Aggregator

美国近半数计划中的数据中心项目推迟或取消

Solidot
3 weeks 6 days ago
由于重要电力设施零部件如变压器、开关和电池短缺,美国近半数计划中的数据中心项目推迟或取消。美国计划在 2026 年新增 12 GW 的数据中心容量,但由于各种问题,只有三分之一的数据中心容量在积极建造中。电力基础设施占数据中心总成本的不到 10%,但它与计算硬件同样重要。由于需求旺盛,美国大功率变压器的交货周期从 2020 年前的 24-30 个月大幅延长到五年甚至更长。对 AI 数据中心而言,这无疑是灾难,因为它们的部署周期通常不到 18 个月。为解决短缺美国公司转向了全球市场,加拿大、墨西哥和韩国成为美国 AI 数据中心大功率变压器的主要供应国。数据显示,截至 2025 年 10 月,美国从中国进口的大功率变压器数量从 2022 年的不到 1500 台增至逾 8000 台。除此之外,中国占美国电池进口的 40% 以上,部分变压器和开关设备的份额接近 30%。

CVE-2026-5566 | UTT HiPER 1250GW up to 3.2.7-210907-180535 /goform/formNatStaticMap strcpy NatBind buffer overflow

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability, which was classified as critical, has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the argument NatBind results in buffer overflow. This vulnerability is known as CVE-2026-5566. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

Trump Budget Proposal Would Cut Hundreds of Millions More From CISA

Security Boulevard
3 weeks 6 days ago

What happened A new federal budget proposal would cut hundreds of millions of dollars more from CISA, sharply reducing funding for the agency’s cybersecurity and critical infrastructure work. The fiscal 2027 proposal would reduce CISA’s total by $707 million, according to the budget summary, though another budget document points to a smaller but still significant […]

The post Trump Budget Proposal Would Cut Hundreds of Millions More From CISA appeared first on CISO Whisperer.

The post Trump Budget Proposal Would Cut Hundreds of Millions More From CISA appeared first on Security Boulevard.

Evan Rowe

CVE-2026-5565 | code-projects Simple Laundry System 1.0 Parameter /delmemberinfo.php userid sql injection

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability classified as critical was found in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. This vulnerability is traded as CVE-2026-5565. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-5564 | code-projects Simple Laundry System 1.0 Parameter /searchguest.php searchServiceId sql injection

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability classified as critical has been found in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. This vulnerability appears as CVE-2026-5564. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

CVE-2026-5563 | AutohomeCorp frostmourne up to 1.0 Alarm Preview previewData httpTest sql injection

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability described as critical has been identified in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manipulation results in sql injection. This vulnerability is reported as CVE-2026-5563. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

CVE-2026-5562 | provectus kafka-ui up to 0.7.2 Endpoint testexecutions validateAccess code injection

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability marked as critical has been reported in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. This vulnerability is documented as CVE-2026-5562. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

Help Net Security
3 weeks 6 days ago

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-35616] to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS 7.4.5 and 7.4.6,” the company stated in a security advisory published on Saturday. About CVE-2026-35616 On Monday, Defused Cyber … More →

The post FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) appeared first on Help Net Security.

Zeljka Zorz

CVE-2026-5561 | Campcodes Complete POS Management and Inventory System up to 4.0.6 Environment Variable SettingsController.php injection

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability labeled as critical has been found in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the component Environment Variable Handler. Executing a manipulation can lead to injection. This vulnerability is registered as CVE-2026-5561. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

Managed ad