Aggregator

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Ben Koo (@kiddo_pwn)' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Seiji Sakurai (@HeapSmasher)' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Seiji Sakurai (@HeapSmasher)' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.5 AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Xander Mackenzie | @thetrueartist' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.4 AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Maher Azzouzi' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Brandon Evans of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Seiji Sakurai (@HeapSmasher)' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 's3zer0' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Syed Ibrahim Ahmed of TrendAI Research' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Jacky Yang of TrendAI Research and Syed Ibrahim Ahmed of TrendAI Research' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Syed Ibrahim Ahmed of TrendAI Research' was reported to the affected vendor on: 2026-04-15, 16 days ago. The vendor is given until 2026-08-13 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Заражённые устройства больше не подчиняются командам законного хозяина.

A vulnerability, which was classified as problematic, has been found in PureStorage FlashBlade up to 4.4.8/4.5.13/4.6.3. This impacts an unknown function. The manipulation leads to sensitive information in log files. This vulnerability is referenced as CVE-2026-0207. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability, which was classified as problematic, was found in PureStorage FlashArray up to 6.10.0. Affected is an unknown function. The manipulation results in operator precedence logic error. This vulnerability is identified as CVE-2026-0209. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as critical has been reported in Microsoft Excel 2000/2002/2003/2004/2007. This issue affects some unknown processing of the component Object Reference Handler. This manipulation causes code injection. This vulnerability is handled as CVE-2009-0238. The attack can be initiated remotely. Additionally, an exploit exists.

OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that's specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos. "The progressive use of AI accelerates defenders – those responsible for keeping systems, data, and users safe – enabling them to find and fix problems

GTC 大会上人人都在谈 Agent 和具身智能，但真正让我理解 AI 如何进入物理世界的，是在一台极氪 9X 里发生的两场对话。

Мир впервые увидел изнанку самого закрытого цифрового проекта.

上午在地铁上看 Letters to a young creator，读到里面的一篇，觉得很实用，分享给大家。