Aggregator

Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges. [...]

A vulnerability was found in Linux Kernel up to 6.1.164/6.6.127/6.12.74/6.18.15/6.19.5. It has been declared as critical. Affected by this vulnerability is the function tcf_skbedit_hash. The manipulation results in divide by zero. This vulnerability is identified as CVE-2026-43238. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.79/6.18.20/6.19.10. It has been declared as critical. Affected is the function vfs_iocb_iter_read. The manipulation results in privilege escalation. This vulnerability is identified as CVE-2026-31514. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.12.74/6.18.15/6.19.5. This issue affects the function rb_read_data_buffer of the component tracing. The manipulation leads to buffer overflow. This vulnerability is referenced as CVE-2026-43210. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.12.79/6.18.20/6.19.10. Affected by this vulnerability is the function l2cap_build_cmd of the component Bluetooth. Performing a manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2026-31513. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.12.82/6.18.23/6.19.13. This issue affects the function kfree_rcu of the component netfilter. This manipulation causes use after free. This vulnerability is handled as CVE-2026-43084. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

AI 漏洞挖掘开始交付"工程化结果" 从音频解码到工业 CAD，从车端 CAN 帧到企业 Java 中间件——这一次，AI 红队没有靠"灵感"。

Новый телефон создают вне мобильных экосистем Apple, Huawei и Samsung.

Five Eyes warns that Chinese spies are using fake job ads on LinkedIn, Indeed, and Upwork to target military staff and steal sensitive data.

Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen […]

A vulnerability, which was classified as critical, was found in Acer Connect M6E 5G Portable WiFi Router up to M6E_AI_1.00.000019. The affected element is an unknown function. The manipulation results in path traversal. This vulnerability is identified as CVE-2026-50207. The attack is only possible with local access. There is not any exploit available.

A vulnerability identified as critical has been detected in Acer Connect M6E 5G Portable WiFi Router up to M6E_AI_1.00.000019. Affected is an unknown function of the component TLS Certificate Validation Handler. The manipulation leads to insufficiently random values. This vulnerability is traded as CVE-2026-50208. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability described as critical has been identified in Acer Connect M6E 5G Portable WiFi Router up to M6E_AI_1.00.000019. This affects an unknown part of the component Device Management Handler. Such manipulation leads to incorrect permission assignment. This vulnerability is uniquely identified as CVE-2026-50209. Local access is required to approach this attack. No exploit exists.

A vulnerability classified as critical has been found in Acer Connect M6E 5G Portable WiFi Router up to M6E_AI_1.00.000019. This vulnerability affects unknown code. Performing a manipulation results in information disclosure. This vulnerability was named CVE-2026-50210. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical was found in Acer Connect M6E 5G Portable WiFi Router up to M6E_AI_1.00.000019. This issue affects some unknown processing. Executing a manipulation can lead to format string. The identification of this vulnerability is CVE-2026-50211. The attack may be launched remotely. There is no exploit available.

A vulnerability labeled as critical has been found in Supermicro SMCI AS-2115HS-TNR 01.06.04/01.08.01. Affected by this vulnerability is an unknown functionality of the component SMTP Service. The manipulation results in os command injection. This vulnerability is known as CVE-2026-3820. It is possible to launch the attack remotely. No exploit is available.

A vulnerability marked as critical has been reported in Acer Connect M6E 5G Portable WiFi Router up to M6E_AI_1.00.000019. Affected by this issue is some unknown functionality. This manipulation causes resource consumption. This vulnerability is handled as CVE-2026-50212. The attack can only be done within the local network. There is not any exploit available.

A vulnerability, which was classified as critical, has been found in Acer Connect M6E 5G Portable WiFi Router up to M6E_AI_1.00.000019. Impacted is an unknown function of the file /v1/User/validate of the component Account Validation Endpoint. The manipulation leads to hard-coded credentials. This vulnerability is referenced as CVE-2026-50213. Remote exploitation of the attack is possible. No exploit is available.