All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Claude Code is an agentic coding tool (a program that can write code automatically) that had a vulnerability before version 2.0.31 where a mistake in how it parsed sed commands (a tool for editing text) allowed attackers to bypass safety checks and write files anywhere on a computer system. This vulnerability has been fixed.
Fix: Update to version 2.0.31 or later. The issue has been patched in version 2.0.31.
NVD/CVE DatabaseCVE-2025-64660 is a vulnerability in GitHub Copilot and Visual Studio Code that involves improper access control (a flaw in how the software checks who is allowed to do what), allowing an authorized attacker to execute code over a network. The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a vulnerability is). This means someone with legitimate access to these tools could potentially run malicious code remotely.
Claude Code, an agentic coding tool (software that can write and execute code), had a vulnerability before version 1.0.39 where it could run code from yarn plugins (add-ons for the Yarn package manager) before asking the user for permission, but only on machines with Yarn 3.0 or newer. This attack required tricking a user into opening Claude Code in an untrusted directory (a folder with malicious code).
Nagios Log Server versions before 2026R1.0.1 have a command injection vulnerability (a flaw where attackers can insert malicious commands into input fields) in its experimental Natural Language Queries feature. An authenticated user (someone with a valid login) can exploit this by entering crafted values in the Global Settings page to run arbitrary commands on the server as the 'www-data' user (the account the web server runs under), potentially taking over the entire Log Server.
Slither-MCP is a new tool that connects LLMs (large language models) with Slither's static analysis engine (a tool that examines code without running it to find bugs), making it easier for AI systems to analyze and audit smart contracts written in Solidity (a programming language for blockchain). Instead of using basic search tools, LLMs can now directly ask Slither to find function implementations and security issues more accurately and efficiently.
Trail of Bits released open-source Go implementations of ML-DSA and SLH-DSA, two NIST-standardized post-quantum signature algorithms (cryptographic methods designed to resist attacks from quantum computers). The team engineered these libraries to be constant-time, meaning they execute in the same amount of time regardless of input values, to prevent side-channel attacks (security breaches that exploit physical characteristics like timing or power consumption rather than the algorithm itself) like the KyberSlash vulnerability that affected earlier Kyber implementations.
The LifterLMS WordPress plugin has a privilege escalation vulnerability (CVE-2025-11923) where the plugin fails to properly verify user identity before allowing role changes through the REST API (a standard way for programs to communicate and exchange data). This allows attackers with student-level access to promote themselves to administrator by sending a specially crafted request to modify their own role. The vulnerability affects multiple versions of the plugin ranging from 3.5.3 through 9.1.0.
PyTorch versions 2.5 and 2.7.1 have a bug where forgetting to call profiler.stop() can cause torch.profiler.profile (a Python tool that measures code performance) to crash or hang, resulting in a Denial of Service (DoS, where a system becomes unavailable). The underlying issue involves improper locking (a mechanism that controls how multiple processes access shared resources).
A flaw in the Observability Operator allows an attacker with limited namespace-level permissions to escalate their access to the entire cluster by creating a MonitorStack resource and then impersonating a highly-privileged ServiceAccount (a Kubernetes identity that the Operator automatically creates). This privilege escalation (gaining unauthorized higher-level access) could let an attacker take control of the entire Kubernetes cluster.
The WP Import – Ultimate CSV XML Importer plugin for WordPress has a security flaw in versions up to 7.33 where the showsetting() function is missing an authorization check (a verification that the person accessing it has permission). This allows authenticated attackers with Author-level access or higher to extract sensitive information, including OpenAI API keys (secret credentials used to access the OpenAI service) that are configured through the plugin's admin interface.
CVE-2025-33202 is a stack overflow vulnerability (a memory safety bug where a program writes too much data into a reserved area of memory) in NVIDIA's Triton Inference Server for Linux and Windows. An attacker could exploit this by sending extremely large data payloads, potentially crashing the service and making it unavailable to users (denial of service).
CVE-2025-62453 is a vulnerability in GitHub Copilot and Visual Studio Code where improper validation of generative AI output (not properly checking what the AI generates) allows an authorized attacker to bypass a security feature on their local computer. The vulnerability is classified as a protection mechanism failure (CWE-693, a flaw in how security controls are designed).
