Aggregator

CVE-2026-20626 | Apple macOS/visionOS/iOS/iPadOS up to 26.2 App authorization

Vuldb Updates
2 days 6 hours ago
A vulnerability, which was classified as critical, has been found in Apple macOS, visionOS, iOS and iPadOS up to 26.2. The affected element is an unknown function of the component App. This manipulation causes missing authorization. This vulnerability appears as CVE-2026-20626. The attack requires local access. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-20605 | Apple macOS/iOS/iPadOS up to 26.2 App memory corruption

Vuldb Updates
2 days 6 hours ago
A vulnerability was found in Apple macOS, iOS and iPadOS up to 26.2 and classified as critical. This impacts an unknown function of the component App. Executing a manipulation can lead to memory corruption. This vulnerability is handled as CVE-2026-20605. It is possible to launch the attack on the local host. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-20606 | Apple macOS/iOS/iPadOS up to 26.2 App access control

Vuldb Updates
2 days 6 hours ago
A vulnerability was found in Apple macOS, iOS and iPadOS up to 26.2. It has been classified as critical. Affected is an unknown function of the component App. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2026-20606. Local access is required to approach this attack. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-20611 | Apple macOS/watchOS/visionOS/iOS/iPadOS/tvOS up to 26.2 Media File out-of-bounds

Vuldb Updates
2 days 6 hours ago
A vulnerability was found in Apple macOS, watchOS, visionOS, iOS, iPadOS and tvOS up to 26.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Media File Handler. The manipulation results in out-of-bounds read. This vulnerability was named CVE-2026-20611. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CISA Warns of Notepad++ Code Execution Vulnerability Exploited in Attacks

Cyber Security News
2 days 6 hours ago

CISA has added CVE-2025-15556 to its Known Exploited Vulnerabilities (KEV) catalog, highlighting active exploitation of a critical code execution flaw in Notepad++, a widely used open-source text editor popular among developers and IT professionals. Added on February 12, 2026, with a federal civilian executive branch (FCEB) patching deadline of March 5, 2026, the vulnerability stems […]

The post CISA Warns of Notepad++ Code Execution Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Guru Baran

MUZZLE:针对间接提示注入攻击的网络智能体自适应智能红队测试

Seebug Paper
2 days 6 hours ago
作者:Georgios Syros, Evan Rose, Brian Grinstead 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2602.09222v1 摘要 基于大语言模型(LLM)的网络智能体正被广泛部署,通过直接与网站交互并代表用户执行操作,实现复杂在线任务的自动化。这类智能体虽具备强大能力,但其设计使其易受嵌入在不可信网络内容中的...

CVE-2024-50617 | CIPPlanner CIPAce up to 9.16 File Download/Get File improper authorization

Vuldb Updates
2 days 6 hours ago
A vulnerability was found in CIPPlanner CIPAce up to 9.16. It has been declared as critical. Affected is an unknown function of the component File Download/Get File Handler. Executing a manipulation can lead to improper authorization. This vulnerability is tracked as CVE-2024-50617. The physical device can be targeted for the attack. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50619 | CIPPlanner CIPAce up to 9.16 User Management privileges management

Vuldb Updates
2 days 6 hours ago
A vulnerability has been found in CIPPlanner CIPAce up to 9.16 and classified as critical. Affected is an unknown function of the component User Management. Performing a manipulation results in improper privilege management. This vulnerability was named CVE-2024-50619. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.
vuldb.com

Managed ad