Aggregator

A vulnerability was found in Linux Kernel up to 7.0-rc2. It has been rated as critical. This affects the function ip6_rt_get_dev_rcu of the file net/ipv6/route.c. Performing a manipulation results in null pointer dereference. This vulnerability is identified as CVE-2026-23304. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 7.0-rc1 and classified as critical. This affects the function cifs_set_cifscreds of the component smb. The manipulation leads to information exposure through debug log file. This vulnerability is traded as CVE-2026-23303. An attack has to be approached locally. There is no exploit available. The affected component should be upgraded.

气候变化和城市化加剧了热岛效应，城市地区的温度显著高于农村地区，而更高的温度又推动了制冷需求和加剧了电网压力，形成某种恶性循环。日本大阪府大学 Jihui Yuan 副教授领导的团队调查了垂直绿化等城市降温策略。他们的研究显示，朝南绿墙可将室内热条件改善最多 1.7°C；低反照率外表面能改善室外热舒适度最多 1.5°C；高反照率外表面则有助于降低室内温度。

Currently trending CVE - Hype Score: 8 - Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into ...

ISCC-2026-区域赛练武wp详解，可以供各位师傅进行赛后复盘参考

聚焦于AI供应链中的新型高危威胁API中转站投毒（Relay Station Poisoning）。研究不可信中转节点如何利用其对HTTP/SSE流的完全控制权，在Claude Code等AI Agent场景中实现从“数据窃取”到“远程命令执行（RCE）”的完整攻击链，以及如何防御，防御有什么缺陷

Hyperjail 靶机考点为无认证 libvirt 远程管控，依托存储池任意目录挂载实现公钥注入拿用户权限，篡改 doas 配置完成本地提权，再通过挂载 QCOW2 磁盘镜像打通虚拟机内外权限。

本文为 ISCC 2026 移动安全赛题的全套题解，涵盖五道 Android 逆向题目，每道题均从 APK 结构分析入手，逐步拆解 Java 层逻辑、native 层校验链及密码学方案，并给出完整 exp。

一款伪装成豆包Claw的恶意项目仍在活跃

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. This impacts the function ext2_iget of the file fs/inode.c. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2026-46002. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 and classified as critical. Affected by this issue is some unknown functionality. Executing a manipulation can lead to uncontrolled memory allocation. This vulnerability is tracked as CVE-2026-46003. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. It has been rated as critical. This issue affects the function xfs_alloc_buftarg of the component xfs. This manipulation causes memory leak. This vulnerability is registered as CVE-2026-46005. The attack requires access to the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. It has been rated as critical. This affects the function put_disk of the component scsi. This manipulation causes privilege escalation. This vulnerability is tracked as CVE-2026-45997. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. Impacted is the function nouveau_gem_pushbuf_reloc_apply. Executing a manipulation can lead to insufficient verification of data authenticity. This vulnerability is registered as CVE-2026-46006. The attack requires access to the local network. No exploit is available. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.87/6.18.29/7.0.3. The affected element is an unknown function of the component hwmon. The manipulation leads to buffer overflow. This vulnerability is documented as CVE-2026-46007. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 7.0.3. The impacted element is the function damos_walk. The manipulation results in deadlock. This vulnerability is reported as CVE-2026-46008. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.3. It has been rated as critical. This affects the function z_erofs_lz4_handle_overlap. The manipulation leads to integer overflow. This vulnerability is referenced as CVE-2026-45999. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.85/6.18.26/7.0.3. This impacts the function pt5161l_read_block_data. The manipulation results in buffer overflow. This vulnerability is identified as CVE-2026-46001. The attack can only be performed from the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. It has been classified as critical. This affects the function setup_card of the component Caiaq Driver. The manipulation leads to use after free. This vulnerability is listed as CVE-2026-46004. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.