A path traversal vulnerability (CWE-22, where an attacker manipulates file paths to access files outside their intended directory) was discovered in Visual Studio Code's CoPilot Chat Extension that allows an authorized attacker to bypass a security feature on their local computer. The vulnerability is tracked as CVE-2025-62449 and was reported by Microsoft Corporation.
CVE-2025-62222 is a command injection vulnerability (where an attacker tricks software into running unintended commands) in the Visual Studio Code CoPilot Chat Extension that allows an unauthorized attacker to execute code over a network. The vulnerability stems from improper neutralization of special elements in commands and inadequate input validation (checking that data is safe before using it).
This research introduces TGDIP, a machine learning model that uses graph neural networks (GNNs, which are AI systems that learn patterns from data organized as connected networks) to predict how different drugs interact with each other. The model addresses two main problems: drug features becoming too similar to each other during processing, and irrelevant information being included when predicting interactions between drug pairs. TGDIP solves these issues using two techniques: contrastive learning (training the model by comparing similar and different examples) to keep drug features distinct, and an information bottleneck method (a process that filters out unnecessary data) to remove irrelevant information between drug pairs.
Fix: Update Claude Code to version 1.0.39 or later. The source states: 'This issue has been patched in version 1.0.39.'
NVD/CVE DatabaseThis research addresses challenges in federated learning (FL, a method where multiple institutions train an AI model together without sharing private data) by introducing FedDPO, which uses reinforcement learning (a type of AI that learns through trial and error feedback) to automatically adjust regularization terms (mathematical penalties that stabilize training) for each participant based on their unique data and system conditions. The approach also uses local batch normalization (a technique that normalizes data within each institution) to handle differences in how data is distributed across institutions, and testing on medical image classification tasks shows it outperforms existing methods.
Fix: Update Nagios Log Server to version 2026R1.0.1 or later.
NVD/CVE DatabaseThis research addresses a problem where image de-raining AI models (systems that remove rain from photos) perform poorly on real-world rainy images because they are trained on limited datasets. The researchers propose a framework inspired by how human brains learn and remember, using generative adversarial networks (GANs, AI systems that generate synthetic images) to capture features of new rainy data and then train the de-raining model with both real and synthetic data, similar to how the brain replays memories to strengthen learning.
Researchers developed DIC-GAN, a generative adversarial network (GAN, an AI model that learns to create realistic data by having two competing neural networks) that reconstructs weather radar images from satellite data in regions where ground-based radar doesn't exist, such as deserts and oceans. The system uses dynamic identity convolution modules (specialized neural network layers that adjust their behavior based on input data) and a mixed loss function (a measure of how wrong the AI's predictions are, combining three different error metrics) to improve accuracy, especially for strong storm signals. Testing showed the model works better than existing methods and can generate radar images for areas without physical radar coverage.
Fix: The source describes a technique for removing branches (conditional decision points) from cryptographic code using bit masking, two's complement, and XOR (exclusive OR, a logical operation) to perform both sides of a condition and then use a constant-time conditional swap based on the condition to obtain the correct result. However, the source does not provide a complete, production-ready solution—it only shows partial code examples and states they are 'Not secure -- DO NOT USE.' The source does not mention specific updates, patches, or versions that users should apply.
Trail of Bits BlogHPE-Li++ is a new system that estimates human pose (the position and angles of body parts) using both Wi-Fi signals and camera data together, rather than relying only on camera images. The system uses a specialized neural network (a type of AI model) with adaptive kernel selection (a technique that automatically adjusts how the AI processes different parts of the input) to achieve accurate 3D skeletal pose detection while using very little computing power, making it practical for devices with limited resources.
This research proposes FGE-GAN (fuzzy graph evolutionary generative adversarial network, a deep learning model that uses fuzzy graphs to handle uncertainty in disease data) to predict Alzheimer's disease risk and identify disease pathways. The model treats Alzheimer's progression as the spread of fuzzy entropy (uncertain information) through interconnected disease factors, and experiments show it outperforms existing methods at predicting disease risk.