Aggregator

Currently trending CVE - Hype Score: 3 - A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_manager=LOCAL`, MLflow reads dependency specifications from the model ...

Currently trending CVE - Hype Score: 2 - Windows Telephony Server Elevation of Privilege Vulnerability

Currently trending CVE - Hype Score: 1 - A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member ...

Currently trending CVE - Hype Score: 21 - When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE).   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Currently trending CVE - Hype Score: 2 - Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate ...

Currently trending CVE - Hype Score: 10 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Currently trending CVE - Hype Score: 5 - A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code ...

Currently trending CVE - Hype Score: 2 - Unity Runtime before 2025-10-02 on Android, Windows, macOS, and Linux allows argument injection that can result in loading of library code from an unintended location. If an application was built with a version of Unity Editor that had the vulnerable Unity Runtime code, then an ...

Currently trending CVE - Hype Score: 1 - Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

2026数字中国创新大赛数字安全赛道暨 三明市第六届“红明谷”杯 pwn 全解解析 附带附件

01 前言Winget钓鱼是一种容易被防御者忽视的钓鱼方式，以至于公开的文件滥用后缀中并没有它：https://filesec.io/本文会详细介绍这种新的钓鱼伪装技术，包括漏洞复现、涉及的概念，如何一步步构造及原理02 漏洞复现压缩包内有Lnk文件jianli.lnk双击jianli.lnk后可以看到成功弹出了伪装的pdf文档，并下载执行了putty.exe03 前置知识3.1 Powershe

分析了当下最火的openclaw的防御模式

前言比赛又被拷打了，等了好久这个题都没有wp，没招，只能自己梭哈了。环境搭建这里直接用的SfTian佬的复现平台打的题https://gz.imxbt.cn/。解题登录以及题目漏洞点分析首先访问题目，说明要https访问。https之后其实发现会跳转到localhost。这里需要输入接口/carbon/admin/login.jsp，才能正常访问。然后是找账户密码了，本地 repository/c

打靶记录分享

本文复现 2026SUCTF 四道题目，涵盖 glibc 2.41 堆题、内核驱动及 V8 引擎漏洞。SU_minivfs 利用 write 函数的 off-by-null 污染 chunk header，结合 House of Einherjar 与 FSOP 劫持控制流；SU_Chronos_R

重新手搓了两个pwn的脚本，作用写在注释里面了

edusrc漏洞挖掘常见思路

题目质量还是很高的，很有新意

本文围绕 polarisCTF 的 9 道密码学题目展开，包含整体思路、解题关键与完整的解题脚本

架构及其全面，比起寻常的webpwn的proxy之类更加接近实战