open-source
168 articles with this tag
CRITICAL
MEDIUM
HIGH
INFO
INFO
INFO
INFO
INFO
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
INFO
HIGH
INFO
CRITICAL
CRITICAL
HIGH
HIGH
INFO
INFO
HIGH
MEDIUM
MEDIUM
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
LOW
MEDIUM
INFO
INFO
INFO
INFO
LOW
LOW
INFO
INFO
LOW
INFO
CRITICAL
LOW
MEDIUM
INFO
INFO
INFO
LOW
INFO
INFO
INFO
INFO
MEDIUM
CRITICAL
INFO
INFO
INFO
LOW
INFO
HIGH
INFO
HIGH
CRITICAL
MEDIUM
MEDIUM
HIGH
MEDIUM
MEDIUM
INFO
INFO
HIGH
INFO
MEDIUM
MEDIUM
HIGH
INFO
INFO
INFO
INFO
HIGH
MEDIUM
INFO
MEDIUM
INFO
LOW
INFO
HIGH
HIGH
INFO
HIGH
HIGH
HIGH
HIGH
HIGH
Millions of AI agents imperiled by critical vulnerability in open source package
The Hackers Behind Shai-Hulud: Lucky or Skilled?
Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
OpenHack: Open-source AI-powered vulnerability research
Could Suddenly-Great Open Source AI Crash the US Economy?
Microsoft open-sources tools for designing and testing AI agents
Flipper One project needs community help to build open Linux platform
Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
[NEU] [mittel] MongoDB: Schwachstelle ermöglicht Denial of Service
[NEU] [mittel] NetBSD Foundation NetBSD OS: Mehrere Schwachstellen ermöglichen Denial of Service
'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments
[NEU] [hoch] Joplin: Mehrere Schwachstellen
[NEU] [hoch] Budibase: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
[NEU] [mittel] MailPit: Mehrere Schwachstellen
[NEU] [mittel] vim: Mehrere Schwachstellen ermöglichen Codeausführung
[NEU] [hoch] Flowise: Mehrere Schwachstellen ermöglichen Codeausführung
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
PraisonAI vulnerability gets scanned within 4 hours of disclosure
KDE gets over €1 million investment to strengthen security and core infrastructure
[NEU] [mittel] Composer: Schwachstelle ermöglicht Offenlegung von Informationen
Sandyaa: Open-source autonomous security bug hunter
‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack
[NEU] [hoch] pgAdmin: Mehrere Schwachstellen
[NEU] [hoch] Bitwarden: Mehrere Schwachstellen
[NEU] [hoch] dnsmasq: Mehrere Schwachstellen
OpenBSD and slopcode: raindrop to a torrent?
Red Hat extends open source technology into space
[NEU] [hoch] KDE Kdenlive und Okular: Mehrere Schwachstellen
[NEU] [mittel] Apache Airflow Providers OpenSearch und Elasticsearch: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
[NEU] [mittel] Linux Kernel: Mehrere Schwachstellen
[NEU] [mittel] Budibase: Schwachstelle ermöglicht Offenlegung von Informationen
[NEU] [hoch] Rancher Fleet Helm Deployer: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
[NEU] [hoch] PgBouncer: Mehrere Schwachstellen
[NEU] [hoch] vm2: Schwachstelle ermöglicht Codeausführung
[NEU] [hoch] LangChain: Schwachstelle ermöglicht Manipulation von Dateien und Offenlegung von Informationen
[NEU] [niedrig] expat: Schwachstelle ermöglicht Denial of Service
[NEU] [UNGEPATCHT] [mittel] jq: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Rustinel: Open-source endpoint detection for Windows and Linux
Securing CI/CD for an open source project: lessons from Cilium
Product showcase: NetGuard open-source firewall for Android
Redox gets partial window pixel updating, tmux, and more
[NEU] [niedrig] OpenBao: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Brush shell 0.4.0 tightens script safety, widens platform support
Pipelock: Open-source AI agent firewall
Cisco Releases Open Source Tool for AI Model Provenance
Cisco releases open-source toolkit for verifying AI model lineage
Warp open sources its AI terminal client
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Linux storage management tool Stratis 3.9.0 adds online encryption and cache-less pool startup
[NEU] [mittel] LangChain (openai, text-splitters): Mehrere Schwachstellen ermöglichen Offenlegung von Informationen und SSRF-Umgehung
25 open-source cybersecurity tools that don’t care about your budget
Hot take: AI's not going to kill open source code security
It's a myth that you need Mythos to find bugs: Open source models can do it just as well
[UPDATE] [niedrig] libxml2: Schwachstelle ermöglicht Denial of Service
PentAGI: Open-source autonomous AI penetration testing system
This AI Tool Rips Off Open Source Software Without Violating Copyright
From Bulk Export to AI-ready Security Workflows: Introducing Rapid7’s Open-Source MCP Server and Agent Skill
Product showcase: Syncthing for secure, private file synchronization
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
Product showcase: Ente Auth encrypts, backs up, and syncs 2FA
Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab
Linux 7.0 released
ZeroID: Open-source identity platform for autonomous AI agents
Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise
Project Glasswing and open source software: The good, the bad, and the ugly
[NEU] [hoch] helm: Mehrere Schwachstellen
[NEU] [hoch] MISP: Mehrere Schwachstellen
Microsoft locks out VeraCrypt and WireGuard devs, blames verification process
[NEU] [mittel] LangChain: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
[NEU] [mittel] xwiki: Schwachstelle ermöglicht Codeausführung
[NEU] [mittel] Fleet: Schwachstelle ermöglicht Privilegieneskalation
Microsoft suspends dev accounts for high-profile open source projects
Asqav: Open-source SDK for AI agent governance
Microsoft Abruptly Terminates VeraCrypt Account, Halting Windows Updates
Social engineering attacks on open source developers are escalating
Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents
[NEU] [UNGEPATCHT] [mittel] libarchive: Schwachstelle ermöglicht Denial of Service
[NEU] [mittel] vllm: Mehrere Schwachstellen
Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities
Year in Review: Vulnerabilities old and new and something React2
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR
Open source office suites erupt in forking and licensing drama
Redox gets new CPU scheduler
Do not get high(jacked) off your own supply (chain)
Claude Code Found a Linux Vulnerability Hidden for 23 Years
Microsoft releases open-source toolkit to govern autonomous AI agents
Claude Code source code accidentally leaked in NPM package
Intel puts its data center performance knowledge on GitHub
Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step
Hottest cybersecurity open-source tools of the month: March 2026
[NEU] [hoch] Foreman: Schwachstelle ermöglicht Codeausführung
[NEU] [hoch] Red Hat FUSE (libfuse): Mehrere Schwachstellen ermöglichen Codeausführung und DoS
ShipSec Studio brings open-source workflow orchestration to security operations
TeamPCP strikes again - telnyx popular PyPI library compromised
[NEU] [mittel] LangChain: Schwachstelle ermöglicht Offenlegung von Informationen
[NEU] [hoch] Langflow: Schwachstelle ermöglicht Manipulation von Dateien
From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI
[NEU] [hoch] Langflow: Schwachstelle ermöglicht Codeausführung