Aggregator

为遵守美国新规汽车厂商加紧移除中国软件代码

Solidot
4 days 2 hours ago
美国最新规定要求汽车厂商需要向美国政府证明,自 3 月 17 日起,其产品的核心部件不包含在中国、或由中国公司编写的代码。该规定还涵盖高级自动驾驶软件,并将从 2029 年扩大到硬件。此举旨在防止车载摄像头、麦克风和 GPS 追踪系统被外国对手利用,是美国试图与中国供应链脱钩的试金石。汽车创新联盟(Alliance for Automotive Innovation)政策主管 Hilary Cain 表示,这是数十年来最具影响力和复杂性的汽车监管政策之一,需要对供应链进行深入审查,严格遵守合规时间表。

雷神众测漏洞周报2026.2.2-2026.2.8

雷神众测
4 days 2 hours ago
雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章,必须保证此文章的副本,包括版权声明等全部内容。声明雷神众测允许,不得任意修改或增减此文章内容,不得以任何方式将其用于商业目的。

CVE-2026-2242 | janet-lang janet up to 1.40.1 src/core/specials.c janetc_if out-of-bounds (Issue 1700)

VulDB Recent Entries
4 days 2 hours ago
A vulnerability was found in janet-lang janet up to 1.40.1. It has been declared as problematic. This impacts the function janetc_if of the file src/core/specials.c. Executing a manipulation can lead to out-of-bounds read. This vulnerability is registered as CVE-2026-2242. The attack needs to be launched locally. Furthermore, an exploit is available. It is advisable to implement a patch to correct this issue.
vuldb.com

CVE-2026-2241 | janet-lang janet up to 1.40.1 src/core/os.c os_strftime out-of-bounds (Issue 1701)

VulDB Recent Entries
4 days 2 hours ago
A vulnerability was found in janet-lang janet up to 1.40.1. It has been classified as problematic. This affects the function os_strftime of the file src/core/os.c. Performing a manipulation results in out-of-bounds read. This vulnerability is cataloged as CVE-2026-2241. The attack must be initiated from a local position. Furthermore, there is an exploit available. To fix this issue, it is recommended to deploy a patch.
vuldb.com

CVE-2026-2240 | janet-lang janet up to 1.40.1 src/core/compile.c janetc_pop_funcdef out-of-bounds (Issue 1702)

VulDB Recent Entries
4 days 2 hours ago
A vulnerability was found in janet-lang janet up to 1.40.1 and classified as problematic. The impacted element is the function janetc_pop_funcdef of the file src/core/compile.c. Such manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2026-2240. The attack must be carried out locally. In addition, an exploit is available. A patch should be applied to remediate this issue.
vuldb.com

CNVD漏洞周报2026年第5期

CNVD漏洞平台
4 days 2 hours ago
国家信息安全漏洞共享平台(以下简称CNVD)本周共收集、整理信息安全漏洞637个,其中高危漏洞357个、中危漏洞244个、低危漏洞36个。

CVE-2026-25905 | mcp-run-python Pyodide API runPython/runPythonAsync improper isolation or compartmentalization (jfsa-2026-001653)

VulDB Recent Entries
4 days 2 hours ago
A vulnerability, which was classified as problematic, was found in mcp-run-python. Impacted is the function runPython/runPythonAsync of the component Pyodide API. The manipulation results in improper isolation or compartmentalization. This vulnerability is identified as CVE-2026-25905. The attack can be executed remotely. There is not any exploit available.
vuldb.com

Managed ad