Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

Upcoming Events:

SHECURITY – Hackerinnen Training

19.02.2026

SBA @ NDC Security

04.03.2026 - 05.03.2026

Kubernetes Attack and Defense Wizardry with Stormcenter

03.03.2026 - 06.03.2026

Congratulations to our key researcher Johanna Ullrich!

February 6, 2026

We warmly congratulate Prof. Johanna Ullrich, key researcher at SBA Research, on her appointment to the Founding Professorship in Security at IT:U. ... Read More

1st OWASP Chapter Vienna Meetup x SBA Security Meetup

February 5, 2026

At the end of January, our 1st OWASP Chapter Vienna Meetup took place, featuring three excellent speaker sharing insights on LLM Security. ... Read More

SBA Security Advisory – LibreChat Server-Side Request Forgery (CVE-2025-69222)

January 8, 2026

LibreChat version 0.8.1-rc2 is prone to a server-side request forgery (SSRF) vulnerability due to missing restrictions of the Actions feature in the default configuration. This allows attackers to interact with arbitrary third-party HTTP services, for example the internal RAG API. ... Read More

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Files (CVE-2025-69220)

January 8, 2026

LibreChat version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. ... Read More

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Permission Queries (CVE-2025-69221)

January 8, 2026

LibreChat version 0.8.1-rc2 does not enforce proper access control when querying agent permissions. ... Read More

Daryna Oliynyk @ ESSAI

December 23, 2025

At the end of November, our colleague Daryna Oliynyk, a researcher at SBA Research and the Security and Privacy Research Group at the University of Vienna, was invited to speak at the European Symposium on Security and AI (ESSAI) in Rennes, France. She presented the joint paper "Attackers Can Do Better: Over- and Understated Factors of Model Stealing Attacks", co-authored with Rudolf Mayer and Andreas Rauber. ... Read More

Congratulations! MLDM colleagues qualified for the European Cybersecurity & AI Hackathon Championship Finale

December 18, 2025

Tanja Sarcevic, Daryna Olyinyk, and Yelyzaveta Klysa, all MLDM research group members, and Sabina Khazari participated in the European Cybersecurity & AI Hackathon Championship organized by CISPA, one of Europe’s leading research centers in cybersecurity and artificial intelligence. Congratulations to them, they won 2nd place and qualified themselves to the grand finale that will be held in St. Ingbert, Germany, in June 2026. ... Read More

SBA Security Meetup Becomes Official OWASP Vienna Chapter

December 17, 2025

We are pleased to announce that the SBA Security Meetup is now officially operating as the OWASP Vienna Chapter. While the name has evolved, our mission remains unchanged: strengthening the exchange of ideas, knowledge, and experience within the information security community. What started as the SBA… Read More

SBA @ ACSAC

December 15, 2025

Florian Holzbauer, researcher at SBA Research, and Gabriel Gegenhuber, researcher at SBA Research and the Research Group Security and Privacy at the University of Vienna, attended the Annual Computer Security Applications Conference (ACSAC) 2025 in Hawaii, USA. ... Read More

The “die IT-Tag” makes the diversity of the IT world visible

December 11, 2025

On December 9, 2025, 260 IT role models visited 90 schools across Austria, led inspiring workshops in more than 200 classrooms. Read More

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

Congratulations to our key researcher Johanna Ullrich!

1st OWASP Chapter Vienna Meetup x SBA Security Meetup

SBA Security Advisory – LibreChat Server-Side Request Forgery (CVE-2025-69222)

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Files (CVE-2025-69220)

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Permission Queries (CVE-2025-69221)

Daryna Oliynyk @ ESSAI

Congratulations! MLDM colleagues qualified for the European Cybersecurity & AI Hackathon Championship Finale

SBA Security Meetup Becomes Official OWASP Vienna Chapter

SBA @ ACSAC

The “die IT-Tag” makes the diversity of the IT world visible

Upcoming events @ SBA

SBA Research at a glance

Highlights of the past years:

Privacy settings

SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

Highlights of the past years:

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.