CISA added CVE-2026-1001 to the Known Exploited Vulnerabilities catalog. Exploitation is observed against internet-facing management interfaces.

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Microsoft released the April 2026 security update covering multiple products including Windows, Office, and Azure. Critical items include an authentication spoofing issue in Identity service.

Ivanti Endpoint Manager Mobile代码注入漏洞

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact The agent-facing `gateway config.patch` / `config.apply` guard did not cover several operator-trusted settings, including sandbox policy, plugin enablement, gateway auth/TLS, hook routing, MCP server configuration, SSRF policy, and filesystem hardening. A promp

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact Bundled MCP and LSP tools could be appended to the agent's effective tool set after the normal tool-policy pipeline had already filtered core tools. If an operator configured a restrictive policy, such as a tool profile, explicit allow/deny list, owner-only too

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact A paired device session with limited pairing scope could enumerate global pairing state and act on pairing requests that belonged to another device within the same gateway scope ceiling. This is a same-gateway paired-device authorization bug, not a remote unau

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact Output from webhook-triggered isolated cron agent runs could be queued into the main session awareness stream without `trusted: false`. That made the event render as a trusted `System:` event instead of an untrusted system event. This is a trust-labeling issue

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact The Control UI assistant-media route authenticated trusted-proxy callers but did not enforce the declared operator scopes for identity-bearing HTTP auth paths. A trusted-proxy caller without `operator.read` could access assistant-media files and metadata that w

### Impact When `n8n-mcp` runs in HTTP transport mode, authenticated MCP `tools/call` requests had their full arguments and JSON-RPC params written to server logs by the request dispatcher and several sibling code paths before any redaction. When a tool call carries credential material — most notably `n8n_manage_credentials.data` — the raw values can be persisted in logs. In deployments where lo

### Impact Two endpoints used to preview an MCP server before saving it — `POST /mcp-rest/test/connection` and `POST /mcp-rest/test/tools/list` — accepted a full server configuration in the request body, including the `command`, `args`, and `env` fields used by the stdio transport. When called with a stdio configuration, the endpoints attempted to connect, which spawned the supplied command as a

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin scope by exploiting improper authorization checks in the chat.send path.

Citrix NetScaler 内存泄漏(CVE-2025-5777)

Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

PLANET VDR-300NU ADSL Router - 未授权修改DNS

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Acknowledgements

### Impact The output of `cilium-bugtool` can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of [WireGuard Transparent Encryption](https://docs.cilium.io/en/stable/security/network/encryption-wireguard/) are affected. The sensitive data is the WireGuard private key (`cilium_wg0.key`) used for node-to-node encrypted communication `

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Apache Camel Camel-Coap component. Apache Camel's camel-coap component is vulnerable to Camel message header injection, leading to remote code execution when routes forward CoAP requests to header-sensitive producers (e.g. camel-exec) The camel-coap component maps incoming CoAP request URI query param

The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component (MailHeaderFilterStrategy) only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilterStartsWith. As a result, when a Camel application consumes mail through camel-mail (for example via from(\"imap://...\")

The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCase(true) call was not applied to five non-HTTP HeaderFilterStrategy implementations: JmsHeaderFilterStrategy and ClassicJmsHeaderFilterStrategy in camel-jms, SjmsHeaderFilte

Firefox browsers

Sign in to Cloud

Sign Up for Free Cloud Tier

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `< 2026.4.20` - Patched version: `2026.4.20` ## Impact Browser profile creation normalized `cdpUrl` values before persisting them, but did not apply the configured browser SSRF policy at creation time. In deployments that explicitly disabled private-network CDP targets, a stored profile could still point at a priva

