https://www.sherlockforensics.com/blog/ CVE analysis, digital forensics insights, and incident response intelligence from Vancouver's certified forensic examiners. en-ca Thu, 09 Apr 2026 00:02:03 -0500 https://www.sherlockforensics.com/blog/ai-code-audit-checklist-2026.html https://www.sherlockforensics.com/blog/ai-code-audit-checklist-2026.html Thu, 09 Apr 2026 00:00:58 -0500 The definitive 2026 checklist for auditing AI-generated code. Covers dependency verification, secrets scanning, auth review, API security, input validation and more. https://www.sherlockforensics.com/blog/vibe-coded-disaster-recovery.html https://www.sherlockforensics.com/blog/vibe-coded-disaster-recovery.html Thu, 09 Apr 2026 00:00:45 -0500 Incident response for vibe-coded applications. You built it in a weekend with Cursor. An attacker dismantled it in an afternoon. Here is the recovery playbook. https://www.sherlockforensics.com/blog/ai-masterpiece-or-timebomb.html https://www.sherlockforensics.com/blog/ai-masterpiece-or-timebomb.html Thu, 09 Apr 2026 00:00:33 -0500 AI-generated code that works is not AI-generated code that is secure. Auth bypasses, injectable queries and unprotected APIs hide behind functional applications. https://www.sherlockforensics.com/blog/audit-your-ai-slop.html https://www.sherlockforensics.com/blog/audit-your-ai-slop.html Thu, 09 Apr 2026 00:00:20 -0500 AI slop ships fast and breaks faster. Unreviewed AI-generated code carries injection flaws, hallucinated dependencies and hardcoded secrets. Audit it before attackers find it. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-5741.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-5741.html Wed, 08 Apr 2026 23:53:20 -0500 suvarchal docker-mcp-server up to 0.1.0 OS command injection in container management functions via the HTTP interface. CVSS 7.3 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-5739.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-5739.html Wed, 08 Apr 2026 23:53:20 -0500 PowerJob 5.1.0 through 5.1.2 code injection in the OpenAPI addWorkflowNode endpoint via the nodeParams argument allows remote code execution. CVSS 7.3 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-5736.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-5736.html Wed, 08 Apr 2026 23:53:20 -0500 PowerJob 5.1.0 through 5.1.2 contains a vulnerability in the InstanceController detailPlus endpoint allowing argument manipulation. CVSS 7.3 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-4788.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-4788.html Wed, 08 Apr 2026 23:53:20 -0500 IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files readable by local users. CVSS 8.4 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-4740.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-4740.html Wed, 08 Apr 2026 23:53:20 -0500 Open Cluster Management (Red Hat ACM) improper certificate renewal validation allows managed cluster admins to forge client certificates. CVSS 8.2 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-4631.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-4631.html Wed, 08 Apr 2026 23:53:20 -0500 Cockpit remote login passes unsanitized hostnames to SSH, allowing attackers to inject malicious commands via a single HTTP request. CVSS 9.8 CRITICAL. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-3357.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-3357.html Wed, 08 Apr 2026 23:53:20 -0500 IBM Langflow Desktop 1.6.0 through 1.8.2 allows authenticated users to execute arbitrary code via insecure deserialization in the FAISS component. CVSS 8.8 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-3296.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-3296.html Wed, 08 Apr 2026 23:53:20 -0500 Everest Forms plugin for WordPress up to 3.4.3 contains a critical PHP Object Injection via unsafe deserialization of form entry metadata. CVSS 9.8. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-23696.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-23696.html Wed, 08 Apr 2026 23:52:50 -0500 Windmill CE and EE SQL injection in folder ownership management lets authenticated attackers extract JWT secrets and execute arbitrary SQL. CVSS 9.9 CRITICAL. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-22683.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-22683.html Wed, 08 Apr 2026 23:52:43 -0500 Windmill 1.56.0 through 1.614.0 missing authorization allows Operators to create and modify entities via the backend API. CVSS 8.8 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-22682.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-22682.html Wed, 08 Apr 2026 23:52:35 -0500 OpenHarness improper access control in file tools allows attackers to read arbitrary local files outside intended repository boundaries. CVSS 7.1 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-22679.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-22679.html Wed, 08 Apr 2026 23:52:28 -0500 Weaver E-cology 10.0 contains a critical unauthenticated remote code execution flaw in the dubboApi debug endpoint. CVSS 9.8. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-1346.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-1346.html Wed, 08 Apr 2026 23:52:21 -0500 IBM Verify Identity Access privilege escalation allows local users to gain elevated access. CVSS 9.3 CRITICAL. Affects containers and standalone deployments. