Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

The left-pad npm Incident Explained

No CVE, no CVSS — just one unpublished package that broke the internet's build pipelines. Here's what left-pad still teaches security teams.

Feb 9, 20268 min read
Vulnerability Analysis

The clawdhub Malicious AI Agent Skills Campaign Explained

A coordinated supply-chain campaign poisoned 1,184+ ClawHub AI agent skills, stealing crypto wallets and SSH keys via CVE-2026-25253.

Feb 9, 20267 min read
Vulnerability Analysis

CUPS CVE-2024-47176: Network RCE via IPP

CVE-2024-47176 in cups-browsed lets attackers add rogue printers over UDP 631 and chain to RCE. Exploit flow, detection, and Linux distro impact.

Feb 6, 20267 min read
Vulnerability Analysis

PwnKit Five Years On: Why CVE-2021-4034 Still Lives in Production

PwnKit was a trivial local privilege escalation in polkit that affected nearly every Linux distribution for over a decade. The technical details and the residual risk in 2026.

Feb 3, 20265 min read
Vulnerability Analysis

SonicWall SMA 1000 CVE-2025-23006 Pre-Auth RCE

CVE-2025-23006 is a pre-auth deserialization RCE in SonicWall SMA 1000. Exploit chain, detection signals, and appliance hardening.

Feb 2, 20267 min read
Vulnerability Analysis

ScreenConnect CVE-2024-57727 Path Traversal Detailed

CVE-2024-57727 is a path traversal in ConnectWise ScreenConnect enabling arbitrary file read on self-hosted instances. Chain, detection, and patching.

Jan 29, 20267 min read
Vulnerability Analysis

What is Input Validation

Input validation stops malicious data at the door. See the CVEs — Equifax, Log4Shell, MOVEit — that prove why skipping it, or doing it wrong, is so costly.

Jan 28, 20266 min read
Vulnerability Analysis

What is Output Encoding

Output encoding neutralizes untrusted data before it reaches a browser or database -- the last line of defense against XSS, and most teams still get it wrong.

Jan 28, 20267 min read
Vulnerability Analysis

What is Input Sanitization

Input sanitization stops attacker-controlled data from executing as code. Learn how it works, how it differs from validation, and where it fails.

Jan 28, 20267 min read
Vulnerability Analysis

What Are Parameterized Queries

Parameterized queries stop SQL injection by binding user input as data instead of parsing it as SQL — here's how they work, and where they still fail.

Jan 28, 20266 min read
Vulnerability Analysis

Rails YAML deserialization RCE history and CVE-2013-0156 ...

A deep dive into CVE-2013-0156, the Rails YAML deserialization RCE that let attackers execute code via crafted requests, and how to remediate it.

Jan 26, 20268 min read
Vulnerability Analysis

What is a Man-in-the-Browser Attack

Man-in-the-browser malware rewrites transactions inside a victim's own browser, bypassing TLS and OTP 2FA -- here's how it works and how to stop it.

Jan 26, 20267 min read
Vulnerability Analysis (Page 14) — Supply Chain Security Blog | Safeguard