Aggregator

Математика точно знает, когда вам пора перестать искать новые места.

A vulnerability classified as problematic has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. This vulnerability is tracked as CVE-2026-10705. The attack is possible to be carried out remotely. No exploit exists. The pull request to fix this issue awaits acceptance.

A vulnerability described as critical has been identified in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/admin_class_novo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. This vulnerability is identified as CVE-2026-10704. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability marked as critical has been reported in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. This vulnerability is referenced as CVE-2026-10703. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.

Submit #831411 / VDB-368018

Submit #831321 / VDB-368017

Submit #830957 / VDB-201888

Submit #830921 / VDB-368016

A vulnerability labeled as critical has been found in Dell ThinOS 10 10.0765. This impacts an unknown function. Executing a manipulation can lead to improper access controls. The identification of this vulnerability is CVE-2026-40715. The attack can only be executed locally. There is no exploit available. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Dell ThinOS 10 10.0765. This affects an unknown function. Performing a manipulation results in improper access controls. This vulnerability was named CVE-2026-40713. The attack may be carried out on the physical device. There is no available exploit. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Gitlawb openclaude up to 0.5.0. The impacted element is an unknown function. Such manipulation of the argument state leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2026-42073. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability was found in Gitlawb openclaude up to 0.5.0. It has been rated as critical. The affected element is an unknown function of the component Setting Handler. This manipulation of the argument dangerouslyDisableSandbox causes missing authentication. This vulnerability is handled as CVE-2026-42074. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.

Huawei заявила, что научилась делать топовые чипы без запрещённого оборудования.