Aggregator

VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide.

A vulnerability labeled as critical has been found in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the argument docFile leads to path traversal. This vulnerability is uniquely identified as CVE-2026-7728. The attack can be launched remotely. Moreover, an exploit is present. It is best practice to apply a patch to resolve this issue.

Submit #807541 / VDB-360905

Submit #807539 / VDB-360904

Мессенджер не отличал .docx от .exe. И вот чем это обернулось…

Submit #807538 / VDB-360903

A vulnerability identified as critical has been detected in Shandong Hoteam Software PDM Product Data Management System up to 8.3.9. This affects the function GetQueryMachineGridOnePageData of the file /Base/BaseService.asmx/DataService. This manipulation of the argument SortOrder causes sql injection. This vulnerability is handled as CVE-2026-7727. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

威胁情报生态系统的产出与共享 by ourren

Gemini Enterprise Agent Platform — Govern 深度技术解析 by ourren

nginxpulse: 轻量级 Nginx 访问日志分析与可视化面板 by ourren

本体：大模型的语义操作系统 by ourren

人工智能的软件基础（复旦大学2026年春季学期） by ourren

SoftwareCopyright-Skill: 中国软件著作权申请材料Skills by ourren

更多最新文章，请访问SecWiki

Submit #803268 / VDB-360902

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.3.12/6.4.3. This affects the function ufshcd_queuecommand of the file drivers/ufs/core/ufshcd.c. Performing a manipulation results in double free. This vulnerability is cataloged as CVE-2023-53510. The attack must originate from the local network. There is no exploit available. You should upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.2.15/6.3.2. Impacted is the function amdgpu_cs_submit. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2023-53228. The attack can only be initiated within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability was found in Open CASCADE Technology OCCT 8.0.0.rc5. It has been classified as problematic. This impacts the function Geom2d_BSplineCurve::EvalD0. The manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2026-42481. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Linux Kernel up to 6.6.135/6.12.82/6.18.23/6.19.13/7.0.0. It has been rated as critical. This issue affects the function vidtv_ts_null_write_into of the component media. The manipulation leads to stack-based buffer overflow. This vulnerability is referenced as CVE-2026-43058. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability described as critical has been identified in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. This vulnerability is traded as CVE-2026-7598. The attack may be launched remotely. There is no exploit available. A patch should be applied to remediate this issue.

A vulnerability, which was classified as problematic, has been found in Open CASCADE Technology OCCT 8.0.0.rc5. Impacted is the function VrmlData_IndexedFaceSet of the file libTKDEVRML.so of the component VRML File Handler. This manipulation causes denial of service. The identification of this vulnerability is CVE-2026-42478. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Open CASCADE Technology OCCT 8.0.0.rc5. It has been declared as problematic. Affected is the function Standard_ReadLineBuffer::ReadLine of the component OBJ File Parser. The manipulation results in out-of-bounds read. This vulnerability is cataloged as CVE-2026-42477. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Open CASCADE Technology OCCT 8.0.0.rc5. This issue affects the function Standard_ReadLineBuffer::ReadLine. The manipulation results in out-of-bounds read. This vulnerability was named CVE-2026-42476. The attack needs to be approached within the local network. There is no available exploit.

A vulnerability was found in Open CASCADE Technology OCCT 8.0.0.rc5. It has been rated as problematic. Affected by this vulnerability is the function VrmlData_IndexedLineSet of the component VRML Parser. This manipulation of the argument coordIndex causes out-of-bounds read. This vulnerability is registered as CVE-2026-42479. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability categorized as problematic has been discovered in Open CASCADE Technology OCCT 8.0.0.rc5. Affected by this issue is the function VrmlData_Scene of the component VRML Parser. Such manipulation leads to out-of-bounds read. This vulnerability is documented as CVE-2026-42480. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Wireshark up to 4.6.4. The impacted element is an unknown function of the component IEEE 802.11 Protocol Dissector. The manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2026-6525. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.