Aggregator

A vulnerability identified as problematic has been detected in ajv up to 8.17.1. Affected by this issue is the function RegExp. The manipulation of the argument data leads to inefficient regular expression complexity. This vulnerability is traded as CVE-2025-69873. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as problematic has been discovered in Mealie 3.3.1. Affected by this issue is some unknown functionality of the component SVG File Parser. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2025-70297. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Google Chrome. It has been rated as problematic. This issue affects some unknown processing of the component File Input. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2026-2320. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown function of the component Codecs. The manipulation results in heap-based buffer overflow. This vulnerability is cataloged as CVE-2026-2314. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Google Chrome. It has been classified as problematic. This affects an unknown part of the component PictureInPicture. Performing a manipulation results in clickjacking. This vulnerability is reported as CVE-2026-2318. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, has been found in Google Chrome. This impacts an unknown function of the component CSS. The manipulation leads to use after free. This vulnerability is listed as CVE-2026-2313. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been declared as problematic. This vulnerability affects unknown code of the component DevTools. Executing a manipulation can lead to race condition. This vulnerability appears as CVE-2026-2319. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Google Chrome. The impacted element is an unknown function of the component Frames. Performing a manipulation results in clickjacking. This vulnerability is identified as CVE-2026-2316. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.

2026年2月，字节跳动旗下AI视频生成模型Seedance 2.0以“地表最强”的姿态横空出世，凭借多模态输

· 电池存在起火风险，奔驰宣布在美国召回超万辆 EQB 电动汽车

针对某银行演练红队攻击样本分析

如果你在用敲敲，更新到最新版本，面板顶部会出现小红花的入口。欢迎参与这个小实验，也欢迎告诉我们你的想法。

Currently trending CVE - Hype Score: 6 - An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges.

Currently trending CVE - Hype Score: 1 - NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver.

Currently trending CVE - Hype Score: 2 - A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček ...

Proofpoint is snapping up the startup to solve the industry’s newest headache: knowing what your autonomous AI is actually doing.

The post Proofpoint acquires Acuvity to tackle the security risks of agentic AI appeared first on CyberScoop.

护航矿山智能化高质量转型。