Aggregator

根据国家信息安全漏洞库（CNNVD）统计，近期（2026年3月4日至2026年3月19日）共采集重要人工智能漏洞155个

HackerNews 编译，转载请注明出处： Ubiquiti修复了两个 UniFi 相关漏洞，其中一个高危漏洞可被攻击者用于接管用户账号。 Ubiquiti为其 UniFi 网络管理应用发布了两处漏洞补丁，其中包含一个最高危级别漏洞，攻击者可利用该漏洞实施账号劫持。该软件被广泛用于管理 UniFi 系列网络设备，如无线 AP、交换机及网关等。 UniFi 网络管理应用是Ubiquiti公司开发的管理软件，用于控制和监控旗下 UniFi 系列网络设备。 用户可通过统一控制台对无线 AP、交换机、网关等硬件进行配置、管理与性能优化。IT 管理员可通过本地或云端方式部署网络、监控性能、管理用户、配置安全策略及排查故障。  该厂商修复了编号为CVE-2026-22557的最高危漏洞（CVSS 评分 10.0），该漏洞影响 UniFi 网络应用10.1.85 及更早版本。 处于同一网络中的攻击者可利用 UniFi 中的路径遍历漏洞访问系统文件，进而有可能接管用户账号。 安全公告显示：“具备网络访问权限的恶意人员可利用 UniFi 网络应用中的路径遍历漏洞，访问底层系统文件，并可通过相关操作实现账号入侵。” 10.1.89 及更高版本已修复该漏洞。 Ubiquiti修复的第二个漏洞编号为CVE-2026-22558（CVSS 评分 7.7），同样存在于 UniFi 网络应用中，低权限攻击者可利用该漏洞进行权限提升。 该公司表示：“UniFi 网络应用中存在一处已认证 NoSQL 注入漏洞，获得网络授权访问权限的恶意人员可利用该漏洞提升自身权限。” 消息来源：securityaffairs.com； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

HackerNews 编译，转载请注明出处： ConnectWise 已为 ScreenConnect 推送安全更新，优化设备密钥处理机制，防范服务器被入侵。 本次更新修复CVE-2026-3564漏洞（CVSS 评分 9.0），该高危漏洞可被攻击者用于获取会话认证所需的加密密钥材料。 此前，ScreenConnect 将唯一设备密钥存储于服务器配置文件中，在特定场景下存在密钥被窃取的风险。 这款远程监控与管理解决方案的最新版本通过对加密密钥材料进行加密，彻底消除该风险。 ConnectWise 在安全公告中表示：ScreenConnect 26.1 版本强化了设备密钥处理防护机制，新增加密存储与管理功能，降低服务器完整性遭破坏时密钥被未授权访问的风险。 该公司将 CVE-2026-3564 漏洞定级为高优先级，此类漏洞通常为 “正被黑客利用或在野外存在较高被利用风险” 的漏洞。 在另一份公告中，ConnectWise 称已发现有攻击者试图滥用已泄露的ASP.NET设备密钥材料，该密钥用于对受保护的应用数据进行签名与验证。 威胁行为者可利用该加密密钥材料提升在 ScreenConnect 中的权限，并访问活跃会话，最终导致服务器沦陷。 该公司声明：“若某 ScreenConnect 实例的设备密钥材料泄露，攻击者可伪造或篡改受保护数据，且该数据会被系统判定为合法，进而实现对 ScreenConnect 的未授权访问与非法操作。” 有传言称该漏洞多年来一直被中国国家级黑客组织利用，但 ConnectWise 表示暂无证据证实该说法。 ConnectWise 一位发言人向《安全周刊》透露：“公告相关内容，系我方持续强化 ScreenConnect 安全防护的举措，包括针对ASP.NET设备密钥材料的使用与管理进行安全加固。此项工作是缩小攻击面、提升产品安全性整体计划的一部分，相关部署基于持续的内部安全审查与行业过往安全事件经验。” 官方建议用户尽快升级至 ScreenConnect 26.1 版本，检查访问控制策略、限制对配置文件与备份文件的访问权限，并监控日志排查异常行为。 消息来源：securityweek.com； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability described as critical has been identified in Linux Kernel up to 6.18.18/6.19.8/7.0-rc3. The affected element is the function mod_timer of the component netfilter. Such manipulation leads to uninitialized pointer. This vulnerability is listed as CVE-2026-23274. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.18.18/6.19.8/7.0-rc3. Impacted is the function nf_tables in the library /include/net/netfilter/nf_tables.h of the component netfilter. This manipulation causes privilege escalation. This vulnerability is tracked as CVE-2026-23278. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in Linux Kernel up to 6.18.18/6.19.8/7.0-rc3. This issue affects the function io_ctx_mark_taskrun of the component io_uring. The manipulation results in privilege escalation. This vulnerability is identified as CVE-2026-23275. The attack can only be performed from the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.18.16/6.19.6/7.0-rc2. This vulnerability affects the function synchronize_rcu of the component nf_tables. The manipulation leads to state issue. This vulnerability is referenced as CVE-2026-23272. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.76/6.18.16/6.19.6/7.0-rc1. This affects the function __perf_event_overflow. Executing a manipulation can lead to privilege escalation. The identification of this vulnerability is CVE-2026-23271. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.18.18/6.19.8/7.0-rc3. It has been rated as critical. Affected by this issue is the function bond_xmit_broadcast of the component net. Performing a manipulation results in uncontrolled recursion. This vulnerability was named CVE-2026-23276. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.18.18/6.19.8/7.0-rc3. It has been declared as critical. Affected by this vulnerability is the function teql_master_xmit of the component TEQL. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2026-23277. The attack can only be initiated within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.19.3. It has been classified as critical. Affected is the function macvlan_common_newlink of the file drivers/net/macvlan.c. This manipulation causes use after free. This vulnerability is handled as CVE-2026-23273. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in atjiu pybbs 6.0.0 and classified as problematic. This impacts the function create of the file src/main/java/co/yiiu/pybbs/controller/api/CommentApiController.java. The manipulation results in cross site scripting. This vulnerability is known as CVE-2026-4495. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability has been found in atjiu pybbs 6.0.0 and classified as problematic. This affects the function create of the file src/main/java/co/yiiu/pybbs/controller/api/TopicApiController.java. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2026-4494. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

这才是成为顶尖黑客的精髓

Submit #773780 / VDB-352021

Submit #773779 / VDB-352020

A vulnerability, which was classified as critical, was found in Tenda A18 Pro 02.03.02.28. The impacted element is the function sub_423B50 of the file /goform/setMacFilterCfg of the component MAC Filtering Configuration Endpoint. Executing a manipulation of the argument deviceList can lead to stack-based buffer overflow. This vulnerability appears as CVE-2026-4493. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability, which was classified as critical, has been found in Tenda A18 Pro 02.03.02.28. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. This vulnerability is reported as CVE-2026-4492. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as critical was found in Tenda A18 Pro 02.03.02.28. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. This vulnerability is documented as CVE-2026-4491. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability classified as critical has been found in Tenda A18 Pro 02.03.02.28. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. This manipulation causes stack-based buffer overflow. This vulnerability is registered as CVE-2026-4490. Remote exploitation of the attack is possible. Furthermore, an exploit is available.