Aggregator

A vulnerability was found in MontFerret ferret up to 2.0.0-alpha.3. It has been declared as critical. This affects the function IO::FS::WRITE. Such manipulation leads to path traversal. This vulnerability is referenced as CVE-2026-34783. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. This vulnerability was named CVE-2026-5666. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability marked as problematic has been reported in Feehi CMS 2.1.1. Affected by this vulnerability is an unknown functionality. This manipulation of the argument Content causes cross site scripting. This vulnerability is tracked as CVE-2026-31313. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability labeled as critical has been found in tar. This issue affects some unknown processing of the component Archive Handler. Such manipulation leads to injection. This vulnerability is listed as CVE-2026-5704. The attack may be performed from remote. There is no available exploit.

Теперь авторам масштабных преступлений придётся очень долго оглядываться по сторонам.

Wireless network operators are preparing for a generation of infrastructure where AI is built into the architecture from the start. Sixth-generation networks, expected to reach commercial development over the coming decade, are being designed with AI at the center of how spectrum is allocated, traffic is routed, and failures are detected. A paper by researchers at Harokopio University of Athens examines how different AI techniques map to specific layers of 6G network design, from the … More →

The post 6G network design puts AI at the center of spectrum, routing, and fault management appeared first on Help Net Security.

好的，用户让我总结一篇文章的内容，控制在100字以内，并且不需要特定的开头。首先，我需要理解文章的主要内容。 文章讲的是Suno，一个AI音乐制作工具，正在与环球音乐集团和索尼音乐娱乐谈判授权协议。问题出在用户能否分享他们用AI生成的歌曲。环球希望这些歌曲只能在Suno应用内使用，不能自由传播，而Suno则希望用户能更广泛地分享。 另外，华纳音乐之前起诉过Suno，但后来达成了协议，允许用户使用艺术家的声音等元素。环球还与另一个工具Udio有协议，但禁止下载生成的创作。 总结的时候要抓住关键点：Suno与唱片公司的谈判、分享权限的分歧、华纳的情况以及环球与其他工具的关系。确保在100字以内清晰表达这些信息。 Suno与环球、索尼就AI音乐分享问题谈判未果。环球希望限制AI生成歌曲传播，而Suno支持更广泛分享。华纳已与Suno达成协议允许使用艺术家素材。环球与Udio协议禁止下载AI创作。

シックス・アパート株式会社が提供するMovable Typeには複数の脆弱性が存在します。

A CVSS score 6.5 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L severity vulnerability discovered by 'FuzzOps of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'rgod' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'David Bors (@davidxbors), Catalin Iovita (@cataliniovita)' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.1 AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'p0her' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.1 AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:L severity vulnerability discovered by 'Nicholas Zubrisky (@NZubrisky) of TrendAI Research' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'rgod' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of TrendAI Zero Day Initiative' was reported to the affected vendor on: 2026-04-08, 3 days ago. The vendor is given until 2026-08-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

好，我现在要帮用户总结这篇文章的内容。用户的要求是用中文总结，控制在100字以内，不需要特定的开头，直接写描述。 首先，我通读文章，发现主要讲的是谷歌浏览器新增了垂直标签页功能。这个功能之前其他浏览器已经支持了，但谷歌现在才加入。用户需要升级到最新版才能使用，设置方法简单：进入设置里的外观部分调整标签栏位置到纵向或侧边。另外，还可以折叠侧边栏，只显示图标不显示标题。 接下来，我需要把这些关键点浓缩到100字以内。要注意包括功能名称、操作方法、新增特性以及用户体验的提升。 可能的结构是：先点明功能名称和浏览器版本要求，然后说明如何设置，最后提到折叠功能和用户体验。 比如：“谷歌浏览器最新版新增垂直标签页功能，用户可通过设置调整标签栏位置至纵向或侧边。支持折叠侧边栏仅显示图标，提升多标签浏览体验。” 这样刚好在100字以内，并且涵盖了主要信息。 谷歌浏览器最新版新增垂直标签页功能，用户可通过设置调整标签栏位置至纵向或侧边。支持折叠侧边栏仅显示图标，提升多标签浏览体验。

OpenSSL 3.6.2 patches eight CVEs across a range of components. The project rates the most severe issue in the release as Moderate. What got fixed The release fixes incorrect failure handling in RSA KEM RSASVE encapsulation (CVE-2026-31790) and a loss of key agreement group tuple structure when the DEFAULT keyword is used in server-side configuration of the key-agreement group list (CVE-2026-2673). An out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support (CVE-2026-28386) is also … More →

The post OpenSSL 3.6.2 lands with eight CVE fixes appeared first on Help Net Security.