦆 Thanks to all the people at HackNexus. Make sure you come join us on VC ! https://discord.gg/HackNexus NOTES: I will n...
When dalfox versions less than or equal to 2.12.0 is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and...
The endpoint management category is being redefined in real time. Organizations no longer need tools that only inventory devices or enforce configu...
Earlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like "users can check for themselves...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
