Aggregator

A vulnerability classified as problematic has been found in Samsung Samsung Assistant 9.1.00.7. The affected element is an unknown function. The manipulation leads to improper export of android application components. This vulnerability is listed as CVE-2026-20993. The attack must be carried out locally. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Samsung Devices. Impacted is an unknown function. Executing a manipulation can lead to improper authorization. This vulnerability is tracked as CVE-2026-20992. The attack is restricted to local execution. No exploit exists. A patch should be applied to remediate this issue.

A vulnerability marked as critical has been reported in Samsung Devices. This issue affects some unknown processing of the component ThemeManager. Performing a manipulation results in improper privilege management. This vulnerability is identified as CVE-2026-20991. The attack is only possible with local access. There is not any exploit available. It is suggested to install a patch to address this issue.

A vulnerability labeled as critical has been found in Samsung Devices. This vulnerability affects unknown code of the component Secure Folder. Such manipulation leads to improper export of android application components. This vulnerability is referenced as CVE-2026-20990. The attack can only be performed from a local environment. No exploit is available. Applying a patch is advised to resolve this issue.

A vulnerability identified as critical has been detected in Samsung Devices. This affects an unknown part of the component Font Settings. This manipulation causes improper verification of cryptographic signature. The identification of this vulnerability is CVE-2026-20989. It is feasible to perform the attack on the physical device. There is no exploit available. It is recommended to apply a patch to fix this issue.

In this Help Net Security interview, Packsize CSO Troy Rydman breaks down the biggest vulnerabilities in smart factory environments today, from IoT devices and legacy systems to human error. He explains how unmanaged devices, from sensors to robotic components, often go unpatched and become entry points for attackers. Legacy infrastructure is frequently overlooked as organizations move to cloud and SaaS platforms, leaving outdated systems exposed. Employees remain a persistent weak point, not because of negligence, … More →

The post What smart factories keep getting wrong about cybersecurity appeared first on Help Net Security.

A vulnerability categorized as critical has been discovered in Samsung Smart Switch 3.7.64.10/3.7.66.6/3.7.67.2/3.7.68.6. Affected by this issue is some unknown functionality. The manipulation results in path traversal. This vulnerability was named CVE-2026-21005. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Samsung Smart Switch 3.7.64.10/3.7.66.6/3.7.67.2/3.7.68.6. It has been rated as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2026-21004. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability was found in Samsung Smart Switch 3.7.64.10/3.7.66.6/3.7.67.2/3.7.68.6. It has been declared as critical. Affected is an unknown function. Executing a manipulation can lead to authentication bypass by capture-replay. This vulnerability is handled as CVE-2026-20999. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Smart Switch 3.7.64.10/3.7.66.6/3.7.67.2/3.7.68.6. It has been classified as critical. This impacts an unknown function. Performing a manipulation results in improper authentication. This vulnerability is known as CVE-2026-20998. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in Samsung Smart Switch 3.7.64.10/3.7.66.6/3.7.67.2/3.7.68.6 and classified as problematic. This affects an unknown function. Such manipulation leads to improper verification of cryptographic signature. This vulnerability is traded as CVE-2026-20997. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

嗯，用户让我帮忙总结一下这篇文章的内容，控制在100字以内，而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。 首先，我需要仔细阅读文章内容。文章提到谷歌公司计划将Gemini网络应用程序扩展到香港用户。Gemini是一个结合了文字、图像、语音和数据处理能力的人工智能聊天机器人，之前香港的个人账户无法直接登录。现在谷歌宣布逐步扩展到全港用户，并且之后还会覆盖移动应用程序。通过Gemini，用户可以处理日常事务，生成图像、音乐等多媒体内容。不过，谷歌没有说明这次开放的人工智能模型是否是最新版本。 接下来，我要提取关键信息：谷歌扩展Gemini到香港，功能包括处理文字、图像、语音和数据，生成多媒体内容，但未说明是否为最新版本。 然后，按照要求控制在100字以内。我需要简洁明了地表达这些要点。 最后，确保开头不使用特定的模板语句，直接描述内容即可。 谷歌计划将Gemini网络应用逐步扩展至香港用户，该AI工具可处理文字、图像、语音和数据，并生成多媒体内容。

A vulnerability categorized as critical has been discovered in FreeRDP up to 3.23.x. This vulnerability affects the function bitmap_cache_put. Such manipulation of the argument cells[] leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2026-29775. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in FreeRDP up to 3.23.x. This issue affects some unknown processing of the file libfreerdp/codec/dsp.c. Performing a manipulation of the argument size_t results in integer underflow. This vulnerability was named CVE-2026-31883. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

A vulnerability marked as problematic has been reported in FreeRDP up to 3.23.x. The affected element is an unknown function. The manipulation of the argument step_index leads to out-of-bounds read. This vulnerability is referenced as CVE-2026-31885. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability was found in FreeRDP up to 3.23.x. It has been declared as problematic. Affected by this issue is the function freerdp_bitmap_decompress_planar. The manipulation results in out-of-bounds read. This vulnerability is known as CVE-2026-31897. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in FreeRDP up to 3.23.x. It has been classified as problematic. Affected by this vulnerability is an unknown functionality of the file libfreerdp/codec/dsp.c. The manipulation of the argument nBlockAlign leads to divide by zero. This vulnerability is traded as CVE-2026-31884. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability described as problematic has been identified in Erlang OTP. Affected by this issue is some unknown functionality in the library lib/inets/src/http_server/httpd_request.erl of the component RFC 9112. Executing a manipulation of the argument Content-Length can lead to http request smuggling. The identification of this vulnerability is CVE-2026-23941. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.