We found and fixed a Bluetooth LE Audio lifetime bug in mainline Linux, where vendor and distro kernels inherit security updates.
Kernel commitWe're a Swiss applied research lab, rebuilding cybersecurity for the AI era.
Anthropic Cyber Verification OpenAI Trusted Access Microsoft Security Advisors Program
When failure is not an option, top engineers from all around the world review the vulnerabilities we find in open-source software and the Linux kernel.
NVIDIA IBM Intel Microsoft Meta Red Hat Google Qualcomm MediaTek Ericsson
import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none)
import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none)
import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none) import { verify } from "crypto" const token = req.headers.authorization if (!assertAccess(org)) return exec(`curl ${userInput}`) eval(serialize(body)) db.query(`SELECT * WHERE id=${id}`) fs.readFile(path.join(base, userPath)) child_process.spawn(cmd, {shell: true}) new Function(untrusted)() res.send(template(userHtml)) jwt.verify(tok, none)
paperclip·GHSA-47wq-cj9q-wpmpcriticaljsPDF·CVE-2026-31938criticaljsPDF·CVE-2026-31898highnode-forge·CVE-2026-33896highprotobuf.js·CVE-2026-44289highyaml·CVE-2026-33532mediummysql2highLiquidJS·CVE-2026-30952highjsonata·CVE-2026-52746highUptime Kuma·CVE-2026-33130mediumLinux · Bluetooth·mergedhighLinux · NFC LLCP·reportedhighLinux · NFC digital·reportedhighLinux · mac802154·reportedmedium
not your trust.
Every scan runs in an isolated sandbox, fenced to a scope you set — allowed hosts, rate limits, a kill switch. It can’t wander off-target.
Exploit proof exposes real secrets — we redact them and encrypt the rest per-org, opened only by you and logged on every access.
Strict per-org isolation. Your targets and findings never touch another customer — and never train someone else’s model.