Aggregator

A vulnerability classified as critical has been found in Mozilla Firefox up to 96 on Android. Affected by this issue is some unknown functionality. Performing a manipulation results in improper restriction of rendered ui layers. This vulnerability is cataloged as CVE-2022-22762. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.5. It has been rated as critical. This impacts an unknown function of the component Content Security Policy. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2022-22761. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability described as critical has been identified in Mozilla Firefox up to 96. Affected by this vulnerability is an unknown functionality. Such manipulation leads to Remote Code Execution. This vulnerability is listed as CVE-2022-22761. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.

Cybercrime has always been a

You always find the new curl releases on the curl site!Release pres

谷歌公司在印度东南打造大型AI中心动土谷歌在印度东南港市维扎格打造其在美国以外最大人工智能枢纽的计划，今天举行动土典礼；而维扎格会是连接新加坡的海缆登陆点。谷歌去年10月承诺，未来5年将斥资150亿美

A vulnerability was found in Google Chrome on Android. It has been declared as critical. The affected element is an unknown function of the component WebView. Executing a manipulation can lead to use after free. This vulnerability appears as CVE-2026-7342. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Google Chrome. Impacted is an unknown function of the component WebRTC. Such manipulation leads to use after free. This vulnerability is listed as CVE-2026-7341. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Google Chrome. It has been classified as critical. This affects an unknown function of the component Feedback. The manipulation leads to sandbox issue. This vulnerability is documented as CVE-2026-7345. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, has been found in Google Chrome on Windows. This issue affects some unknown processing of the component ANGLE. This manipulation causes integer overflow. This vulnerability is tracked as CVE-2026-7340. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Google Chrome. This issue affects some unknown processing of the component Media. The manipulation results in use after free. This vulnerability was named CVE-2026-7355. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability has been found in Samsung Devices and classified as critical. Affected by this issue is some unknown functionality of the component PackageManagerService. This manipulation causes insufficient verification of data authenticity. This vulnerability is tracked as CVE-2026-21023. The attack is restricted to local execution. No exploit exists. It is suggested to install a patch to address this issue.

Содержимое некогда защищённых репозиториев стало общественным достоянием.

根据国家信息安全漏洞库（CNNVD）统计，本周（2026年4月20日至2026年4月26日）安全漏洞情况如下

1.Illusion[hook]表面上看是 RC4 其实被hook到了AES上 这题表面主逻辑是 RC4，但真正的 flag 在 MessageBoxA 钩子里的 AES 分支里分析main函数前缀固定为 xmctf{总长度固定为 25} 在最后一位中间 18 字节会被取出来参与校验sub_140001440 很像标准 RC4：初始化 256 字节 S 盒用密钥 nev_gona_give_

A vulnerability classified as critical was found in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action_ipsec_conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The identification of this vulnerability is CVE-2026-4537. The attack may be launched remotely. Furthermore, there is an exploit available. Upgrading the affected component is advised. The vendor explains, that "some other customer has reported this to us before. And we have fixed this."

A vulnerability, which was classified as critical, was found in Dell iDRAC10 1.20.70.50/1.30.05.10. Affected by this vulnerability is an unknown functionality. The manipulation results in insufficiently protected credentials. This vulnerability is identified as CVE-2026-35155. The attack can be executed remotely. There is not any exploit available.

SpaceX IPO前夕 马斯克天价薪酬方案曝光SpaceX董事会已经批准了一项前所未有的薪酬方案，将其首席执行官埃隆·马斯克的薪酬与实现未来目标挂钩，包括火星殖民以及太空数据中心建设。SpaceX在

本文记录一次完整的内网渗透实战过程，从外网打点到域控接管，涵盖 WebShell 利用、OA 漏洞利用、内网横向移动、域提权等关键技术。

A vulnerability, which was classified as critical, was found in OpenClaw up to 2026.3.27. Affected by this vulnerability is an unknown functionality. Such manipulation leads to incorrect authorization. This vulnerability is listed as CVE-2026-33576. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.