Aggregator

Submit #753247 / VDB-344936

Submit #753246 / VDB-321651

Submit #752898 / VDB-316246

A vulnerability, which was classified as critical, was found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/manage_user.php. The manipulation of the argument ID results in sql injection. This vulnerability is cataloged as CVE-2026-2217. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #752829 / VDB-344935

Вещество, из которого состоит панцирь крабов, буквально взломало код вечности.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting   ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia   Analyzing Dead#Vax: Analyzing Multi-Stage VHD […]

本文中引入了MAGIC，这是一种新颖而灵活的自监督的APT检测方法，能够在不同级别的监督下执行多粒度检测。

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Italian university La Sapienza still offline to mitigate recent cyber attack CISA pushes Federal agencies to […]

Currently trending CVE - Hype Score: 6 - TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this ...

Currently trending CVE - Hype Score: 1 - Diagnostics command injection vulnerability

Ученые из Университета Гёте сравнили эффективность MV2 и MV3 в Google Chrome.

Name: BITSCTF 2026 [Postponed] (an BITSCTF event.)
Date: Feb. 6, 2026, 5:30 a.m. — 08 Feb. 2026, 05:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.bitskrieg.in/
Rating weight: 25.54
Event organizers: BITSkrieg

Name: Pragyan CTF 2026 (an Pragyan CTF event.)
Date: Feb. 6, 2026, 1 p.m. — 08 Feb. 2026, 13:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.prgy.in/
Rating weight: 1.84
Event organizers: Pragyan

Name: Nullcon Goa HackIM 2026 CTF (an HackIM event.)
Date: Feb. 7, 2026, 8:30 a.m. — 08 Feb. 2026, 08:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.nullcon.net/
Rating weight: 24.72
Event organizers: ENOFLAG

Name: DUCKERZ CTF 2026 (an DUCKERZ CTF event.)
Date: Feb. 7, 2026, 9 a.m. — 08 Feb. 2026, 09:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://teams.duckerz.ru/
Rating weight: 23.20
Event organizers: DUCKERZ

Name: EncipherX CTF 4.0 (an EncipherX CTF event.)
Date: Feb. 7, 2026, 11 a.m. — 08 Feb. 2026, 11:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://encipherx.in/
Rating weight: 0.00
Event organizers: Phoenixcybersecurity

A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4/6.18-rc1. This affects the function recv. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-40176. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.17.4/6.18-rc1. The impacted element is the function switch_mm_irqs_off. Executing a manipulation can lead to privilege escalation. This vulnerability is tracked as CVE-2025-40174. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.