MazeSec靶机 Hyperjail WP复盘
Hyperjail 靶机考点为无认证 libvirt 远程管控,依托存储池任意目录挂载实现公钥注入拿用户权限,篡改 doas 配置完成本地提权,再通过挂载 QCOW2 磁盘镜像打通虚拟机内外权限。
Aggregator
ISCC 2026 移动安全题解
1 week 2 days ago
本文为 ISCC 2026 移动安全赛题的全套题解,涵盖五道 Android 逆向题目,每道题均从 APK
结构分析入手,逐步拆解 Java 层逻辑、native 层校验链及密码学方案,并给出完整 exp。
一款伪装成豆包Claw的恶意项目
1 week 2 days ago
一款伪装成豆包Claw的恶意项目仍在活跃
INC
1 week 2 days ago
You must login to view this content
cohenido
CVE-2026-46002 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 fs/inode.c ext2_iget information disclosure
1 week 2 days ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. This impacts the function ext2_iget of the file fs/inode.c. This manipulation causes information disclosure.
The identification of this vulnerability is CVE-2026-46002. The attack needs to be done within the local network. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-46003 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 memory allocation
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 and classified as critical. Affected by this issue is some unknown functionality. Executing a manipulation can lead to uncontrolled memory allocation.
This vulnerability is tracked as CVE-2026-46003. The attack is only possible within the local network. No exploit exists.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-46005 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 xfs xfs_alloc_buftarg memory leak
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. It has been rated as critical. This issue affects the function xfs_alloc_buftarg of the component xfs. This manipulation causes memory leak.
This vulnerability is registered as CVE-2026-46005. The attack requires access to the local network. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-45997 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 scsi put_disk privilege escalation
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. It has been rated as critical. This affects the function put_disk of the component scsi. This manipulation causes privilege escalation.
This vulnerability is tracked as CVE-2026-45997. The attack is only possible within the local network. No exploit exists.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-46006 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 nouveau_gem_pushbuf_reloc_apply data authenticity
1 week 2 days ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. Impacted is the function nouveau_gem_pushbuf_reloc_apply. Executing a manipulation can lead to insufficient verification of data authenticity.
This vulnerability is registered as CVE-2026-46006. The attack requires access to the local network. No exploit is available.
The affected component should be upgraded.
vuldb.com
CVE-2026-46007 | Linux Kernel up to 6.12.87/6.18.29/7.0.3 hwmon buffer overflow
1 week 2 days ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.87/6.18.29/7.0.3. The affected element is an unknown function of the component hwmon. The manipulation leads to buffer overflow.
This vulnerability is documented as CVE-2026-46007. The attack requires being on the local network. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-46008 | Linux Kernel up to 7.0.3 damos_walk deadlock
1 week 2 days ago
A vulnerability described as critical has been identified in Linux Kernel up to 7.0.3. The impacted element is the function damos_walk. The manipulation results in deadlock.
This vulnerability is reported as CVE-2026-46008. The attacker must have access to the local network to execute the attack. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-45999 | Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.3 z_erofs_lz4_handle_overlap integer overflow
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.3. It has been rated as critical. This affects the function z_erofs_lz4_handle_overlap. The manipulation leads to integer overflow.
This vulnerability is referenced as CVE-2026-45999. The attack needs to be initiated within the local network. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-46001 | Linux Kernel up to 6.12.85/6.18.26/7.0.3 pt5161l_read_block_data buffer overflow
1 week 2 days ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.85/6.18.26/7.0.3. This impacts the function pt5161l_read_block_data. The manipulation results in buffer overflow.
This vulnerability is identified as CVE-2026-46001. The attack can only be performed from the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-46004 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 Caiaq Driver setup_card use after free (Nessus ID 321065)
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. It has been classified as critical. This affects the function setup_card of the component Caiaq Driver. The manipulation leads to use after free.
This vulnerability is listed as CVE-2026-46004. The attack must be carried out from within the local network. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
Один дрон летит, другой заряжается, третий ждёт своего часа — бронемашины теперь не останутся без глаз ни на секунду
1 week 2 days ago
Экипажу больше не нужно рисковать жизнью за люком — за разведку отвечает рой роботов размером с ладонь.
Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio
1 week 2 days ago
Las Vegas, USA / Nevada, June 16th, 2026, CyberNewswire Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft’s enterprise AI agent platform. The integration, unveiled at Identiverse 2026, gives security teams the tools to manage what Copilot Studio agents can access, under what conditions, and with a […]
The post Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio appeared first on Cyber Security News.
Cybernewswire
【工具】CodeCleaner - 开源代码文件统计和清理工具
1 week 2 days ago
【工具】CodeCleaner - 代码文件统计和清理工具
A case for how to shape ‘ingredient lists’ for AI models
1 week 2 days ago
AI bills of materials (AIBOMs), modeled on standards that worked for software, could transform how policymakers understand and regulate AI. A new roadmap outlines what they need to include and how to get there.
The post A case for how to shape ‘ingredient lists’ for AI models appeared first on CyberScoop.
Tim Starks
SecWiki News 2026-06-16 Review
1 week 2 days ago
今日暂未更新资讯~
更多最新文章,请访问SecWiki
更多最新文章,请访问SecWiki
India temporarily blocks Telegram over medical exam cheating fears
1 week 2 days ago
Authorities said scammers previously exploited the feature by posting fake exam questions before the test and later replacing them with the real questions, making it look like they had leaked the exam in advance.