Aggregator
CVE-2026-11990 | iqonicdesign KiviCare Plugin up to 4.4.0 on WordPress Authorization Verification payment_id authorization (EUVD-2026-42864)
1 week ago
A vulnerability was found in iqonicdesign KiviCare Plugin up to 4.4.0 on WordPress. It has been classified as critical. Impacted is an unknown function of the component Authorization Verification. The manipulation of the argument payment_id leads to authorization bypass.
This vulnerability is traded as CVE-2026-11990. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2026-12918 | getwpfunnels Mail Mint Plugin up to 1.24.1 on WordPress Campaigns /mrm/v1/campaigns array_column recipients sql injection
1 week ago
A vulnerability was found in getwpfunnels Mail Mint Plugin up to 1.24.1 on WordPress and classified as problematic. This issue affects the function array_column of the file /mrm/v1/campaigns of the component Campaigns. Executing a manipulation of the argument recipients can lead to sql injection.
This vulnerability appears as CVE-2026-12918. The attack may be performed from remote. There is no available exploit.
vuldb.com
别人还在叠衣服,至简动力的 100 台机器人已下车间
1 week ago
跟做汽车比,具身智能行业现在就是个「小作坊」。
保持业余,保持有趣
1 week ago
做题家,开始学会玩耍。
CVE-2025-71305 | Linux Kernel up to 6.19.3 delayed_destroy_work out-of-bounds (WID-SEC-2026-1700)
1 week ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.164/6.6.127/6.12.74/6.18.15/6.19.3. This affects the function delayed_destroy_work. The manipulation results in out-of-bounds read.
This vulnerability is identified as CVE-2025-71305. The attack can only be performed from the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-71306 | Linux Kernel up to 6.19.3 is_bprm_creds_for_exec out-of-bounds (WID-SEC-2026-1700)
1 week ago
A vulnerability classified as critical was found in Linux Kernel up to 6.19.3. This impacts the function is_bprm_creds_for_exec. Executing a manipulation can lead to out-of-bounds read.
This vulnerability is registered as CVE-2025-71306. The attack requires access to the local network. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
CVE-2025-71307 | Linux Kernel up to 6.19.3 panthor_fw_unplug null pointer dereference (Nessus ID 318415 / WID-SEC-2026-1700)
1 week ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.19.3. Affected is the function panthor_fw_unplug. The manipulation leads to null pointer dereference.
This vulnerability is documented as CVE-2025-71307. The attack requires being on the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-71304 | Linux Kernel up to 6.19.3 smack /smack/doi privilege escalation (Nessus ID 318288 / WID-SEC-2026-1700)
1 week ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.19.3. This affects an unknown function of the file /smack/doi of the component smack. Performing a manipulation results in privilege escalation.
This vulnerability is cataloged as CVE-2025-71304. The attack must originate from the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-15308 | Python up to 3.14.x Incremental HTML Parser HTMLParser denial of service (WID-SEC-2026-2272)
1 week ago
A vulnerability marked as problematic has been reported in Python up to 3.14.x. The impacted element is the function HTMLParser of the component Incremental HTML Parser. Performing a manipulation results in denial of service.
This vulnerability is identified as CVE-2026-15308. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2025-71303 | Linux Kernel up to 6.19.3 amdxdna_pm_resume_get race condition (Nessus ID 318416 / WID-SEC-2026-1700)
1 week ago
A vulnerability was found in Linux Kernel up to 6.19.3. It has been rated as critical. The impacted element is the function amdxdna_pm_resume_get. The manipulation leads to race condition.
This vulnerability is referenced as CVE-2025-71303. The attack needs to be initiated within the local network. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
美国家安全局重启精英黑客部门“特定入侵行动办公室 (TAO)”
1 week ago
美国家安全局恢复“特定入侵行动办公室”独立建制
AI重塑网络威胁!孤狼黑客3天攻破跨国企业复杂云环境
1 week ago
AI驱动攻击
Готовьте место на диске. Алгоритмы завалят Windows 11 гигабайтами новых исправлений
1 week ago
Живые инженеры больше не успевают за темпами подпольного рынка. Пришло время подключать ИИ.
vivo亮相2026 ITU AI for Good全球峰会,端侧智能安全方案获全球认可
1 week ago
vivo作为全球领先的智能终端企业深度参与本次峰会,以《面向亿级用户的端侧智能体安全可信交互架构》成功入选“创新扩大影响”(Innovate for Impact)案例集。
每周蓝军技术推送(2026.7.4-7.10)
1 week ago
关注高级攻防对抗技术热点,研究对手技术进行高级威胁模拟,研判攻击安全发展方向。
Geek Out. Level Up | 看雪·2026周边T恤上线(数量有限)
1 week ago
Geek Out. Level Up
新型木马GigaWiper来袭!伪装OneDrive持久驻留,一键清空企业全盘数据
1 week ago
继各类勒索病毒肆虐政企网络后,一款兼具后门窃密、全盘数据销毁、伪勒索加密三重杀伤能力的新型恶意程序GigaWi
60-70K!高薪招智驾安全、IoT 渗透、大模型安全工程师
1 week ago
技术岗直投
APP整体加固原理
1 week ago
看雪论坛作者ID:x0rrrrr