Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

SBA @ Financial Cryptography and Data Security 2026

February 9, 2026

Our colleague Nicholas Stifter, researcher and security analyst at SBA Research, presented his conference paper titled Reuse of Public Keys Across UTXO and Account-Based Cryptocurrencies at the Financial Cryptography and Data Security 2026 in St. Kitts, USA. ... Read More

SBA @ Financial Cryptography and Data Security 2026

Congratulations to our key researcher Johanna Ullrich!

February 6, 2026

We warmly congratulate Prof. Johanna Ullrich, key researcher at SBA Research, on her appointment to the Founding Professorship in Security at IT:U. ... Read More

1st OWASP Chapter Vienna Meetup x SBA Security Meetup

February 5, 2026

At the end of January, our 1st OWASP Chapter Vienna Meetup took place, featuring three excellent speaker sharing insights on LLM Security. ... Read More

Tomasz Miksa @ EOSC Winter School 2026

February 4, 2026

Tomasz Miksa, senior researcher at SBA Research, recently participated in the EOSC Winter School 2026, held from January 27–29 in Nice, France. He was presented the work on standardisation of maDMPs and was also moderating a session. ... Read More

Password-Hardened Encryption Revisited

February 2, 2026

Dominique Schröder, key researcher at SBA Research and full professor of Privacy Enhancing Technologies at TU Wien published a new paper titled "Password-Hardened Encryption Revisited" which was presented at the 31st ASIACRYPT 2025 Melbourne, VIC, Australia. ... Read More

SBA Security Advisory – LibreChat Server-Side Request Forgery (CVE-2025-69222)

January 8, 2026

LibreChat version 0.8.1-rc2 is prone to a server-side request forgery (SSRF) vulnerability due to missing restrictions of the Actions feature in the default configuration. This allows attackers to interact with arbitrary third-party HTTP services, for example the internal RAG API. ... Read More

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Files (CVE-2025-69220)

January 8, 2026

LibreChat version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. ... Read More

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Permission Queries (CVE-2025-69221)

January 8, 2026

LibreChat version 0.8.1-rc2 does not enforce proper access control when querying agent permissions. ... Read More

Daryna Oliynyk @ ESSAI

December 23, 2025

At the end of November, our colleague Daryna Oliynyk, a researcher at SBA Research and the Security and Privacy Research Group at the University of Vienna, was invited to speak at the European Symposium on Security and AI (ESSAI) in Rennes, France. She presented the joint paper "Attackers Can Do Better: Over- and Understated Factors of Model Stealing Attacks", co-authored with Rudolf Mayer and Andreas Rauber. ... Read More

Congratulations! MLDM colleagues qualified for the European Cybersecurity & AI Hackathon Championship Finale

December 18, 2025

Tanja Sarcevic, Daryna Olyinyk, and Yelyzaveta Klysa, all MLDM research group members, and Sabina Khazari participated in the European Cybersecurity & AI Hackathon Championship organized by CISPA, one of Europe’s leading research centers in cybersecurity and artificial intelligence. Congratulations to them, they won 2nd place and qualified themselves to the grand finale that will be held in St. Ingbert, Germany, in June 2026. ... Read More

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

SBA @ Financial Cryptography and Data Security 2026

Congratulations to our key researcher Johanna Ullrich!

1st OWASP Chapter Vienna Meetup x SBA Security Meetup

Tomasz Miksa @ EOSC Winter School 2026

Password-Hardened Encryption Revisited

SBA Security Advisory – LibreChat Server-Side Request Forgery (CVE-2025-69222)

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Files (CVE-2025-69220)

SBA Security Advisory – LibreChat Insufficient Access Control on Agent Permission Queries (CVE-2025-69221)

Daryna Oliynyk @ ESSAI

Congratulations! MLDM colleagues qualified for the European Cybersecurity & AI Hackathon Championship Finale

Upcoming events @ SBA

SBA Research at a glance

Highlights of the past years:

Privacy settings

SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

Highlights of the past years:

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.