This page collects WhisperX intelligence signals tagged #Vulnerability Scanner. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A significant security testing gap has been identified in an open-source security tool: it currently lacks the ability to detect XML External Entity (XXE) injection vulnerabilities. This omission leaves a critical blind spot, particularly for API-focused security assessments where XML payloads are common in SOAP servic...
Un nuovo strumento di sicurezza open-source, il Prompt Vulnerability Scanner, sta evidenziando vulnerabilità critiche nei sistemi di intelligenza artificiale generativa. Lo strumento estende le capacità di un rilevatore di injection di base introducendo simulazioni attive di attacchi, inclusi payload adversariali, inje...
The open-source security scanner OWASP Nettacker has integrated a new vulnerability detection module targeting a critical remote code execution flaw in Fortinet's FortiVoice and FortiMail products. The module, `fortivoice_cve_2025_32756_vuln`, is designed to identify exposed and potentially exploitable `/remote/hostche...
The WAST web application security scanner is moving to directly target the emerging threat of AI-powered applications. A core development task is now to build an `LLMPromptInjectionScanner`, a dedicated engine designed to detect indirect prompt injection attacks through web form inputs. This capability, listed as a top...
Aura's vulnerability scanning pipeline is being fundamentally re-engineered to integrate a new class of AI models, codenamed 'Mythos,' signaling a major leap in offensive cybersecurity capabilities. The internal project, tracked via GitHub, is building scaffolding to immediately leverage these models through AWS Bedroc...
A new detection template for the recently disclosed CVE-2023-6750 vulnerability has been published to the Nuclei project on GitHub. The template, designed for the popular open-source vulnerability scanner, provides security teams with a ready-to-use method for identifying systems affected by this specific security flaw...
A critical pull request is preparing the `adblock-compiler` API surface for integration with Cloudflare's new AI-driven API Shield Vulnerability Scanner. This state-of-the-art tool uses AI-generated API call graphs to sequence real authentication flows, specifically hunting for Broken Object Level Authorization (BOLA) ...
A critical security flaw has been flagged in the `arubis/railsgoat-vulnerability-demo` repository, exposing a high-severity mass assignment vulnerability. The issue, automatically detected by the RSOLV security scanner, centers on line 50 of the `app/controllers/users_controller.rb` file. The controller uses `params.re...
Mozilla has disclosed that its internally developed Mythos scanning tool identified 271 vulnerabilities during an audit, with the organization characterizing its false positive rate as nearly negligible. The disclosure, which surfaced through a Hacker News discussion thread, positions Mythos as a high-precision additio...