Aggregator

Submit #818599 / VDB-367416

Submit #814772 / VDB-367415

Submit #814771 / VDB-367414

Submit #814770 / VDB-367413

Submit #814769 / VDB-367412

Submit #814768 / VDB-367411

Name: ZeroDayTM CTF (an ZDTM CTF event.)
Date: May 23, 2026, 7 a.m. — 23 May 2026, 15:00 UTC  [add to calendar]
Format: Jeopardy
On-site
Location: ICAM UVT, Timisoara, Romania
Offical URL: https://ctf.info.uvt.ro/invite/ckhbsit2kfmk
Rating weight: 0
Event organizers: ZeroDayTM

Name: Panther CTF 2026 (an SecLeaf CTF event.)
Date: May 23, 2026, 8:30 a.m. — 24 May 2026, 08:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Online
Offical URL: http://pantherctf.secleaf.tech/
Rating weight: 0
Event organizers: SecLeaf

木鱼分析沙箱新版本重磅内测来袭

Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0257 (CVSS score: 7.8), refers to a case of authentication bypass that could be exploited by bad actors to set up VPN connections. "Authentication bypass vulnerabilities in the

Vulnerability / Network SecurityPalo Alto Networks has warned that a recently disclosed medium-sev

七国集团宣言将合作在网络空间保护儿童G7数字部长会议29日在巴黎举行并通过了一份部长宣言，写入合作在网络空间保护儿童等内容。会议还制定了着眼于落实具体合作措施的 “共同原则”。各方也将应对网络成瘾、网

Если бы только учёные знали, где живёт сознание.

A vulnerability was found in Open5GS up to 2.7.6. It has been rated as critical. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2026-10157. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is suggested to install a patch to address this issue.

A vulnerability was found in Open5GS up to 2.7.7. It has been declared as problematic. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nf_info_pool can lead to resource consumption. This vulnerability appears as CVE-2026-10156. The attack may be performed from remote. In addition, an exploit is available. Applying a patch is advised to resolve this issue. The issue report is flagged as already-fixed.

Submit #818939 / VDB-367410

Submit #818598 / VDB-367409

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. It has been classified as critical. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDate results in sql injection. This vulnerability is reported as CVE-2026-10155. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Submit #818587 / VDB-364333

A vulnerability was found in Dolibarr ERP CRM 23.0.0/23.0.1/23.0.2 and classified as critical. The affected element is an unknown function of the file htdocs/user/messaging.php. Such manipulation of the argument ID leads to authorization bypass. This vulnerability is documented as CVE-2026-10154. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.