privilege-escalation.html 关键词 privilege escalation 的长期追踪 RSS，汇总历史命中文献。 zh-CN Sun, 28 Jun 2026 05:24:06 +0000 ../papers/arxiv-fca0d26d69a9.html https://arxiv.org/abs/2606.18198v1#2026-06-17#privilege-escalation Wed, 17 Jun 2026 14:22:19 +0800 Agent skills are emerging as an important attack surface in LLM-based systems. Through an empirical study of existing skill scanners, we find that current defenses primarily rely on textual descriptions, manifests, and source code as the main signals for security analysis, which can leave visually conveyed malicious intent insufficiently examined. This creates a practical blind spot: harmful operational instructions hidden in images may bypass scanning while still being recoverable by multimoda… ../papers/arxiv-fc8295aa4188.html https://arxiv.org/abs/2605.05000v1#2026-05-07#privilege-escalation Thu, 07 May 2026 12:38:06 +0800 Windows Component Object Model (COM) services run with elevated privileges and are widely accessible to authenticated users, making race conditions in these binaries a critical surface for local privilege escalation. We present SLYP, an end-to-end agentic pipeline that discovers race condition vulnerabilities in COM binaries and generates debugger-verified proof-of-concept (PoC) code. SLYP exposes binary exploration, COM inspection, and dynamic debugging as reusable tool interfaces, giving agen…