Aggregator

A vulnerability was found in Linux Kernel up to 6.12.11. It has been rated as problematic. Impacted is the function zswap_compress/zswap_decompress of the component mm. Performing a manipulation results in improper initialization. This vulnerability was named CVE-2025-21693. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.177/6.1.127/6.6.74/6.12.11/6.13.0. Affected by this issue is the function run_job. Executing a manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2025-21688. The attack requires access to the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.15.177/6.1.127/6.6.74/6.12.11/6.13.0. The impacted element is an unknown function of the component storvsc. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2025-21690. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.13.0. Affected by this vulnerability is the function qt2_process_read_urb of the component quatech2. Performing a manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-21689. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.11/6.13.0. This impacts an unknown function of the component io_uring. This manipulation causes buffer overflow. This vulnerability is tracked as CVE-2025-21686. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.13.0. Affected is an unknown function of the component vfio. Such manipulation leads to memory corruption. This vulnerability is listed as CVE-2025-21687. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

新年到来之际，我们延续传统，为大家带来趣味满满的红包派送活动。今年依然采用有趣的技术挑战形式，让大家通过逆向分析的本领解锁红包口令，为了增加趣味性，部分初级题目设计为游戏性质，即使不熟悉逆向，也能通过通关游戏获取口令。

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.12.11. The affected element is an unknown function of the component AMD Display. Executing a manipulation can lead to divide by zero. The identification of this vulnerability is CVE-2024-57950. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.13.0. This issue affects some unknown processing of the component gfs2. Performing a manipulation results in buffer overflow. This vulnerability is reported as CVE-2025-21699. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.13.0. This affects an unknown part of the component u_serial. This manipulation causes denial of service. This vulnerability is registered as CVE-2025-21698. The attack requires access to the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.12.10. This vulnerability affects unknown code of the component v3d. Such manipulation leads to privilege escalation. This vulnerability is documented as CVE-2025-21697. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.10. Impacted is the function mremap of the component mm. Executing a manipulation can lead to state issue. This vulnerability appears as CVE-2025-21696. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

各位安全圈的老朋友，新年好！过去一年，感谢您和漏洞云一起“打怪升级”。是各位大佬的硬核技术和客户的深度信任，才让一个个潜在风险被提前按住。马年到了，祝大家思路如骏马奔腾，项目推进一马平川！新的一年，咱们继续携手，在安全的道路上一马当先，马上成功！

Steinberger to Lead AI Giant's Multi-Agent Development Team
Peter Steinberger is joining OpenAI to lead development of personal agents, culminating weeks of viral attention paid to his OpenClaw open-source artificial intelligence assistant project. Security experts dubbed it a "dumpster fire" after hackers were quick to add malicious functions.

AI Fumbles, Not Hackers, Pose Next Shutdown Threat by 2028: Gartner
A misconfigured artificial intelligence system could do what hackers have tried and failed to accomplish: shut down an advanced economy's critical infrastructure. The warning centers on scenarios where AI autonomously shuts down vital services, misinterprets sensor data or triggers unsafe actions.