All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Netty's RedisDecoder (a tool that reads Redis protocol messages) has a vulnerability where an attacker can send malformed Redis messages without proper line endings (`\r\n`) across multiple connections, causing the decoder to buffer data indefinitely and exhaust the server's direct memory pool (memory reserved for direct I/O operations), resulting in a DoS (denial of service) attack that prevents legitimate users from connecting.
An attacker can crash a server using Netty (a networking library) by sending a malicious Redis message (a command sent to a Redis database) with deeply nested arrays. The RedisArrayAggregator component doesn't limit how many array layers it accepts, so an attacker can send thousands of nested arrays that force the server to create so many state objects that it runs out of memory and crashes.
```json { "summary": "A vulnerability (CVE-2026-11393) exists in AWS AgentCore CLI, a tool for managing AI agents on Amazon Bedrock. An attacker with certain permissions could inject malicious Python code by exploiting improper escaping of triple-quote characters (""") in a specific field, allowing the attacker's code to run if the generated file is executed. The vulnerability affects versions 0.4.0 through 0.14.1 and certain preview versions.", "solution": "N/A -- no mitigation discussed in
A vulnerability in the Linux kernel's graphics driver (drm/xe) allowed a GPU with coh_none coherency mode (a setting that lets the GPU bypass CPU caches) to read sensitive data from CPU cache when applied to CPU cached memory. An attacker could potentially access stale data from previously freed memory pages belonging to other processes. The fix adds validation to reject this dangerous combination in the madvise function.
A buffer overflow vulnerability was found in the Linux kernel's device mapper ioctl (input/output control, a way for programs to send commands to kernel drivers) processing function, where pointer alignment could cause data to be written past the end of a buffer. However, the vulnerability has no practical security impact because only the root user can trigger it, and the libraries that normally communicate with device mapper use properly aligned buffer sizes that prevent the overflow from occurring.
A critical vulnerability was found in Zcash's Orchard privacy pool, a system that uses zero-knowledge proofs (mathematical techniques that prove something is true without revealing details) to hide transaction information. The bug allowed attackers to bypass input validation checks and create fake ZEC (Zcash's cryptocurrency) out of nothing, though it's now been fixed.
Flowise, a tool that provides a drag-and-drop interface for building customized large language model workflows, had a vulnerability in versions before 3.1.2 that allowed attackers to take over evaluators across different workspaces through mass-assignment (a type of security flaw where an attacker can modify multiple object properties at once that they shouldn't be able to change). The vulnerability has been patched in version 3.1.2.
Flowise is a tool with a drag-and-drop interface for building custom AI workflows. Before version 3.1.2, it had a vulnerability where mass-assignment (improperly allowing users to modify system fields they shouldn't access) let attackers take over evaluations across different workspaces, even if they didn't have permission.
Flowise is a visual tool for building customized LLM (large language model) workflows. Before version 3.1.2, it had a mass-assignment vulnerability (a flaw where attackers can modify object properties they shouldn't access) that allowed users to take over dataset rows across different workspaces, with a high severity rating of 7.7.
Flowise, a drag-and-drop tool for building customized AI workflows, had a vulnerability before version 3.1.2 that allowed attackers to take over datasets across different workspaces through mass-assignment (a flaw where an attacker can modify object properties that shouldn't be exposed). The vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 7.7, indicating it is high severity.
Flowise is a drag-and-drop tool for building custom large language model workflows. Before version 3.1.2, it had a mass-assignment vulnerability (a security flaw where unintended data fields can be modified) in its CustomTemplate feature that could let attackers take over templates across different workspaces. This issue has been fixed in version 3.1.2.
Flowise is a tool with a drag-and-drop interface for building customized AI workflows. Before version 3.1.2, it had a mass-assignment vulnerability (a type of security flaw where an attacker can modify data they shouldn't have access to) that allowed someone to take over assistants across different workspaces by manipulating how the system creates and updates assistants.
