CVE-2026-15311: Cross Site Scripting in NousResearch hermes-agent
A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter._markdown_to_html of the file gateway/platforms/matrix.py of the…
Read the full articleYou might also wanna read

CVE-2025-14773: Cross-Site Scripting Vulnerability in ABB T-MAC Plus (Version 4.0-24)
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-M

WAF - WAF Release - 2026-03-12 - Emergency
This week's release introduces new detections for vulnerabilities in Ivanti Endpoint Manager Mobile (CVE-2026-1281 and CVE-2026-1340), along
GhostApproval Vulnerability Exploits Symlinks to Bypass AI Coding Agent Workspace Restrictions
GhostApproval lets attackers use symlinks to trick AI coding agents into writing outside a workspace and potentially gaining remote code exe
Critical Security Vulnerability CVE-2025-66478 in React Server Components Protocol
A critical vulnerability (CVE-2025-66478) has been identified in the React Server Components protocol. Users should upgrade to patched versi
Technical Analysis of CVE-2025-10035: A CVSS 10.0 Vulnerability in Fortra GoAnywhere MFT
File transfer used to be simple fun - fire up your favourite FTP client, log in to a glFTPd site, and you were done. Fast forward to 2025, a
labs.watchtowr.com·9mo agoLangflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurren

Comments
Sign in to join the conversation.
No comments yet. Be the first.