AI Sec Watch

This research addresses the problem of recognizing shapes that have been rotated at different angles in computer vision (the field of teaching computers to understand images). The authors propose a new method that focuses on analyzing the outline or contour points of shapes rather than individual pixels, and they use a special neural network module to identify geometric patterns in these contours while ignoring rotation. Their approach shows better results than previous methods, especially for complex shapes, and it works even when the contour data is slightly noisy or imperfect.

vLLM is a tool that runs large language models and serves them to users. In versions 0.5.5 through 0.11.0, two API endpoints accept a parameter called chat_template_kwargs that isn't properly checked before being used, allowing attackers to send specially crafted requests that freeze the server and prevent other users' requests from being processed.

vLLM (an inference and serving engine for large language models) versions 0.5.5 through 0.11.0 have a vulnerability where users can crash the engine by sending multimodal embedding inputs (data that combines multiple types of information, like images and text) with incorrect shape parameters, even if the model doesn't support such inputs. This bug has a CVSS score of 8.3 (a 0-10 scale measuring vulnerability severity), indicating it's a high-severity issue.

vLLM versions 0.10.2 through 0.11.0 have a vulnerability in how they process user-supplied prompt embeddings (numerical representations of text). An attacker can craft malicious data that bypasses safety checks and causes memory corruption (writing data to the wrong location in computer memory), which can crash the system or potentially allow remote code execution (RCE, where an attacker runs commands on the server).

Claude Code is an agentic coding tool (a program that can write code automatically) that had a vulnerability before version 2.0.31 where a mistake in how it parsed sed commands (a tool for editing text) allowed attackers to bypass safety checks and write files anywhere on a computer system. This vulnerability has been fixed.

CVE-2025-64660 is a vulnerability in GitHub Copilot and Visual Studio Code that involves improper access control (a flaw in how the software checks who is allowed to do what), allowing an authorized attacker to execute code over a network. The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a vulnerability is). This means someone with legitimate access to these tools could potentially run malicious code remotely.

Claude Code, an agentic coding tool (software that can write and execute code), had a vulnerability before version 1.0.39 where it could run code from yarn plugins (add-ons for the Yarn package manager) before asking the user for permission, but only on machines with Yarn 3.0 or newer. This attack required tricking a user into opening Claude Code in an untrusted directory (a folder with malicious code).

Slither-MCP is a new tool that connects LLMs (large language models) with Slither's static analysis engine (a tool that examines code without running it to find bugs), making it easier for AI systems to analyze and audit smart contracts written in Solidity (a programming language for blockchain). Instead of using basic search tools, LLMs can now directly ask Slither to find function implementations and security issues more accurately and efficiently.

PyTorch versions 2.5 and 2.7.1 have a bug where forgetting to call profiler.stop() can cause torch.profiler.profile (a Python tool that measures code performance) to crash or hang, resulting in a Denial of Service (DoS, where a system becomes unavailable). The underlying issue involves improper locking (a mechanism that controls how multiple processes access shared resources).