Aggregator

A vulnerability classified as critical has been found in Mozilla Firefox up to 149. This impacts an unknown function of the component Device Interfaces. Performing a manipulation results in memory corruption. This vulnerability is known as CVE-2026-6764. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

Почему римская находка меняет историю Гимна Кэдмона?

A vulnerability was found in cyntler react 1.17.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component TXTRenderer. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2026-30691. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Splunk Enterprise and Cloud Platform and classified as problematic. Affected is an unknown function of the file coldToFrozen.sh of the component splunk_archiver App. The manipulation leads to denial of service. This vulnerability is listed as CVE-2026-20240. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in Splunk AI Toolkit up to 5.7.2. This impacts an unknown function of the file authorize.conf of the component Configuration File Handler. Executing a manipulation can lead to incorrect authorization. This vulnerability is tracked as CVE-2026-20238. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Splunk Enterprise and Cloud Platform. This affects an unknown function. Performing a manipulation results in sensitive information in log files. This vulnerability is identified as CVE-2026-20239. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

In spite of state laws meant to improve cyber hygiene, an analysis of incidents shows issues persist and visibility falls short.

A vulnerability classified as critical has been found in Mozilla Firefox up to 149. The affected element is an unknown function of the component File Handler. This manipulation causes Remote Code Execution. This vulnerability is handled as CVE-2026-6763. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in Mozilla Firefox up to 149. This affects an unknown function of the component HTML Component. Such manipulation leads to an unknown weakness. This vulnerability is traded as CVE-2026-6762. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability described as critical has been identified in Mozilla Firefox up to 149. Impacted is an unknown function of the component Cookies. The manipulation results in Remote Code Execution. This vulnerability is known as CVE-2026-6760. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Mozilla Firefox up to 149. The impacted element is an unknown function of the component Networking. This manipulation causes Remote Code Execution. This vulnerability appears as CVE-2026-6761. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A dangerous new Android malware called DevilNFC has emerged, combining NFC relay attacks with a Kiosk Mode trap that locks victims inside a fake banking screen until their card data is stolen. The malware targets customers across Europe and LATAM with technical precision rarely seen in independently built tools. Unlike previous threats, DevilNFC does not […]

The post DevilNFC Android Malware Uses Kiosk Mode to Trap Victims During NFC Relay Attacks appeared first on Cyber Security News.

Даже натуральные числа оказались слишком сложными для аксиом.

The law mandates that platforms make it easy for people to ask that nonconsensual intimate images be removed and to delete them within 48 hours of a request.

A proof-of-concept (PoC) exploit was published for a new Linux Local Privilege Escalation (LPE) vulnerability dubbed “PinTheft.” Discovered by Aaron Esau of the V12 security team, the flaw allows local attackers to gain root access by exploiting an RDS zerocopy double-free bug. A kernel patch is currently available, prompting the researchers to release their PoC […]

The post PinTheft Linux Vulnerability Let Attackers Gain Root Access – PoC Released appeared first on Cyber Security News.