2d ago · 11 min read · This is the second article in the series. The first one covered why our periodic scanning model had stopped working at scale. This one is the technical account of what we built in its place. A quick n
Join discussion
May 11 · 2 min read · CVE-2026-40217: Remote Code Execution via Sandbox Escape in LiteLLM Vulnerability ID: CVE-2026-40217 CVSS Score: 8.8 Published: 2026-05-11 LiteLLM, an open-source LLM proxy, contains a critical sandbox escape vulnerability in its guardrail testing ...
Join discussionMay 11 · 2 min read · CVE-2026-44643: Sandbox Escape and Remote Code Execution in angular-expressions Vulnerability ID: CVE-2026-44643 CVSS Score: 9.3 Published: 2026-05-11 CVE-2026-44643 is a critical sandbox escape vulnerability in the peerigon/angular-expressions lib...
Join discussionMay 11 · 2 min read · CVE-2026-44340: Arbitrary File Write via Symlink Traversal in PraisonAI Tar Extraction Vulnerability ID: CVE-2026-44340 CVSS Score: 8.7 Published: 2026-05-11 PraisonAI versions prior to 4.6.37 contain a path traversal vulnerability in the _safe_ext...
Join discussionMay 9 · 2 min read · CVE-2023-49316: Denial of Service via Unbounded Degree in phpseclib Binary Finite Fields Vulnerability ID: CVE-2023-49316 CVSS Score: 7.5 Published: 2026-05-08 The phpseclib cryptographic library version 3.x prior to 3.0.34 contains a Denial of Ser...
Join discussionMay 9 · 2 min read · GHSA-MV93-W799-CJ2W: Remote Code Execution via Config Section Injection in GitPython Vulnerability ID: GHSA-MV93-W799-CJ2W CVSS Score: 7.8 Published: 2026-05-08 GitPython versions prior to 3.1.50 are vulnerable to a newline injection attack in the ...
Join discussionMay 9 · 2 min read · CVE-2026-6860: Unbounded SNI Cache Growth in Eclipse Vert.x Vulnerability ID: CVE-2026-6860 CVSS Score: 5.3 Published: 2026-05-09 Eclipse Vert.x suffers from an uncontrolled resource consumption vulnerability within its Server Name Indication (SNI)...
Join discussionMay 9 · 2 min read · GHSA-v6wj-c83f-v46x: Critical OS Command Injection in @profullstack/mcp-server domain_lookup Module Vulnerability ID: GHSA-V6WJ-C83F-V46X CVSS Score: 9.8 Published: 2026-05-09 A critical unauthenticated OS Command Injection vulnerability (CWE-78) e...
Join discussionMay 8 · 2 min read · CVE-2026-6321: Path Traversal in fast-uri via Improper Normalization Order Vulnerability ID: CVE-2026-6321 CVSS Score: 7.5 Published: 2026-05-08 The fast-uri library (versions ≤ 3.1.0) contains a high-severity path traversal vulnerability due to an...
Join discussion
