Aggregator

A vulnerability classified as critical was found in vanyukov Offload, AI & Optimize with Cloudflare Images cf-images Plugin up to 1.10.2 on WordPress. Affected is the function sanitize_text_field of the file wp-config.php. The manipulation of the argument account-id results in unrestricted upload. This vulnerability is reported as CVE-2026-9860. The attack can be launched remotely. No exploit exists.

A vulnerability was found in fireplugins FireBox Popups Plugin up to 3.1.7 on WordPress. It has been declared as problematic. Impacted is an unknown function of the component Form Submission Handler. The manipulation of the argument form_id results in information disclosure. This vulnerability was named CVE-2026-12120. The attack may be performed from remote. There is no available exploit.

A vulnerability categorized as critical has been discovered in 10web Form Maker Plugin up to 1.15.43 on WordPress. The impacted element is an unknown function. Such manipulation of the argument groupids leads to sql injection. This vulnerability is referenced as CVE-2026-11776. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as problematic, was found in stellarwp Kadence Blocks Plugin up to 3.7.5 on WordPress. Affected by this issue is some unknown functionality of the component License Key Handler. Such manipulation leads to information disclosure. This vulnerability is traded as CVE-2026-11357. The attack may be launched remotely. There is no exploit available.

供应链投毒——利用仿冒PyPI实现AI助手定向误导

A vulnerability was found in Arm C1-Ultra, C1-Premium, Neoverse V3, Neoverse V3AE, Neoverse V1, Neoverse N2, Neoverse N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1, Cortex-X1C, Cortex-A710, Cortex-A78, Cortex-A78AE, Cortex-A78C, Cortex-A77, Cortex-A76 and Cortex-A76AE and classified as critical. Affected is an unknown function. Executing a manipulation can lead to race condition. This vulnerability appears as CVE-2025-10263. The attacker needs to be present on the local network. There is no available exploit.

A vulnerability classified as critical was found in ImageMagick up to 6.9.13-47/7.1.2-23. The impacted element is an unknown function of the component File Parser. Executing a manipulation can lead to path traversal. This vulnerability is registered as CVE-2026-49219. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability labeled as problematic has been found in ImageMagick up to 6.9.13-47/7.1.2-23. This vulnerability affects unknown code of the component DCM Decoder. The manipulation results in denial of service. This vulnerability is identified as CVE-2026-49218. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability classified as critical has been found in ImageMagick up to 6.9.13-47/7.1.2-23. The affected element is an unknown function of the component MAT Decoder. Performing a manipulation results in heap-based buffer overflow. This vulnerability is cataloged as CVE-2026-48994. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

GrapheneOS рассказала о своём секретном преимуществе перед конкурентами.

Interpol claims cybercrime accounts for third of crime in over half of Asia and South Pacific countries

科学家发现了已知最古老的鼠疫证据，将其出现的时间追溯到约 5500 年前——比之前认为的早了约 200 年。研究人员在西伯利亚贝加尔湖附近的四个墓地寻找鼠疫杆菌的痕迹。他们在 18 位古代狩猎采集者的牙齿中发现了鼠疫 DNA 残留。对骨骼碳年代测定显示，发现这场瘟疫引发了两波疫情，第一波出现在 5500 年前。病菌可能是通过土拨鼠传播的，当地人可能是通过食用生内脏或屠宰过程中接触携带病菌的兽皮而感染鼠疫。死者中有很多是 8-11 岁幼童。早期的鼠疫和中世纪的黑死病同样致命，不仅摧毁人口稠密的城市，也摧毁小型游牧狩猎采集群体。

​李想花了一个半小时，解释了一件事：什么叫真正的具身智能。

端午假期，长亭售后守护不停。

再获权威认证！

Обнаружен первый случай использования инфраструктуры Microsoft Teams для сокрытия управления вредоносным ПО.

Researchers used an OpenAI reasoning model to help diagnose rare diseases, identifying 18 new diagnoses in previously unsolved cases.

Arch Linux官方建议用户仅信任更新频繁且有活跃社区维护的项目，并查阅受影响软件包列表及入侵指标。

速修复

速修复