Aggregator

在保存大脑精微结构方面，时机至关重要。血液循环停止后数分钟内，酶就会分解神经元，细胞开始自我消化。 人体冷冻技术通常涉及将人体保存在零度以下，希望未来一旦出现针对其病情的治疗方法或疗法，能够使其复活。传统上，该技术旨在通过冷却和添加固定剂在自然死亡后快速保存大脑，但除非冷冻团队守候在患者床边，否则在此之前退化过程早已开始。为规避这一问题，专注于记忆保存的美国科技公 司Nectome 团队制定了一套与医生协助死亡相兼容的方案，即绝症患者可选择自己的离世时间。其理念在于，通过立即干预，科学家可能拥有最佳机会使大脑的保存状态尽可能接近活体状态。该团队在猪身上测试了这一方案，猪的大脑和心血管解剖结构与人类相当。首先，他们在心脏骤停约 1 分钟后将插管插入心脏，随后冲洗血液并将保存液引入大脑。这些液体含有醛类化学物质，可在细胞间形成分子桥，实质上将细胞活动锁定在原地。随后他们引入冷冻保护剂，置换组织中的水分，防止冷却过程中形成冰晶（否则会损害细胞）。接下来，大脑被冷却至约零下 32 摄氏度，在此温度下冷冻保护剂会形成玻璃态。此时大脑结构可近乎永久保存。

A vulnerability identified as critical has been detected in CodePhiliaX Chat2DB up to 0.3.7. This affects the function Upload of the file chat2db-server/chat2db-server-web/chat2db-server-web-api/src/main/java/ai/chat2db/server/web/api/controller/driver/JdbcDriverController.java of the component JDBC Driver Upload. Performing a manipulation results in unrestricted upload. This vulnerability is identified as CVE-2026-4586. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #775634 / VDB-352434

A vulnerability categorized as critical has been discovered in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. This vulnerability is referenced as CVE-2026-4594. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in erupts erupt up to 1.13.3. It has been rated as critical. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. The identification of this vulnerability is CVE-2026-4593. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #775623 / VDB-352433

Submit #775619 / VDB-349657

Submit #775596 / VDB-352432

Submit #775594 / VDB-352431

Submit #775593 / VDB-352430

A vulnerability was found in PuTTY 0.83. It has been declared as problematic. Affected is the function eddsa_verify of the file crypto/ecc-ssh.c of the component Ed25519 Signature Handler. The manipulation results in improper verification of cryptographic signature. This vulnerability was named CVE-2026-4115. The attack may be performed from remote. In addition, an exploit is available. The real existence of this vulnerability is still doubted at the moment. It is advisable to implement a patch to correct this issue. The vendor was contacted early, responded in a very professional manner and quickly released a patch for the affected product. However, at the moment there is no proof that this flaw might have any real-world impact.

Submit #775576 / VDB-352429

A vulnerability was found in kalcaddle kodbox 1.64. It has been classified as critical. This impacts the function loginAfter/tfaVerify of the file /workspace/source-code/plugins/client/controller/tfa/index.class.php of the component Password Login. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2026-4592. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in kalcaddle kodbox 1.64 and classified as critical. This affects the function checkBin of the file /workspace/source-code/plugins/fileThumb/app.php of the component fileThumb Endpoint. Executing a manipulation can lead to os command injection. This vulnerability is handled as CVE-2026-4591. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in kalcaddle kodbox 1.64 and classified as problematic. The impacted element is an unknown function of the file /workspace/source-code/plugins/oauth/controller/bind/index.class.php of the component loginSubmit API. Performing a manipulation of the argument third results in cross-site request forgery. This vulnerability is known as CVE-2026-4590. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, was found in kalcaddle kodbox 1.64. The affected element is the function PathDriverUrl of the file /workspace/source-code/app/controller/explorer/editor.class.php of the component fileGet Endpoint. Such manipulation of the argument path leads to server-side request forgery. This vulnerability is traded as CVE-2026-4589. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as problematic, has been found in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic key . This vulnerability appears as CVE-2026-4588. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #775471 / VDB-352428