Posts of last 24 hours
光盘(CD)销量显然在上升,因为粉丝们意识到这是一种支持他们喜爱艺术家的经济实惠的方式。根据研究公司Luminate的一份新报告,2026年上半年美国售出了1,630万张光盘,同比增长16%。报告显示
https://buaq.net/go-429592.html
旧金山市已勒令苹果和谷歌从其应用商店中下架数十款 “脱衣” 应用 —— 这些软件程序可以通过数字方式修改照片,以脱掉其中人物的衣服。加利福尼亚州法律将任何“明知地促成”或“鲁莽地帮助或教唆”制作未经同
https://buaq.net/go-429593.html
A vulnerability described as critical has been identified in css_parser 1.22.0/2.0/2.1.0 on Ruby. The affected element is the function CssParser::Parser#read_remote_file. Such manipulation leads to server-side request forgery.
This vulnerability is listed as CVE-2026-53727. The attack may be performed from remote. There is no available exploit.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/377439
A vulnerability, which was classified as critical, was found in faye websocket-driver up to 0.7.4. The affected element is an unknown function of the file lib/websocket/driver/draft75.js. Executing a manipulation can lead to integer overflow.
This vulnerability is registered as CVE-2026-54466. It is possible to launch the attack remotely. No exploit is available.
https://vuldb.com/vuln/379991
A vulnerability described as problematic has been identified in faye websocket-driver up to 0.7.4. This affects the function Accept of the file lib/websocket/driver/hybi.js of the component Permessage-Deflate Extension. The manipulation results in out-of-bounds write.
This vulnerability is identified as CVE-2026-54490. The attack can be executed remotely. There is not any exploit available.
https://vuldb.com/vuln/379987
A vulnerability was found in github secure_headers up to 7.2.x. It has been classified as problematic. This vulnerability affects the function build_sandbox_list_directive/build_media_type_list_directive/build_report_to_directive of the component Content-Security-Policy Builder. Performing a manipulation of the argument sandbox/plugin_types/report_to results in cross site scripting.
This vulnerability is known as CVE-2026-54163. Remote exploitation of the attack is possible. No exploit is available.
https://vuldb.com/vuln/379966
A vulnerability identified as critical has been detected in PyMdown Extensions up to 9.x. Impacted is an unknown function. The manipulation leads to path traversal.
This vulnerability is documented as CVE-2023-32309. The attack can be initiated remotely. There is not any exploit available.
You should upgrade the affected component.
https://vuldb.com/vuln/229092
A vulnerability classified as problematic has been found in oras-project oras-go up to 2.6.0. Impacted is the function completePushAfterInitialPost of the file registry/remote/repository.go of the component BlobStore. This manipulation causes improper authorization.
This vulnerability is registered as CVE-2026-50151. Remote exploitation of the attack is possible. No exploit is available.
https://vuldb.com/vuln/379946
A vulnerability, which was classified as critical, was found in oras-project oras-go up to 2.6.0. This affects the function resolveWritePath of the file content/file/file.go of the component File Path Resolver. Executing a manipulation of the argument AnnotationTitle can lead to symlink following.
This vulnerability appears as CVE-2026-50162. The attack may be performed from remote. There is no available exploit.
https://vuldb.com/vuln/379949