Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, Mastercard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Stocks
CFD
U.S. stock CFD derivatives
US Stocks
Access real US stocks and ETFs
HK Stocks
Trade quality Hong Kong-listed stocks
Korean Stocks
SK Hynix
Real Korean stocks and top assets
Stock Futures
High leverage, 24/7 trading
Tokenized Stocks
Backed by real stock assets
IPO Access
Unlock full access to global stock IPOs
GUSD
Mint GUSD for Treasury RWA yields
Stocks Activities
Trade Popular Stocks and Unlock Generous Airdrops
Earn
Launch
CandyDrop
tag
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
IPO Access
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Others
TradFi
2026 World Cup
Rewards
Square
Latest
Hot
News
Profile

AgentFlow synthesizes 300 Agents to dig out 10 Chrome zero-day vulnerabilities including sandbox escape.

MeNews
ME News message, April 23 (UTC+8), according to Beating monitoring, the UCSB Yu Feng team, in collaboration with fuzz.land and other organizations, proposed AgentFlow, which automatically synthesizes multi-agent harnesses (programs that orchestrate agent role assignments, information transmission, tool allocation, and retry logic) for vulnerability discovery. The paper states that when the model remains unchanged, merely modifying the harness can yield success-rate differences by several multiples, but existing solutions are mostly handcrafted or only search a limited design space. AgentFlow uses a typed graph DSL to unify the five harness dimensions (roles, topology, message patterns, tool bindings, and coordination protocol) into an editable graph program, enabling in a single step the simultaneous addition and modification of agents, topology, prompts, and tool sets. The outer loop pinpoints failure stages from runtime signals such as target-program coverage and sanitizer reports, replacing binary pass/fail feedback. On TerminalBench-2, paired with Claude Opus 4.6, it achieves 84.3% (75/89), the highest score among similar categories on this leaderboard. On the Chrome codebase (35 million lines of C/C++), the system synthesizes harnesses composed of 300+ agents; the automatically evolved agent instructions specifically target C++ memory-safety vulnerabilities, require crash verification using ASAN/UBSAN, and use multi-agent deduplication via shared documents and file locks. Running the open-source model Kimi K2.5 on 192 H100s for 7 days, it discovered 10 zero-day vulnerabilities, all confirmed by Chrome VRP. Six of them have been assigned CVE IDs, involving WebCodecs, Proxy, Network, Codecs, and Rendering; the types include UAF, integer overflow, and heap buffer overflow. Among them, CVE-2026-5280 and CVE-2026-6297 are Critical-level sandbox escapes. fuzz.land co-founder Shou Chao Fan stated that some vulnerabilities were originally discovered using MiniMax M2.5, and MiniMax M2.5 and Opus 4.6 can also find most of them. AgentFlow has been open-sourced. (Source: BlockBeats)
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments

  • Pinned

Sitemap