Aggregator

Anthropic官方模型上下文协议（MCP）中内置的设计缺陷，可能使多达20万台服务器面临完全被黑客接管的风险。

New StorybyVarun JoshibyVarun Joshi@engineervarun0012I am a Senior Data Engineer at AWS, where I bu

Cloudflare裁员超1100人 向AI运营模式转型美国网络安全服务公司 Cloudflare 本周四宣布，将裁减约20%的员工，这是其向“以AI为先的智能体运营模式”转型的一部分。该公司此次裁员

ИИ-чатботы поставили обман на поток.

Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel. Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31431, CVSS score: 7.8), a recently disclosed LPE flaw impacting the Linux kernel that has since come under active exploitation in the wild. The vulnerability was reported to Linux kernel maintainers

Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impactin

在揭晓新款谷歌 Fitbit Air 健身手环面纱的同时，谷歌周四表示，其还将把Fitbit应用更名为Google Health，并推出一项由AI驱动的健康教练订阅服务。利用谷歌的Gemini AI，

A CVSS score 6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N severity vulnerability discovered by 'Aaron Luo at VicOne Inc., LabR7' was reported to the affected vendor on: 2026-05-08, 7 days ago. The vendor is given until 2026-09-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'YJK(@YJK0805) of ZUSO ART' was reported to the affected vendor on: 2026-05-08, 7 days ago. The vendor is given until 2026-09-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Физики экстренно учат нейросети предсказывать фатальную космическую погоду.

A vulnerability described as critical has been identified in lighttpd. The affected element is an unknown function of the file mod_mysql_vhost.c of the component MySQL Virtual Hosting Module. The manipulation results in sql injection. This vulnerability is reported as CVE-2014-2323. The attack can be launched remotely. Moreover, an exploit is present. Upgrading the affected component is recommended.

A vulnerability, which was classified as problematic, has been found in lighttpd. This vulnerability affects unknown code of the component mod_evhost. The manipulation leads to path traversal. This vulnerability is documented as CVE-2014-2324. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Puppetlabs Puppet Dashboard. This issue affects some unknown processing. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2012-0891. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability has been found in Puppetlabs Puppet 2.0.0/2.5.0/2.5.1/2.5.2/2.6.0 and classified as problematic. Impacted is an unknown function. This manipulation causes improper authentication. This vulnerability appears as CVE-2012-5158. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Puppetlabs Puppet up to 2.7.0 and classified as problematic. The affected element is an unknown function. Such manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2013-1398. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Puppetlabs Puppet up to 2.7.0. It has been classified as problematic. The impacted element is an unknown function of the component Administration. Performing a manipulation results in cross-site request forgery. This vulnerability is known as CVE-2013-1399. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability categorized as problematic has been discovered in ownCloud. Affected is an unknown function in the library lib/migrate.php. The manipulation results in incomplete blacklist. This vulnerability was named CVE-2013-1851. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in ownCloud up to 5.0.5 and classified as problematic. This impacts an unknown function. Executing a manipulation can lead to improper access controls. This vulnerability appears as CVE-2013-2048. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability was found in ownCloud. It has been classified as problematic. Affected is an unknown function. The manipulation of the argument dir leads to path traversal. This vulnerability is traded as CVE-2013-2085. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.