Aggregator

Почему ИИ-грамотность стала важнее самих нейросетей: отчет Forrester.

A vulnerability, which was classified as critical, has been found in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is the function fwrite of the file admin/pageMail.php. The manipulation of the argument mailSubject/mailMessage leads to command injection. This vulnerability is listed as CVE-2026-5041. The attack may be initiated remotely. In addition, an exploit is available.

SnowTeam Launches Leak Bazaar, a Corporate Data Exchange With ML-Powered Dump Analysis, DBMS Reverse Engineering, and Ransomware Negotiation Support

A vulnerability classified as problematic was found in mxml up to 4.0.4. This issue affects the function index_sort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. This vulnerability is tracked as CVE-2026-5037. The attack is restricted to local execution. Moreover, an exploit is present. A patch should be applied to remediate this issue.

Submit #778914 / VDB-222644

Submit #778914 / VDB-222644

Submit #778873 / VDB-353964

Submit #778873 / VDB-353964

Submit #778686 / VDB-317862

Submit #778686 / VDB-317862

Submit #778638 / VDB-353963

Submit #778638 / VDB-353963

The list of countries exploiting Internet-connected cameras to give them eyes inside their adversaries' borders continues to expand. What should companies look out for?

A vulnerability classified as critical has been found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. This vulnerability is identified as CVE-2026-5036. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. This vulnerability is referenced as CVE-2026-5035. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability marked as critical has been reported in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /edit_costumer.php of the component Parameter Handler. This manipulation of the argument cos_id causes sql injection. The identification of this vulnerability is CVE-2026-5034. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability labeled as critical has been found in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_costumer.php of the component Parameter Handler. The manipulation of the argument cos_id results in sql injection. This vulnerability was named CVE-2026-5033. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability identified as problematic has been detected in Wazuh 3.5.0/4.3.10. Affected is an unknown function of the component authd. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2023-7340. The attack is possible to be carried out remotely. No exploit exists.