Aggregator

The Emergence of the MiniPlasma Threat A perilous zero-day vulnerability designated as MiniPlasma is currently enduring active exploitation within the Windows ecosystem. Consequently, this severe architectural defect allows local adversaries to instantly inherit absolute...

The post Sovereign Compromise: Zero-Day “MiniPlasma” Flaw Grants SYSTEM Privileges in Windows appeared first on Information Security News.

富士康与英特尔联手开发AI基础设施富士康科技集团与英特尔正联手开发AI基础设施。两家公司周四表示，为应对数据中心的可扩展性挑战，双方将重点开发搭载英特尔标志性中央处理器和先进AI加速器架构的英特尔服务

The Vulnerability of Native Link Handlers A solitary click on a malicious hyperlink within Windows can compromise a workstation entirely. Consequently, the operating system autonomously transmits sensitive authentication telemetry to a remote adversary. Crucially,...

The post The Protocol Peril: Unpatched Windows Search Handlers Leak Enterprise Credentials appeared first on Information Security News.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.19.10. Affected by this vulnerability is the function ext4_setattr of the component ext4. Executing a manipulation can lead to denial of service. The identification of this vulnerability is CVE-2026-31452. The attack needs to be done within the local network. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10. It has been declared as critical. This affects the function xfsaild_push_item. Such manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2026-31453. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.19.10. The impacted element is the function xfs_inode_item_push. Executing a manipulation can lead to use after free. This vulnerability appears as CVE-2026-31454. The attack requires local access. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.130/6.12.79/6.18.20/6.19.10. It has been classified as critical. Affected by this issue is some unknown functionality of the component ext4. This manipulation causes memory leak. The identification of this vulnerability is CVE-2026-31451. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 6.19.10. This impacts the function ext4_inode_attach_jinode of the component ext4. Such manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2026-31450. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

明天九点开赛！

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

TP-Link Systems Inc.が提供する複数の製品には、重要情報の平文送信の脆弱性が存在します。

首先登录小程序，发现数据是密文，还有签名，这就很头大啊 再大也要干，反编译小程序，格式化 js 代码，全局搜

2026年度备受瞩目的网络安全国家赛事——“湾区杯”网络安全大赛，报名通道现已全面开放！无论你是网安从业者、

A vulnerability classified as problematic was found in Passeum Ticketing Plugin up to 1.0 on WordPress. The affected element is the function get_shop_url of the component Setting Handler. The manipulation of the argument shop_name results in cross site scripting. This vulnerability was named CVE-2026-7421. The attack may be performed from remote. There is no available exploit.

A vulnerability described as problematic has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function is_safe_regex_pattern of the component search_code_advanced. Executing a manipulation of the argument regex can lead to inefficient regular expression complexity. This vulnerability is registered as CVE-2026-10692. It is possible to launch the attack remotely. Furthermore, an exploit is available. Upgrading the affected component is recommended.