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-1343.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-1343.html Wed, 08 Apr 2026 23:52:13 -0500 IBM Verify Identity Access contains a server-side request forgery vulnerability exposing internal authentication endpoints to unauthorized access. CVSS 7.2 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-1342.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2026-1342.html Wed, 08 Apr 2026 23:52:06 -0500 IBM Verify Identity Access and Security Verify Access containers allow locally authenticated users to execute malicious scripts. CVSS 8.5 HIGH. https://www.sherlockforensics.com/blog/2026-04-08-cve-2021-4473.html https://www.sherlockforensics.com/blog/2026-04-08-cve-2021-4473.html Wed, 08 Apr 2026 23:52:01 -0500 Tianxin Internet Behavior Management System contains a critical command injection flaw (CVSS 9.8) in the Reporter component allowing unauthenticated remote code execution. https://www.sherlockforensics.com/blog/weekly-roundup-2026-04-08.html https://www.sherlockforensics.com/blog/weekly-roundup-2026-04-08.html Wed, 08 Apr 2026 22:08:45 -0500 Weekly cybersecurity roundup: 16 critical vulnerabilities from April 01 to April 08, 2026. CVE analysis from Sherlock Forensics Vancouver. https://www.sherlockforensics.com/blog/ai-attacks-real-examples-2026.html https://www.sherlockforensics.com/blog/ai-attacks-real-examples-2026.html Wed, 08 Apr 2026 21:42:03 -0500 Real examples of AI-powered attacks in 2026. AI phishing campaigns, deepfake CEO fraud, automated vulnerability discovery and AI credential stuffing explained. https://www.sherlockforensics.com/blog/ai-code-vulnerabilities-2026.html https://www.sherlockforensics.com/blog/ai-code-vulnerabilities-2026.html Wed, 08 Apr 2026 21:42:03 -0500 Five real vulnerability patterns AI code assistants introduce: hallucinated packages, weak randomness, SQL injection, hardcoded secrets and insecure deserialization. https://www.sherlockforensics.com/blog/ai-deepfake-forensics-legal-proceedings.html https://www.sherlockforensics.com/blog/ai-deepfake-forensics-legal-proceedings.html Wed, 08 Apr 2026 21:42:03 -0500 Forensic methodology for detecting AI-generated deepfakes in courtroom evidence. Detection techniques and chain-of-custody protocols for admissibility. https://www.sherlockforensics.com/blog/ai-startup-pen-test-before-demo-day.html https://www.sherlockforensics.com/blog/ai-startup-pen-test-before-demo-day.html Wed, 08 Apr 2026 21:42:03 -0500 AI startup penetration testing and pre-funding security audits. What investors expect, what a pentest covers and why skipping it is shipping a liability. https://www.sherlockforensics.com/blog/audit-your-ai-before-launch.html https://www.sherlockforensics.com/blog/audit-your-ai-before-launch.html Wed, 08 Apr 2026 21:42:03 -0500 EU AI Act, NIST AI RMF and investor due diligence are making pre-launch AI security audits mandatory. What an AI audit covers vs a traditional pentest. https://www.sherlockforensics.com/blog/best-pentesting-tools-2026.html https://www.sherlockforensics.com/blog/best-pentesting-tools-2026.html Wed, 08 Apr 2026 21:42:03 -0500 The 7 best penetration testing tools in 2026: Burp Suite, Metasploit, Nmap, OWASP ZAP, Nuclei, Cobalt Strike and BloodHound. What each does and its limits. https://www.sherlockforensics.com/blog/can-ai-be-hacked.html https://www.sherlockforensics.com/blog/can-ai-be-hacked.html Wed, 08 Apr 2026 21:42:03 -0500 AI systems can be hacked through adversarial attacks, prompt injection, model extraction, data poisoning and jailbreaking. How each attack works. https://www.sherlockforensics.com/blog/claude-mythos-ai-security-threat.html https://www.sherlockforensics.com/blog/claude-mythos-ai-security-threat.html Wed, 08 Apr 2026 21:42:03 -0500 Claude Mythos found thousands of zero-days for under $50 and over 99% remain unpatched. What this means for your security posture and next steps. https://www.sherlockforensics.com/blog/encrypted-memory-forensics-post-quantum-era.html https://www.sherlockforensics.com/blog/encrypted-memory-forensics-post-quantum-era.html Wed, 08 Apr 2026 21:42:03 -0500 How post-quantum encryption reshapes volatile memory forensics. Updated acquisition methods and tooling for forensic examiners in 2026. https://www.sherlockforensics.com/blog/pipeda-compliance-guide-2026.html https://www.sherlockforensics.com/blog/pipeda-compliance-guide-2026.html Wed, 08 Apr 2026 21:42:03 -0500 PIPEDA compliance guide for 2026. Breach notification requirements, penalties, 10 fair information principles and how a security audit proves due diligence. https://www.sherlockforensics.com/blog/shadow-ai-employee-risk.html https://www.sherlockforensics.com/blog/shadow-ai-employee-risk.html Wed, 08 Apr 2026 21:42:03 -0500 Your employees are pasting company data into ChatGPT and Claude without approval. Shadow AI creates data leaks, IP loss and compliance violations. https://www.sherlockforensics.com/blog/vibe-coding-security-risks.html https://www.sherlockforensics.com/blog/vibe-coding-security-risks.html Wed, 08 Apr 2026 21:42:03 -0500 Vibe coding lets non-developers ship production apps in days. Here is why scanning alone will not secure them and what to do before you get hacked.