Aggregator

Linux内核模块编程指南 中文PDF

DeepSeek V4 成 OpenClaw 默认模型；拯救 Win11！揭秘微软 Windows K2 宏伟计划；智能眼镜销量大涨；消息称三星 Galaxy WideFold 阔折叠手机首批备货 100 万台，三个月后发布

CVE又有大变动。

Secure your MCP hosts with quantum-resistant IAM. Learn about lattice-based signatures, PQuAKE, and 4D context-aware access for AI agents.

The post Quantum-Resistant Identity and Access Management for MCP Resources appeared first on Security Boulevard.

让AI助手真正成为业务团队的“金牌搭档”。

LARYBench （Latent Action Representation Yielding Benchmark），一个指引从大规模的视觉数据学习到通用的隐式动作表征的系统化评测基准。实验结果表明：在动作泛化和控制精度上，通用视觉模型的表现均显著优于专门为具身智能设计的动作专家模型，具身动作表征可以从大规模人类视频数据中涌现。

封锁之下，谁在裸泳，谁穿了救生衣。

Объясняем, почему атака на OneIndia — это не просто взлом.

A vulnerability classified as critical was found in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation of the argument datasize can lead to command injection. This vulnerability appears as CVE-2026-7160. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability classified as critical has been found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_documents of the file server.py. Performing a manipulation of the argument docs_dir/file_path results in path traversal. This vulnerability is reported as CVE-2026-7159. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor confirms, that the "fix will be published within a few days."

Submit #802079 / VDB-359759

A vulnerability described as critical has been identified in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function _validate_url_safe of the file src/mcp_url_downloader/server.py. Such manipulation of the argument url leads to server-side request forgery. This vulnerability is documented as CVE-2026-7158. The attack can be executed remotely. Additionally, an exploit exists. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.

Submit #802063 / VDB-359758

A vulnerability marked as critical has been reported in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider_mcp_server/server.py of the component aider_ai_code. This manipulation of the argument relative_editable_files causes command injection. This vulnerability is registered as CVE-2026-7157. Remote exploitation of the attack is possible. Furthermore, an exploit is available. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The project was informed of the problem early through an issue report but has not responded yet.