Aggregator

CISA Warns of Notepad++ Code Execution Vulnerability Exploited in Attacks

Cyber Security News
2 days 12 hours ago

CISA has added CVE-2025-15556 to its Known Exploited Vulnerabilities (KEV) catalog, highlighting active exploitation of a critical code execution flaw in Notepad++, a widely used open-source text editor popular among developers and IT professionals. Added on February 12, 2026, with a federal civilian executive branch (FCEB) patching deadline of March 5, 2026, the vulnerability stems […]

The post CISA Warns of Notepad++ Code Execution Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Guru Baran

MUZZLE:针对间接提示注入攻击的网络智能体自适应智能红队测试

Seebug Paper
2 days 12 hours ago
作者:Georgios Syros, Evan Rose, Brian Grinstead 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2602.09222v1 摘要 基于大语言模型(LLM)的网络智能体正被广泛部署,通过直接与网站交互并代表用户执行操作,实现复杂在线任务的自动化。这类智能体虽具备强大能力,但其设计使其易受嵌入在不可信网络内容中的...

CVE-2024-50617 | CIPPlanner CIPAce up to 9.16 File Download/Get File improper authorization

Vuldb Updates
2 days 13 hours ago
A vulnerability was found in CIPPlanner CIPAce up to 9.16. It has been declared as critical. Affected is an unknown function of the component File Download/Get File Handler. Executing a manipulation can lead to improper authorization. This vulnerability is tracked as CVE-2024-50617. The physical device can be targeted for the attack. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50619 | CIPPlanner CIPAce up to 9.16 User Management privileges management

Vuldb Updates
2 days 13 hours ago
A vulnerability has been found in CIPPlanner CIPAce up to 9.16 and classified as critical. Affected is an unknown function of the component User Management. Performing a manipulation results in improper privilege management. This vulnerability was named CVE-2024-50619. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2025-39958 | Linux Kernel up to 6.16.8 s390 __iommu_release_dma_ownership state issue (EUVD-2025-33325 / WID-SEC-2025-2246)

Vuldb Updates
2 days 14 hours ago
A vulnerability has been found in Linux Kernel up to 6.16.8 and classified as critical. Affected by this vulnerability is the function __iommu_release_dma_ownership of the component s390. The manipulation leads to state issue. This vulnerability is documented as CVE-2025-39958. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2025-39955 | Linux Kernel up to 6.16.8 net/ipv4/tcp_timer.c tcp_disconnect denial of service (Nessus ID 272003 / WID-SEC-2025-2246)

Vuldb Updates
2 days 14 hours ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.16.8. This impacts the function tcp_disconnect of the file net/ipv4/tcp_timer.c. Performing a manipulation results in denial of service. This vulnerability is cataloged as CVE-2025-39955. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-39956 | Linux Kernel up to 6.12.48/6.16.8 net/core/dev.c igc_probe denial of service (Nessus ID 277016 / WID-SEC-2025-2246)

Vuldb Updates
2 days 14 hours ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.48/6.16.8. Affected is the function igc_probe of the file net/core/dev.c. Executing a manipulation can lead to denial of service. This vulnerability is registered as CVE-2025-39956. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2025-39957 | Linux Kernel up to 6.1.153/6.6.107/6.12.48/6.16.8 wifi ieee80211_prep_hw_scan buffer overflow (EUVD-2025-33326 / Nessus ID 274816)

Vuldb Updates
2 days 14 hours ago
A vulnerability was found in Linux Kernel up to 6.1.153/6.6.107/6.12.48/6.16.8. It has been declared as critical. This vulnerability affects the function ieee80211_prep_hw_scan of the component wifi. Such manipulation leads to buffer overflow. This vulnerability is traded as CVE-2025-39957. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-40004 | Linux Kernel up to 6.12.52/6.17.2 USB 9pfs Transport Layer usb9pfs_rx_header buffer overflow (EUVD-2025-35036 / Nessus ID 271675)

Vuldb Updates
2 days 14 hours ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.52/6.17.2. This impacts the function usb9pfs_rx_header of the component USB 9pfs Transport Layer. Such manipulation leads to buffer overflow. This vulnerability is referenced as CVE-2025-40004. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2025-39954 | Linux Kernel up to 6.16.8 clk recalc_rate divide by zero (Nessus ID 270272 / WID-SEC-2025-2246)

Vuldb Updates
2 days 14 hours ago
A vulnerability was found in Linux Kernel up to 6.16.8. It has been classified as critical. This affects the function recalc_rate of the component clk. This manipulation causes divide by zero. This vulnerability appears as CVE-2025-39954. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

Managed ad