Browser Use WebUI 反序列化漏洞

iOS 26.4.2 and iPadOS 26.4.2

iOS 18.7.8 and iPadOS 18.7.8

iOS 18.7.7 and iPadOS 18.7.7

iOS 26.4 and iPadOS 26.4

Background Security Improvements for iOS, iPadOS, and macOS

iOS 16.7.15 and iPadOS 16.7.15

iOS 15.8.7 and iPadOS 15.8.7

iOS 26.3 and iPadOS 26.3

iOS 18.7.5 and iPadOS 18.7.5

iOS 26.2 and iPadOS 26.2

iOS 18.7.3 and iPadOS 18.7.3

Compressor 4.11.1

iOS 18.7.2 and iPadOS 18.7.2

iOS 26.1 and iPadOS 26.1

iOS 26.0.1 and iPadOS 26.0.1

iOS 18.7.1 and iPadOS 18.7.1

iOS 26 and iPadOS 26

iOS 18.7 and iPadOS 18.7

iOS 16.7.12 and iPadOS 16.7.12

iOS 15.8.5 and iPadOS 15.8.5

iOS 18.6.2 and iPadOS 18.6.2

Android Code Search

Android Devices

Secure an Android device

Android 16 QPR2

Mobile network security

MFSA 2026-18Security Vulnerabilities fixed in Focus for iOS 148.2

MFSA 2026-12Security Vulnerabilities fixed in Firefox for iOS 147.4

MFSA 2026-09Security Vulnerabilities fixed in Firefox for iOS 147.2.1

## Summary After a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at `/api/notes/{id}`, `/api/notes/{id}/content`, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note ID or the slug path retain access. GORM's soft-delete scope does not reach the raw `JOIN books ...` clauses used by the note and asset queries. ## Details `DELE

### Impact The HTML output format in wlc embeds API response data into HTML without escaping, allowing cross-site scripting when the output is rendered in a browser. ### Patches * https://github.com/WeblateOrg/wlc/pull/1327 ### Workarounds The only vulnerable code path is HTML output which is opt-in. ### References Weblate thanks @fg0x0 for reporting this on GitHub.

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument maxRtrAdvInterval leads to os command injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

A weakness has been identified in BrowserOperator browser-operator-core up to 0.6.0. Affected is the function startsWith of the file scripts/component_server/server.js. Executing a manipulation of the argument request.url can lead to path traversal. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge results in os command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wifiOff results in os command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 2.17.1

Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used.

A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile discovery responses returning localhost. to retarget authenticated browser control toward localhost endpoints and expose browser state.

In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter chain; depend on spring-boot-actuator-autoconfigure; not depend on spring-boot-health. If any of the a

Firewall for AI

Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. [...]

CrowdStrike Named a Leader in Frost & Sullivan 2026 Radar for Cloud-Native Application Protection Platforms

CrowdStrike Expands Real-Time Cloud Detection and Response to Google Cloud

CrowdStrike Falcon Cloud Security Delivered 264% ROI Through Unified Cloud Protection

Security & Identity

SAP on Google Cloud

Inside Google Cloud

Google Cloud Next & Events

Google Cloud Consulting

Transform with Google Cloud

GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use

Threat IntelligenceNorth Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain AttackBy Google Threat Intelligence Group • 16-minute read

Threat IntelligenceRansomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat LandscapeBy Google Threat Intelligence Group • 53-minute read

Google Cloud Products

Cloud & Application Security

From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise

Next-Gen Identity Security

CrowdStrike FalconID Brings Phishing-Resistant MFA to Falcon Next-Gen Identity Security

A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges. [...]

Three seconds of audio is all it takes to clone a voice for fraud. Adaptive Security shows how deepfake calls trick employees into sending real money—and why most defenses don't catch them. [...]

Learn how Microsoft Sentinel UEBA helps defenders distinguish benign AWS activity from attacker behavior by enriching raw CloudTrail logs with clear, binary behavioral signals derived from baseline user, peer, and device behavior patterns. The post Simplifying AWS defense with Microsoft Sentinel UEBA appeared first on Microsoft Security Blog.

Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separation, and long-term evasion strategies. [...]

无人机开源飞控 PX4-Autopilot堆栈溢出漏洞 CVE-2025-15150

MongoDB内存泄漏 CVE-2025-14847(MongoBleed)

1Panel 代理证书验证绕过导致任意命令执行漏洞(CVE-2025-54424)

ModelContext Inspector 未授权访问漏洞(CVE-2025-49596)

llamaindex SQL 注入漏洞(CVE-2025-1750)

Screen 本地权限提升漏洞(CVE-2025-23395)

Craft CMS 验证后模版注入导致远程命令执行漏洞(CVE-2025-46731)

Zabbix认证后SQL注入漏洞(CVE-2024-42327)

ProjectSend认证绕过漏洞(CVE-2024-11680)

PyTorch库RPC框架反序列化RCE漏洞(CVE-2024-48063)

Grafana认证后DuckDB-SQL注入漏洞(CVE-2024-9264)

