DEV Community

# vulnerability

Discussions about specific security vulnerabilities and CVEs.

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Trivy Vulnerability Scanner Compromised in Supply Chain Attack: Mitigation Steps and User Guidance
maricode profile

Trivy Vulnerability Scanner Compromised in Supply Chain Attack: Mitigation Steps and User Guidance

#cybersecurity #supplychain #opensource #vulnerability
1
Comments
8 min read
AI System's Internal Logic Exposed via Creative Querying: Enhanced Access Restrictions Proposed
natcher profile

AI System's Internal Logic Exposed via Creative Querying: Enhanced Access Restrictions Proposed

#ai #security #llm #vulnerability
Comments
13 min read
Claude Code CLI Vulnerability: Malicious Configs Bypass Trust Dialog, Enabling Unauthorized Permission Elevation
kserude profile

Claude Code CLI Vulnerability: Malicious Configs Bypass Trust Dialog, Enabling Unauthorized Permission Elevation

#security #vulnerability #cli #permissions
Comments
10 min read
Claude Code CLI Fixed: Configuration Loading Order Defect Resolved to Prevent Unauthorized Permission Elevation
olgabyte profile

Claude Code CLI Fixed: Configuration Loading Order Defect Resolved to Prevent Unauthorized Permission Elevation

#security #vulnerability #cli #ai
Comments
8 min read
Trivy Scanner Compromised Again: Malicious Code Found in v0.69.4 and GitHub Actions, Raising Security Concerns
maricode profile

Trivy Scanner Compromised Again: Malicious Code Found in v0.69.4 and GitHub Actions, Raising Security Concerns

#security #supplychain #opensource #vulnerability
Comments
8 min read
CVE-2025-9318: SQL Injection in Quiz and Survey Master — Full Audit
victorstackai profile

CVE-2025-9318: SQL Injection in Quiz and Survey Master — Full Audit

#wordpress #drupal #security #vulnerability
2
Comments
3 min read
Eight Critical Bugs, One Day: Anatomy of an AI Agent Security Audit
oolongtea2026 profile

Eight Critical Bugs, One Day: Anatomy of an AI Agent Security Audit

#security #aiagents #opensource #vulnerability
Comments
3 min read
MediaTek Audio DSP Vulnerability: How a Nothing Phone Could Have Been Hacked (Except It Wasn't)
kunal_d6a8fea2309e1571ee7 profile

MediaTek Audio DSP Vulnerability: How a Nothing Phone Could Have Been Hacked (Except It Wasn't)

#cybersecurity #mediatek #androidsecurity #vulnerability
Comments
7 min read
Windows Vulnerability CVE-2025-59284: Incomplete Patch Enables NetNTLM Hash Phishing During Archive Extraction
kserude profile

Windows Vulnerability CVE-2025-59284: Incomplete Patch Enables NetNTLM Hash Phishing During Archive Extraction

#windows #vulnerability #netntlm #patching
Comments
14 min read
Glassworm Is Back: The Invisible Unicode Attack Hiding in Your Code
kunal_d6a8fea2309e1571ee7 profile

Glassworm Is Back: The Invisible Unicode Attack Hiding in Your Code

#cybersecurity #unicode #vulnerability #supplychainattack
Comments
7 min read
Five Chrome Zero-Days in Two Weeks: The Most Aggressive Browser Attack Wave of 2024
kunal_d6a8fea2309e1571ee7 profile

Five Chrome Zero-Days in Two Weeks: The Most Aggressive Browser Attack Wave of 2024

#cybersecurity #googlechrome #zeroday #vulnerability
1
Comments
6 min read
CVE-2026-20435: How a MediaTek Boot Chain Flaw Exposes Crypto Wallets on 25% of Android Phones
ohmygod profile

CVE-2026-20435: How a MediaTek Boot Chain Flaw Exposes Crypto Wallets on 25% of Android Phones

#security #android #crypto #vulnerability
1
Comments
5 min read
Zombie ZIP Vulnerability Enables Malware to Bypass 95% of Antivirus Software, Requiring Urgent Security Updates
olgabyte profile

Zombie ZIP Vulnerability Enables Malware to Bypass 95% of Antivirus Software, Requiring Urgent Security Updates

#cybersecurity #malware #vulnerability #antivirus
Comments
8 min read
EPSS Explained: Why Exploit Prediction Scoring Changes Everything for Vulnerability Prioritization
amartyajha profile

EPSS Explained: Why Exploit Prediction Scoring Changes Everything for Vulnerability Prioritization

#security #vulnerability #devsecops #programming
Comments
2 min read
Denial of Service in yauzl 3.2.0: One Zip File Crashes the Library Behind VS Code and Electron
amartyajha profile

Denial of Service in yauzl 3.2.0: One Zip File Crashes the Library Behind VS Code and Electron

#security #javascript #node #vulnerability
Comments
5 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.