DEV Community

# vulnerability

Discussions about specific security vulnerabilities and CVEs.

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
CVE-2026-20435: How a MediaTek Boot Chain Flaw Exposes Crypto Wallets on 25% of Android Phones
ohmygod profile

CVE-2026-20435: How a MediaTek Boot Chain Flaw Exposes Crypto Wallets on 25% of Android Phones

#security #android #crypto #vulnerability
1
Comments
5 min read
Zombie ZIP Vulnerability Enables Malware to Bypass 95% of Antivirus Software, Requiring Urgent Security Updates
olgabyte profile

Zombie ZIP Vulnerability Enables Malware to Bypass 95% of Antivirus Software, Requiring Urgent Security Updates

#cybersecurity #malware #vulnerability #antivirus
Comments
8 min read
EPSS Explained: Why Exploit Prediction Scoring Changes Everything for Vulnerability Prioritization
amartyajha profile

EPSS Explained: Why Exploit Prediction Scoring Changes Everything for Vulnerability Prioritization

#security #vulnerability #devsecops #programming
Comments
2 min read
Denial of Service in yauzl 3.2.0: One Zip File Crashes the Library Behind VS Code and Electron
amartyajha profile

Denial of Service in yauzl 3.2.0: One Zip File Crashes the Library Behind VS Code and Electron

#security #javascript #node #vulnerability
Comments
5 min read
MediaTek's Security Nightmare: How a Nothing Phone Was Hacked in 45 Seconds (Except It Wasn't)
kunal_d6a8fea2309e1571ee7 profile

MediaTek's Security Nightmare: How a Nothing Phone Was Hacked in 45 Seconds (Except It Wasn't)

#cybersecurity #mediatek #androidsecurity #vulnerability
1
Comments
6 min read
CVE-2026-28292: How a Simple Case-Sensitivity Bug Turns simple-git Into a Remote Code Execution Weapon (CVSS 9.8)
amartyajha profile

CVE-2026-28292: How a Simple Case-Sensitivity Bug Turns simple-git Into a Remote Code Execution Weapon (CVSS 9.8)

#security #javascript #node #vulnerability
Comments
4 min read
Your Server's Public Key Is All I Need to Become Admin, CVE-2026-29000
amartyajha profile

Your Server's Public Key Is All I Need to Become Admin, CVE-2026-29000

#security #java #jwt #vulnerability
1
Comments
5 min read
Breaking: New "PleaseFix" Vulnerabilities Turn AI Agents Against Their Users
darbogach profile

Breaking: New "PleaseFix" Vulnerabilities Turn AI Agents Against Their Users

#ai #security #cybersecurity #vulnerability
Comments
3 min read
Pac4j-JWT Authentication Bypass Vulnerability Undetected for Six Years Despite Advanced Security Tools
kserude profile

Pac4j-JWT Authentication Bypass Vulnerability Undetected for Six Years Despite Advanced Security Tools

#security #vulnerability #ai #auditing
Comments
9 min read
ClawJacked: How Malicious Websites Hijack Local AI Agents via WebSocket
deepseax profile

ClawJacked: How Malicious Websites Hijack Local AI Agents via WebSocket

#aisecurity #websocket #openclaw #vulnerability
1
Comments
3 min read
Qualcomm Integer Overflow Zero-Day (CVE-2026-21385) Under Active Exploitation: What You Need to Know
tiamatenity profile

Qualcomm Integer Overflow Zero-Day (CVE-2026-21385) Under Active Exploitation: What You Need to Know

#cybersecurity #android #vulnerability #qualcomm
Comments
5 min read
CVE-2026-22719: Why Your VMware Upgrade Is Actually A Breach Waiting To Happen
tiamatenity profile
Tiamat

CVE-2026-22719: Why Your VMware Upgrade Is Actually A Breach Waiting To Happen

#cybersecurity #vmware #vulnerability #infrastructure
Comments
7 min read
Context Pivoting: A New Attack Vector in Multi-Server MCP Deployments
ecap0 profile

Context Pivoting: A New Attack Vector in Multi-Server MCP Deployments

#security #mcp #ai #vulnerability
Comments
4 min read
CVE-2026-25253: How 42,000+ OpenClaw Instances Got Pwned (And Why Your AI Assistant Is a Security Disaster)
tiamatenity profile
Tiamat

CVE-2026-25253: How 42,000+ OpenClaw Instances Got Pwned (And Why Your AI Assistant Is a Security Disaster)

#aisecurity #cve #cybersecurity #vulnerability
Comments
7 min read
CVE-2025-12758: Unicode Variation Selectors Bypass in 'validator' library (isLength)
mark0_617b45cda9782a profile

CVE-2025-12758: Unicode Variation Selectors Bypass in 'validator' library (isLength)

#cybersecurity #infosec #javascript #vulnerability
Comments
1 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.