Aggregator
Recon Isn’t Just Technical — It’s Psychological
1 month 1 week ago
Finding & Exploiting Exposed Google API Keys for Bug $Bounties
1 month 1 week ago
Turn exposed Google API keys into real-world impact by accessing Gemini and other Google services fo
Finding & Exploiting Exposed Google API Keys for Bug $Bounties
1 month 1 week ago
Turn exposed Google API keys into real-world impact by accessing Gemini and other Google services fo
The Quantum of Desire
1 month 1 week ago
New StorybyAstounding StoriesbyAstounding Stories@astoundingstoriesDare to dream. Dare to go where
CVE-2026-29220 | Apache OFBiz up to 24.09.05 path traversal
1 month 1 week ago
A vulnerability marked as critical has been reported in Apache OFBiz up to 24.09.05. This issue affects some unknown processing. Performing a manipulation results in path traversal.
This vulnerability is cataloged as CVE-2026-29220. It is possible to initiate the attack remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-31378 | Apache OFBiz up to 24.09.05 input validation
1 month 1 week ago
A vulnerability described as problematic has been identified in Apache OFBiz up to 24.09.05. Impacted is an unknown function. Executing a manipulation can lead to improper input validation.
This vulnerability is registered as CVE-2026-31378. The attack requires access to the local network. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-31380 | Apache OFBiz up to 24.09.05 Expression Language Statement expression language injection
1 month 1 week ago
A vulnerability classified as critical has been found in Apache OFBiz up to 24.09.05. The affected element is an unknown function of the component Expression Language Statement Handler. The manipulation leads to improper neutralization of special elements used in an expression language statement.
This vulnerability is documented as CVE-2026-31380. The attack can be initiated remotely. There is not any exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-31388 | Apache OFBiz up to 24.09.05 access control
1 month 1 week ago
A vulnerability classified as critical was found in Apache OFBiz up to 24.09.05. The impacted element is an unknown function. The manipulation results in improper access controls.
This vulnerability is reported as CVE-2026-31388. The attacker must have access to the local network to execute the attack. No exploit exists.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-29226 | Apache OFBiz up to 24.09.05 Content Component Operation server-side request forgery
1 month 1 week ago
A vulnerability was found in Apache OFBiz up to 24.09.05. It has been rated as critical. This vulnerability affects unknown code of the component Content Component Operation Handler. This manipulation causes server-side request forgery.
The identification of this vulnerability is CVE-2026-29226. It is possible to initiate the attack remotely. There is no exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-31379 | Apache OFBiz up to 24.09.05 cross site scripting
1 month 1 week ago
A vulnerability categorized as problematic has been discovered in Apache OFBiz up to 24.09.05. This issue affects some unknown processing. Such manipulation leads to cross site scripting.
This vulnerability is referenced as CVE-2026-31379. It is possible to launch the attack remotely. No exploit is available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-31387 | Apache OFBiz up to 24.09.05 improper authentication
1 month 1 week ago
A vulnerability marked as critical has been reported in Apache OFBiz up to 24.09.05. The impacted element is an unknown function. The manipulation leads to improper authentication.
This vulnerability is listed as CVE-2026-31387. The attack must be carried out from within the local network. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
Настоящая программа ставится, пока вирусы воруют пароли. Специалисты нашли скрытую угрозу для пользователей Gemini и Claude
1 month 1 week ago
Привычный поиск всё чаще становится частью чужого сценария.
一家垂类 AI 创企的自救:当通用模型开始吃掉一切
1 month 1 week ago
智能开始非线性增长,AI 企业的底层逻辑正被改写。
一家垂类 AI 创企的自救:当通用模型开始吃掉一切
1 month 1 week ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
Pardon MIE?: how Mythos did not bypass Apple MIE
1 month 1 week ago
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
1 month 1 week ago
Vulnerability / Web SecurityA maximum-severity security vulnerability impacting LiteSpeed User-End
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
1 month 1 week ago
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.
The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions.
"Any cPanel user (including an attacker or a compromised account) may
The Hacker News
DMA Buffer Cache同步的批处理优化及高通平台的实践
1 month 1 week ago
活动,“笑傲内核”小组核心成员陈雪原将代表小组出席活动,进行主题分享《DMA Buffer Cache同步的批处理优化及高通平台的实践》。2026年5月30日,深圳《
21cnbao
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
1 month 1 week ago
Vulnerability / Website SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) h