Aggregator

CVE-2026-2316 | Google Chrome up to 144.0.7559.132 Frames clickjacking (ID 422531 / Nessus ID 298713)

4 months 1 week ago

A vulnerability classified as critical has been found in Google Chrome. The impacted element is an unknown function of the component Frames. Performing a manipulation results in clickjacking. This vulnerability is identified as CVE-2026-2316. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.

vuldb.com

Seedance 2.0技术狂飙突进，信息安全风险如何“刹车”？

天黑说嘿话

4 months 1 week ago

2026年2月，字节跳动旗下AI视频生成模型Seedance 2.0以“地表最强”的姿态横空出世，凭借多模态输

越权新思路

迪哥讲事

4 months 1 week ago

苹果被曝新 Siri 再次延期，股价大跌4%；原荣耀 CEO 赵明官宣加入千里科技；Spotify 宣称其程序员不再写代码 | 极客早知道

极客公园

4 months 1 week ago

· 电池存在起火风险，奔驰宣布在美国召回超万辆 EQB 电动汽车

针对某银行演练红队攻击样本分析

安全分析与研究

4 months 1 week ago

针对某银行演练红队攻击样本分析

从"付费打卡"到"打卡捐花"：一个公益小实验的诞生

吴鲁加

4 months 1 week ago

如果你在用敲敲，更新到最新版本，面板顶部会出现小红花的入口。欢迎参与这个小实验，也欢迎告诉我们你的想法。

CVE-2025-13154

CVE Trends

4 months 1 week ago

Currently trending CVE - Hype Score: 6 - An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges.

DragonForce

Dark Feed IO

4 months 1 week ago

You must login to view this content

cohenido

DragonForce

Dark Feed IO

4 months 1 week ago

You must login to view this content

cohenido

Proofpoint acquires Acuvity to tackle the security risks of agentic AI

CyberScoop

4 months 1 week ago

Proofpoint is snapping up the startup to solve the industry’s newest headache: knowing what your autonomous AI is actually doing.

The post Proofpoint acquires Acuvity to tackle the security risks of agentic AI appeared first on CyberScoop.

Greg Otto

安全合规、智能高效，威努特助力智慧矿山安全建设

威努特工控安全

4 months 1 week ago

护航矿山智能化高质量转型。

Daily Dose of Dark Web Informer - February 12th, 2026

Dark Web Informer - Cyber Threat Intelligence

4 months 1 week ago

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Dark Web Informer

Apple discloses first actively exploited zero-day of 2026

CyberScoop

4 months 1 week ago

The vendor said the memory-corruption defect was exploited to target specific people, but it did not describe the objectives of the attack.

The post Apple discloses first actively exploited zero-day of 2026 appeared first on CyberScoop.

Matt Kapko

CVE-2026-1458 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 allocation of resources (Nessus ID 298790)

Vuldb Updates

4 months 1 week ago

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 18.6.5/18.7.3/18.8.3. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to allocation of resources. This vulnerability is handled as CVE-2026-1458. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

vuldb.com

CVE-2025-12059 | Logo j-Platform up to 13112025 file information disclosure

Vuldb Updates

4 months 1 week ago

A vulnerability marked as problematic has been reported in Logo j-Platform up to 13112025. Affected is an unknown function. Performing a manipulation results in file and directory information exposure. This vulnerability is identified as CVE-2025-12059. The attack can be initiated remotely. There is not any exploit available.

vuldb.com

CVE-2025-64075 | ZBT WE2001 23.09.27 Cookie check_token path traversal

Vuldb Updates

4 months 1 week ago

A vulnerability labeled as critical has been found in ZBT WE2001 23.09.27. This issue affects the function check_token of the component Cookie Handler. The manipulation results in path traversal. This vulnerability was named CVE-2025-64075. The attack may be performed from remote. There is no available exploit.

vuldb.com

CVE-2025-65480 | Pacom Unison Client 5.13.1 Report Template cross site scripting

Vuldb Updates

4 months 1 week ago

A vulnerability was found in Pacom Unison Client 5.13.1. It has been rated as problematic. The impacted element is an unknown function of the component Report Template Handler. This manipulation causes cross site scripting. This vulnerability appears as CVE-2025-65480. The attack may be initiated remotely. There is no available exploit.

vuldb.com

CVE-2025-69874 | unjs nanotar up to 0.2.0 Tar parseTar/parseTarGzip path traversal

Vuldb Updates

4 months 1 week ago

A vulnerability marked as critical has been reported in unjs nanotar up to 0.2.0. Affected by this vulnerability is the function parseTar/parseTarGzip of the component Tar Handler. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2025-69874. The attack is possible to be carried out remotely. No exploit exists.

vuldb.com

CVE-2025-70029 | SunbirdEd 1.13.4 TLS/SSL certificate validation

Vuldb Updates

4 months 1 week ago

A vulnerability was found in SunbirdEd 1.13.4. It has been rated as critical. Affected is an unknown function of the component TLS/SSL. Performing a manipulation results in improper certificate validation. This vulnerability is reported as CVE-2025-70029. The attack is possible to be carried out remotely. No exploit exists.

vuldb.com

CVE-2025-70084 | OpenSatKit 2.2.1 FileUtil_GetFileInfo path traversal

Vuldb Updates

4 months 1 week ago

A vulnerability categorized as critical has been discovered in OpenSatKit 2.2.1. Affected by this vulnerability is the function FileUtil_GetFileInfo. Executing a manipulation can lead to path traversal. This vulnerability appears as CVE-2025-70084. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

vuldb.com

Aggregator

Managed ad