Aggregator

Currently trending CVE - Hype Score: 1 - A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made ...

Currently trending CVE - Hype Score: 9 - A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit ...

Currently trending CVE - Hype Score: 10 - A weakness has been identified in langflow-ai langflow up to 1.8.4. This affects the function eval of the file src/lfx/src/lfx/components/llm_operations/lambda_filter.p of the component LambdaFilterComponent. Executing a manipulation can lead to code injection. The attack may be ...

Currently trending CVE - Hype Score: 10 - A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parse_callable_details of the file src/lfx/src/lfx/custom/code_parser/code_parser.py of the component Full Builtins Module Handler. Executing a manipulation can ...

Currently trending CVE - Hype Score: 10 - IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.

Currently trending CVE - Hype Score: 12 - A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex ...

Секретный эксперимент вышел из-под контроля быстрее, чем чиновники успели объяснить происходящее.

在数字化转型加速推进的今天，数据已成为第五大生产要素。然而，数据泄露事件也随之呈现爆发式增长态势。

在敏感信息泄漏后 Meta 暂停了内部的 AI 训练项目。泄密事件暴露了员工的私人对话、绩效数据和转录文本。Meta 发言人证实了此事，表示公司正在调查，称目前没有迹象表明 Meta 员工不当访问了任何数据。Meta 公司是在今年 4 月宣布了名为 Model Capability Initiative 的 AI 训练计划，旨在利用员工的按键和鼠标移动作为训练数据，以改进公司的 AI 模型。该计划对大多数员工强制执行，但引发了部分员工的强烈反对，他们对自己的数据被记录感到不安。最新的泄密事件令 Meta 内部员工感到沮丧，他们批评公司从一开始就没有对数据进行安全防护。

Вербовщики в соцсетях принуждают женщин и подростков к съемкам откровенных видео за долги.

A vulnerability has been found in Teleport 3.2.2/3.5.6-rc6/3.6.3-b2 and classified as problematic. This issue affects some unknown processing of the file /user/get-role-list of the component Web Interface. This manipulation causes information disclosure. This vulnerability is tracked as CVE-2022-38599. The attack is only possible within the local network. No exploit exists.

A vulnerability categorized as critical has been discovered in Sage 300 up to 6.9.x. This impacts an unknown function. The manipulation results in improper access controls. This vulnerability is identified as CVE-2022-38583. The attack can only be performed from the local network. There is not any exploit available.

A vulnerability, which was classified as critical, was found in Watchdog Antivirus 1.4.158. Affected is an unknown function in the library wsdkd.sys. The manipulation results in improper access controls. This vulnerability is known as CVE-2022-38582. Access to the local network is required for this attack. No exploit is available.

A vulnerability labeled as critical has been found in Gogs. Impacted is an unknown function of the component Webhook Handler. Such manipulation leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2026-47267. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in nicolargo glances 4.5.1/4.5.2/4.5.3/4.5.4. This issue affects some unknown processing of the component Header Validation Handler. This manipulation causes reliance on reverse dns resolution. This vulnerability is handled as CVE-2026-46611. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in OpenIdentityPlatform OpenAM 15.0.4/16.0.0. This vulnerability affects unknown code. The manipulation of the argument _queryId results in ldap injection. This vulnerability is known as CVE-2026-41573. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.