Aggregator

快来注册体验吧~

一文学会技能（Skill）

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

A vulnerability labeled as critical has been found in Linux Kernel up to 6.6.127/6.12.74/6.18.13/6.19.3. This affects the function quotactl_block of the file /dev/sda. Executing a manipulation can lead to infinite loop. This vulnerability is tracked as CVE-2026-45895. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.74/6.18.13/6.19.3. Affected by this vulnerability is an unknown functionality of the component apparmor. Such manipulation leads to privilege escalation. This vulnerability is referenced as CVE-2026-45893. The attack needs to be initiated within the local network. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.129/6.12.74/6.18.13/6.19.3. The affected element is the function ext4_split_extent. Performing a manipulation results in buffer overflow. This vulnerability is identified as CVE-2026-45892. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.74/6.18.13/6.19.3. This impacts the function dma_wmb of the component Intel VT-d Scalable Mode. The manipulation results in information disclosure. This vulnerability is cataloged as CVE-2026-45894. The attack must originate from the local network. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.19.3. It has been declared as critical. The affected element is the function connect of the component Xen Network Interface. Executing a manipulation can lead to denial of service. The identification of this vulnerability is CVE-2026-45890. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.19.3. Affected by this issue is the function hns3_set_ringparam. Performing a manipulation of the argument tx_spare results in double free. This vulnerability is identified as CVE-2026-45891. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.12.74/6.18.13/6.19.3. Affected is the function raid1_run. Such manipulation leads to memory leak. This vulnerability is listed as CVE-2026-45888. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.18.13/6.19.3. This vulnerability affects the function unix_stream_connect. The manipulation results in memory leak. This vulnerability was named CVE-2026-45887. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.18.13/6.19.3. This issue affects the function mptcp_rcvbuf_grow. This manipulation causes race condition. The identification of this vulnerability is CVE-2026-45889. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.19.3 and classified as critical. This affects the function power_supply_changed of the component IRQ Handler. The manipulation results in use after free. This vulnerability is reported as CVE-2026-45885. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.1.164/6.6.127/6.12.74/6.18.13/6.19.3. This affects an unknown part of the component bpf. The manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2026-45886. The attack can only be initiated within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.74/6.18.13/6.19.3. It has been rated as critical. Affected is the function aa_get_buffer of the component apparmor. This manipulation causes buffer overflow. The identification of this vulnerability is CVE-2026-45884. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is advised.

从受限JavaScript沙箱到宿主Java环境的完整攻击链构造与纵深防御

A vulnerability classified as critical has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. This vulnerability is handled as CVE-2026-12186. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

文字来自本人实战经历（已修复）