#input-sanitization

[ follow ]
#cybersecurity #vulnerability #google-antigravity #code-execution #cve-2026-2256 #command-injection
Information security
fromThe Hacker News
5 hours ago

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

A vulnerability in Google's Antigravity IDE allowed code execution through insufficient input sanitization in the find_by_name tool.
Information security
fromSecurityWeek
1 month ago

Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

CVE-2026-2256 in ModelScope MS-Agent framework allows arbitrary OS command execution through inadequate input sanitization in the Shell tool using regex-based blacklist filtering.
fromThe Hacker News
2 months ago

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

The vulnerability, tracked as CVE-2026-1245 (CVSS score: N/A), affects all versions of the module prior to version 2.3.0, which addresses the issue. Patches for the flaw were released on November 26, 2025. Binary-parser is a widely used parser builder for JavaScript that allows developers to parse binary data. It supports a wide range of common data types, including integers, floating-point values, strings, and arrays. The package attracts approximately 13,000 downloads on a weekly basis.
Information security
[ Load more ]