Flowise, a tool with a drag-and-drop interface for building custom AI workflows, had a security flaw in versions before 3.1.2 where certain endpoints (API routes, which are web addresses that accept requests) for managing OpenAI Assistants Vector Store lacked proper access controls. This meant that even though these endpoints required an API key (a credential for authentication), they didn't actually verify whether users had permission to perform their requested actions.
Flowise is a tool with a drag-and-drop interface for building customized workflows with large language models (LLMs, AI systems trained on massive amounts of text). Before version 3.1.2, the software had a bug where sensitive encrypted credential data was being exposed in API responses when users filtered credentials by name, even though the same data was properly hidden when no filter was used. This is a high-severity security issue because it could allow someone with basic access to view encrypted passwords or API keys they shouldn't see.
Flowise, a tool for building custom AI workflows with a visual interface, had a vulnerability before version 3.1.2 where any user with API access could submit malicious JavaScript code to a function node. When a security key (E2B_APIKEY) wasn't set up (the typical case), this code could break out of its sandbox (a restricted execution environment) and run system commands on the server hosting Flowise.
Flowise, a tool for building customized AI workflows through a drag-and-drop interface, has a mass assignment vulnerability (a bug where attackers can modify fields they shouldn't be able to change) in versions before 3.1.2 that lets authenticated users reassign assistants to different workspaces by manipulating the workspaceId field, breaking the isolation between separate user workspaces in multi-user environments.
Flowise is a tool with a drag-and-drop interface for building customized AI workflows. Before version 3.1.2, the checkBasicAuth endpoint (a part of the system that checks user login credentials) had a security flaw where it validated passwords in plaintext (unencrypted text) without rate limiting (restrictions on how many attempts someone can make) and compared them directly, making it vulnerable to attacks.
Google is upgrading NotebookLM, an AI-powered note-taking app, to use Gemini 3.5, a newer and more advanced version of its AI model that will provide more accurate answers. The update lets users start research projects by simply asking questions, and NotebookLM will automatically search the web to find relevant sources rather than requiring users to manually import materials.
This item is not AI/LLM-related and does not describe a technical security issue, vulnerability, or problem. It is a corporate legal announcement about a confidential S-1 filing (a registration statement for going public) with the SEC (Securities and Exchange Commission), noting that the company expects the document to leak and is making a preemptive announcement while deciding on timing for a public offering.
Microsoft's AI chief Mustafa Suleyman discusses how Microsoft has restructured its AI division to independently pursue superintelligence (AI systems that could surpass human capabilities across all domains), following a renegotiated partnership with OpenAI in October that allows both companies to develop models separately. The interview covers Microsoft's new approach to training frontier models (cutting-edge AI systems at the limits of current technology), the company's relationship with OpenAI, and how AI is being perceived by the public and in politics.
Fix: Add validation in xe_vm_madvise_ioctl() to reject PAT indices (page attribute table settings) with XE_COH_NONE coherency mode when applied to CPU cached memory, aligning with existing validation in the vm_bind path.
NVD/CVE DatabaseFix: Update to version 3.1.2 or later. The issue has been patched in version 3.1.2.
NVD/CVE DatabaseFix: This issue has been patched in version 3.1.2.
NVD/CVE DatabaseFix: This issue has been patched in version 3.1.2. Users should update Flowise to version 3.1.2 or later.
NVD/CVE DatabaseFix: This issue has been patched in version 3.1.2.
NVD/CVE DatabaseFix: Update to version 3.1.2, which patches this vulnerability.
NVD/CVE DatabaseFix: This issue has been patched in version 3.1.2. Users should update to version 3.1.2 or later.
NVD/CVE DatabaseFix: This issue has been patched in version 3.1.2.
NVD/CVE DatabaseFix: Update Flowise to version 3.1.2 or later, where this issue has been patched.
NVD/CVE DatabaseFix: Upgrade to version 3.1.2, which patches this vulnerability.
NVD/CVE DatabaseFix: Update to version 3.1.2, where this issue has been patched.
NVD/CVE DatabaseFix: Update to version 3.1.2, which patches this vulnerability.
NVD/CVE Database