Aggregator

A vulnerability labeled as problematic has been found in Apple watchOS. This vulnerability affects unknown code of the component Web Content Handler. Such manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2024-44198. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Apple iOS and iPadOS. It has been rated as critical. This vulnerability affects unknown code of the component Private Browsing Tab Handler. This manipulation causes improper authentication. This vulnerability appears as CVE-2024-44202. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Apple iTunes up to 12.12.2 on Windows. This affects an unknown part. This manipulation causes Local Privilege Escalation. This vulnerability is handled as CVE-2024-44193. It is possible to launch the attack on the local host. Additionally, an exploit exists. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in Istmo Plugins Instant Chat Floating Button for WordPress Websites Plugin up to 1.0.5 on WordPress. This impacts an unknown function. Executing a manipulation can lead to path traversal. This vulnerability is registered as CVE-2024-44018. It is possible to launch the attack remotely. No exploit is available.

A vulnerability marked as critical has been reported in ABCApp Creator Plugin up to 1.1.2 on WordPress. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is documented as CVE-2024-44023. The attack can be initiated remotely. There is not any exploit available.

A vulnerability described as critical has been identified in Condless Cities Shipping Zones for WooCommerce Plugin up to 1.2.7 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation results in path traversal. This vulnerability is reported as CVE-2024-47309. The attack can be launched remotely. No exploit exists.

A vulnerability classified as critical has been found in Martin Greenwood WPSPX Plugin up to 1.0.2 on WordPress. Affected by this issue is some unknown functionality. This manipulation causes path traversal. This vulnerability appears as CVE-2024-44034. The attack may be initiated remotely. There is no available exploit.

A vulnerability identified as problematic has been detected in Bit Apps Bit Form Plugin up to 2.13.10 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is listed as CVE-2024-47319. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as problematic has been found in Salon Booking System Plugin up to 10.9 on WordPress. The impacted element is an unknown function. The manipulation leads to authorization bypass. This vulnerability is documented as CVE-2024-47316. The attack can be initiated remotely. There is not any exploit available.

Представлен первый в мире стандарт защиты от взбесившихся ИИ-агентов.

为提升属地网络直播平台规范治理水平，构建清朗网络直播生态，北京市网信办联合市委宣传部、市市场监管局、市文旅局、市公安局、市广电局、市文化执法总队，共同开展“清朗京华 聚力净播”直播生态治理专项行动。

《智能驾驶网络和数据安全标准化研究》《6G网络内生及边界安全技术与标准化研究》《卫星通信网络安全标准化研究》《工业具身智能安全标准化研究》《智能体安全标准化研究》等5项网络安全标准化技术研究报告

此次征求意见的时间为2026年4月3日至2026年4月19日。

近日，工业和信息化部网络安全威胁和漏洞信息共享平台（NVDB）监测发现，有攻击者利用针对苹果公司终端产品的漏洞利用工具实施网络攻击活动，可导致信息窃取、系统受控等严重危害。

好，我现在需要帮用户总结一篇关于重庆广阳岛飞行器坠落事故的文章，控制在100字以内。首先，我要通读整篇文章，抓住关键信息。 文章提到事故发生的时间是4月4日下午，地点在重庆广阳岛。事故涉及的是固定三角翼飞行器坠落，机上有两人受伤，已经送医治疗。接下来，文旅部门正在核查该项目是否获得核准。现场情况显示天气晴好，游客较多，坠落地点是一个用原木栅栏围起的空地，没有伤到地面人员。视频中显示医护人员正在急救一名伤者，有游客说是儿童受伤，但具体信息还未核实。飞行器是双人座的三角翼，驾驶员和乘客都戴了头盔，并且机身有编号。 现在我需要将这些信息浓缩到100字以内。重点包括时间、地点、事故类型、受伤人数、文旅部门核查、天气情况、坠落地点、急救情况以及飞行器的细节。 可能的结构是：时间地点发生事故，受伤人数已送医，文旅部门正在核查。天气晴好，游客多，坠落在空地未伤及他人。视频显示急救和飞行器细节。 这样组合起来大概可以控制在100字左右。 4月4日下午重庆广阳岛发生固定三角翼飞行器坠落事故,机上两人受伤已送医,文旅部门正核查项目核准情况。事发时天气晴好,岛上游客较多,飞行器坠落在空地未伤及地面人员,视频显示医护人员对伤者实施急救,飞行器为双人座三角翼,机身编号可见。

A vulnerability classified as critical was found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. This vulnerability is registered as CVE-2026-5597. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical has been found in griptape-ai griptape 0.19.4. Affected by this issue is some unknown functionality of the file griptape/tools/sql/tool.py of the component SqlTool. Performing a manipulation results in sql injection. This vulnerability is cataloged as CVE-2026-5596. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability described as critical has been identified in griptape-ai griptape 0.19.4. Affected by this vulnerability is the function load_files_from_disk/list_files_from_disk/save_content_to_file/save_memory_artifacts_to_disk of the component FileManagerTool. Such manipulation leads to path traversal. This vulnerability is listed as CVE-2026-5595. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability marked as critical has been reported in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. This vulnerability is tracked as CVE-2026-5594. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #784465 / VDB-355391