Aggregator

提示注入漏洞让一个 GitHub Issue 变成了供应链核弹——影响面 ~1.7 万个仓库，而修复窗口只有 4 天。 真正的风险不在于这个漏洞本身，而在于：当 AI 编程代理大规模进入企业 CI/CD 流水线之后，类似的提示注入漏洞会成为攻击者的标准入口。我们现在不把安全框架建立起来，等出事的时候就晚了。 给企业安全团队的三条硬建议： 1、立即做资产清点 有没有在用 GitHub Actions？有没有引入 AI 编程代理（Claude Code / Copilot Agent / 其他）？ 如果答案是"有"，先搞清楚权限范围是什么——别等出了事再翻日志。 2、最小权限 + 零信任，现在就做 1）AI 代理只给完成任务所需的最小权限，多一个 scope 都不行 2）Pin GitHub Actions 到 commit SHA（防止 tag 被移动投毒） 3）敏感凭证（npm token、API key）与 AI 代理隔离，别让它能读到 /proc/self/environ 3、 建立 AI 代理的审计和应急响应机制 1）启用 GitHub Actions 审计日志，监控异常的工作流触发 2）制定预案：当 AI 代理被入侵时，如何快速吊销凭证、隔离受影响仓库、回溯攻击链？ #AI编程代理#供应链攻击

A vulnerability marked as critical has been reported in FreeIPMI up to 1.6.17. This vulnerability affects unknown code of the component Intelligent Platform Management Interface. Performing a manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2026-50031. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability classified as problematic has been found in RURBAN Cpanel::JSON::XS up to 4.40 on Perl. Impacted is the function decode_json. The manipulation leads to release of reference. This vulnerability is uniquely identified as CVE-2026-9516. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in RURBAN Cpanel::JSON::XS up to 4.40 on Perl. The impacted element is the function decode_hv. This manipulation causes type confusion. The identification of this vulnerability is CVE-2026-9334. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/admin_class_novo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. This vulnerability is identified as CVE-2026-10704. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability classified as problematic has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. This vulnerability is tracked as CVE-2026-10705. The attack is possible to be carried out remotely. No exploit exists. The pull request to fix this issue awaits acceptance.

A vulnerability marked as critical has been reported in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. This vulnerability is referenced as CVE-2026-10703. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability classified as problematic has been found in danny-avila LibreChat up to 0.8.4. The impacted element is an unknown function of the file /api/files. The manipulation leads to incorrect authorization. This vulnerability is referenced as CVE-2026-44654. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability labeled as problematic has been found in net-textproto up to 1.25.10/1.26.3 on Go. This issue affects some unknown processing of the file net/textproto. Such manipulation leads to sensitive information in log files. This vulnerability is uniquely identified as CVE-2026-42507. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.

Linux ELF Shellcode 生成与 Fileless 实战，通过zigdonut生成Linux下的shellcode

FlixVision APK 应用。表面上以免费观看电影、电视节目为噱头吸引用户安装，背地里却悄悄占用用户宽带资源，私自搭建隐蔽的网络代理通道。

一次攻防下钓鱼GO木马的详细分析，拿下CS shellcode

比赛部分题解

``0解鸿蒙逆向题`` 对于一个没有系统接触过鸿蒙逆向的小白，在线下比赛中做出来确实比较困难，这篇文章从鸿蒙小白的角度 探讨 鸿蒙hap包逆向的完整流程及重点难点 随着HarmonyOS NEXT在2024年底正式商用，纯鸿蒙应用的数量在过去一年多迅速增长，安全研究领域对鸿蒙逆向的需求也随之而来。与Android生态成熟的逆向工具链相比，鸿蒙逆向目前仍处于早期阶段，公开的分析资

Submit #836746 / VDB-366175

A vulnerability described as problematic has been identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. This vulnerability is known as CVE-2026-11534. It is possible to launch the attack remotely. Furthermore, an exploit is available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet.

Submit #836744 / VDB-366174

A vulnerability marked as critical has been reported in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to improper authorization. This vulnerability is traded as CVE-2026-11533. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability labeled as critical has been found in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected is an unknown function of the file /add.php of the component Student Record Handler. Executing a manipulation can lead to improper access controls. This vulnerability appears as CVE-2026-11532. The attack may be performed from remote. In addition, an exploit is available. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability identified as critical has been detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin_login.php of the component Administrator Login Endpoint. Performing a manipulation of the argument a_usr/a_pwd results in sql injection. This vulnerability is reported as CVE-2026-11531. The attack is possible to be carried out remotely. Moreover, an exploit is present. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The project was informed of the problem early through an issue report but has not responded yet.