Aggregator

CVE-2026-12104 | SIMA Bondix Server up to 1.25.7.5 on Linux Configuration os command injection (EUVD-2026-38031)

VulDB Recent Entries
1 week 1 day ago
A vulnerability classified as critical has been found in SIMA Bondix Server up to 1.25.7.5 on Linux. The impacted element is an unknown function of the component Configuration Handler. Performing a manipulation results in os command injection. This vulnerability is reported as CVE-2026-12104. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-62821 | Microsoft HEIF Image Extensions 1.2.22.0 CHEIFItemInfoEntry_GetDataSize out-of-bounds (EUVD-2025-210287)

VulDB Recent Entries
1 week 1 day ago
A vulnerability identified as problematic has been detected in Microsoft HEIF Image Extensions 1.2.22.0. This vulnerability affects the function CHEIFItemInfoEntry_GetDataSize. The manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2025-62821. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2026-53915 | JetBrains GoLand up to 2026.1.2 Project Configuration file inclusion

VulDB Recent Entries
1 week 1 day ago
A vulnerability was found in JetBrains GoLand up to 2026.1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the component Project Configuration Handler. Performing a manipulation results in file inclusion. This vulnerability is identified as CVE-2026-53915. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-56142 | JetBrains Hub prior 2025.3.148033 dynamically-determined object attributes

VulDB Recent Entries
1 week 1 day ago
A vulnerability was found in JetBrains Hub. It has been declared as critical. Affected by this vulnerability is an unknown functionality. Such manipulation leads to dynamically-determined object attributes. This vulnerability is referenced as CVE-2026-56142. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-44939 | SUSE Rancher up to 2.14.1 {token}_{clusterId}.yaml eval injection (GHSA-mhc6-2gfq-xx62)

VulDB Recent Entries
1 week 1 day ago
A vulnerability was found in SUSE Rancher up to 2.10.11/2.11.13/2.12.9/2.13.5/2.14.1 and classified as very critical. This impacts an unknown function of the file /v3/import/{token}_{clusterId}.yaml. The manipulation results in improper neutralization of directives in dynamically evaluated code. This vulnerability was named CVE-2026-44939. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

eFAQ Publishes Investigation Into Alleged Scam Activity and Coordinated Reputation Attacks

Cyber Security News
1 week 1 day ago

New York, USA, June 19th, 2026, CyberNewswire eFAQ has published a documented investigation into a coordinated reputation attack campaign aimed at influencing brand perception in search results and how AI assistants surface and summarize information.  The campaign followed a recognizable pattern. Dozens of accounts — most created days before publishing and most deleted shortly after […]

The post eFAQ Publishes Investigation Into Alleged Scam Activity and Coordinated Reputation Attacks appeared first on Cyber Security News.

Cybernewswire

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

The Hackers News
1 week 1 day ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the work of Russian-speaking threat actors, has been codenamed FortiBleed. The number of compromised devices stands at
The Hacker News

水稻为什么会“午睡”

Solidot
1 week 1 day ago
在正午高光、高温双重胁迫下,农作物光合作用会被大幅抑制,光能利用效率大幅下降,造成作物平均减产 30% 左右。这种作物“午睡”现象长期制约着光能利用效率与产量提升,自 1910 年被发现至今,困扰科学界长达百年。根据发表在《细胞》期刊上的一项研究,中科院等研究团队通过 10 年跨学科联合攻关,发现植物体内一种名为 MBS1 的超小蛋白可响应强光,形成凝聚体小液滴,通过类似“防护服”的保护作用过滤强光实现“防晒”。研究团队随后在海南、北京、吉林、黑龙江等地开展大田试验。测产结果显示,与底盘对照品种稻花香相比,增强表达 MBS1 的材料在光热胁迫较轻的吉林等地,增产约 10%~15%;在北京等中等光热地区,增产达 20%~30%;而在强光高热的海南,增产幅度高达 40%。这为应对全球气候变暖、实现粮食增产提供了新的基础理论与技术路径。

Microsoft June 2026 Update Bug Exposes Recycle Bin Filenames in Deletion Dialog

Cyber Security News
1 week 1 day ago

Microsoft has confirmed a new bug introduced by its June 2026 Patch Tuesday security update that causes Windows to display internal Recycle Bin filenames instead of the original user-facing filenames in file-deletion confirmation dialogs. After installing the Windows security update released on June 9, 2026 (KB5094125), users attempting to permanently delete a single item from […]

The post Microsoft June 2026 Update Bug Exposes Recycle Bin Filenames in Deletion Dialog appeared first on Cyber Security News.

Guru Baran

14,971 WordPress Sites Cleaned in Global SocGholish Takedown

Security Affairs
1 week 1 day ago
Operation EndGame disrupted SocGholish, taking down 106 servers and cleaning 14,971 WordPress sites used to spread fake-update malware. On June 18, 2026, law enforcement agencies from the Netherlands, Canada, the United States, and Germany, coordinated through Europol, executed a joint action week against SocGholish, one of the most persistent and widely deployed malware distribution networks […]
Pierluigi Paganini

PCB 价格因中东冲突一月内上涨四成

Solidot
1 week 1 day ago
在内存和 SSD 之后,又一个计算机核心元件面临价格快速上涨。这一次是因为中东冲突导致生产高纯度树脂的沙特工厂停产。树脂是制造电路板(PCB)的基本原材料,位于沙特阿拉伯 Jubail 的一家工厂为陶氏化学与沙特阿美的合资企业,它供应了全球七成的高纯度 PPE 树脂。该公司于三月下旬因中东冲突关闭,4 月 6 日和 7 日还遭到导弹袭击。陶氏化学 CEO Jim Fitterling 此前表示公司预计物流和供应链恢复正常至少需要 275 天。高盛报告称 3 月到 4 月间 PCB 价格上涨了 40%。全球最大 PCB 制造商之一的胜宏科技警告中东冲突可能会推高铜和树脂的价格。替代树脂需要重新设计电路板、重新进行可靠性和性能测试,以及重新获得认证。环氧树脂原料的交货期已经从三周延长到了十五周。

Managed ad