Aggregator

Submit #769864 / VDB-351109

Submit #769858 / VDB-351108

Submit #769857 / VDB-351108

Submit #769856 / VDB-351108

Submit #769855 / VDB-351108

Submit #769854 / VDB-351107

Submit #769853 / VDB-351106

ИИ запускает, IoT усиливает, группы координируются.

A vulnerability described as critical has been identified in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2026-4193. The attack may be launched remotely. Furthermore, there is an exploit available. Restrictive firewalling should be applied.

Submit #769839 / VDB-351105

Submit #769841 / VDB-351105

Submit #769838 / VDB-351105

Submit #769837 / VDB-351105

Submit #769836 / VDB-351105

Submit #769835 / VDB-351105

A vulnerability marked as critical has been reported in wickedplugins Wicked Folders Plugin up to 4.1.0 on WordPress. Impacted is the function delete_folders. This manipulation causes authorization bypass. This vulnerability appears as CVE-2026-1883. The attack may be initiated remotely. There is no available exploit.

A vulnerability labeled as critical has been found in wedevs User Frontend Plugin up to 4.2.8 on WordPress. This issue affects the function draft_post. The manipulation of the argument post_id results in missing authorization. This vulnerability is reported as CVE-2026-2233. The attack can be launched remotely. No exploit exists.

好，我现在要帮用户总结这篇文章的内容。用户的要求是用中文，控制在100字以内，不需要特定的开头，直接写描述。首先，我需要仔细阅读文章内容。 文章讲的是白宫在X平台上发布了一段视频，使用了任天堂游戏“Wii体育”的片段来渲染攻击伊朗的成果。视频中将高尔夫游戏画面和轰炸伊朗军事设施的画面拼接，营造出“一杆进洞”的效果。此外，还用网球、拳击等游戏片段与空袭画面结合。这些内容引发了网友的批评，认为战争和游戏不同，视频令人厌恶。 接下来，我需要提取关键信息：白宫、X平台、任天堂游戏片段、攻击伊朗、渲染成果、视频剪辑、网友批评。然后把这些信息浓缩到100字以内。 可能的结构是：白宫在X上传视频，使用任天堂游戏片段渲染攻击伊朗成果，将游戏画面与轰炸画面拼接，引发批评。 检查字数是否符合要求，并确保没有遗漏重要信息。最终总结应该简洁明了。 白宫在社交平台X上发布了一段约50秒的视频，使用任天堂游戏“Wii体育”片段渲染攻击伊朗的成果。视频将高尔夫等游戏画面与轰炸伊朗军事设施的画面拼接，并配文“不败”。此举引发网友批评称战争与游戏不同。

A vulnerability identified as critical has been detected in webaways NEX-Forms Plugin up to 9.1.9 on WordPress. This vulnerability affects the function submit_nex_form. The manipulation of the argument nf_set_entry_update_id leads to authorization bypass. This vulnerability is documented as CVE-2026-1947. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as problematic has been discovered in GNU Binutils. This affects an unknown part of the component XCOFF Object File Handler. Executing a manipulation can lead to out-of-bounds read. This vulnerability is registered as CVE-2026-3442. The attack needs to be launched locally. No exploit is available.