SPIP BigUp Unauthenticated RCE(CVE-2024-8517)

Rejetto HFS 远程命令执行漏洞(CVE-2024-39943)

Apache HugeGraph-Server Command Execution In Gremlin（CVE-2024-27348）

Zabbix 后台延时注入(CVE-2024-22120)

CrushFTP 认证绕过漏洞（CVE-2024-4040）

### Summary `_clone()` validates `multi_options` as the original list, then executes `shlex.split(" ".join(multi_options))`. A string like `"--branch main --config core.hooksPath=/x"` passes validation (starts with `--branch`), but after split becomes `["--branch", "main", "--config", "core.hooksPath=/x"]`. Git applies the config and executes attacker hooks during clone. ### Details The vulnera

### Impact `@excalidraw/excalidraw@0.18.0` depends on a Mermaid conversion package version that resolves to a Mermaid release affected by CVE-2025-54881 / GHSA-7rqq-prvp-x9jh. User-supplied Mermaid sequence diagram labels could trigger XSS through Mermaid’s KaTeX label rendering path. This is patched in `@excalidraw/excalidraw@0.18.1` by updating `@excalidraw/mermaid-to-excalidraw` to `2.2.2`, w

## Summary There is a timing side-channel vulnerability in Traefik's BasicAuth middleware that allows an attacker to enumerate valid usernames through response-time differences. The variable intended to hold a constant-time fallback secret always resolves to an empty string, causing the constant-time comparison to short-circuit in microseconds rather than performing a full bcrypt evaluation. Thi

Alert for CVE-2026-21992

Alert for CVE-2025-61884

Alert for CVE-2025-61882

Alert for CVE-2024-21287

Alert for CVE-2022-21500

Alert for CVE-2021-44228

大型语言模型在运行时可能表现出各种异常行为，例如训练时注入的后门在触发词下被激活、越狱攻击绕过安全对齐、提示注入覆盖部署者指令。现有的运行时防御通常针对单一威胁，且依赖干净参考模型、触发知识或可编辑权重，这些假设对不透明的第三方模型往往不成立。本文提出层间收敛指纹（Layerwise Convergence Fingerprinting, LCF），一种无需调优的运行时监控方法。LCF将模型的层间隐藏状态轨迹视为健康信号：对每一层间的差异计算对角马氏距离，通过Ledoit-Wolf收缩聚合，并在200个干净样本上使用留一法校准阈值，无需参考模型、触发知识或重新训练。在四个架构（Llama-3-8B、Qwen2.5-7B、Gemma-2-9B、Qwen2.5-14B）上针对后门、越狱和提示注入三类威胁进行评估（56种后门组合、3种越狱技术、BIPIA邮件和代码问答任务），LCF将Qwen2.5-7B和Gemma-2的平均后门攻击成功率降至1%以下，Qwen2.5-14B降至1.3%；检测92-100%的DAN越狱（GCG和角色扮演为62-100%）；在所有（模型、领域）的8个单元格中100%标记文本载荷注入；后门误报率12-16%，推理开销小于0.1%。单个聚合分数即可覆盖全部三类威胁，无需针对具体威胁进行调整，使LCF成为云服务和设备端LLM的通用运行时安全层。

该论文针对大型语言模型（LLM）在多智能体系统（MAS）中集成所带来的安全挑战，提出了一种名为Gammaf（Graph-based Anomaly Monitoring for LLM Multi-Agent systems Framework）的开源基准测试框架。随着LLM增强MAS的协作问题解决能力，攻击面也相应扩大，例如提示感染和智能体间通信泄露等漏洞。虽然基于图的异常检测方法在保护此类网络方面显示出潜力，但领域内缺乏标准化的可复现环境来训练和评估这些模型。Gammaf本身并非新型防御机制，而是一个综合性评估架构，旨在生成合成多智能体交互数据集，并基准测试现有及未来防御模型的性能。框架包含两个相互依赖的流水线：训练数据生成阶段，该阶段通过模拟不同网络拓扑下的辩论，将交互捕获为鲁棒的属性图；以及防御系统基准测试阶段，该阶段在实时推理过程中通过动态隔离标记的对抗节点来主动评估防御模型。论文使用XG-Guard和BlindGuard等防御基线，在MMLU-Pro和GSM8K等多个知识任务上进行了严格评估，证明了Gammaf的高实用性、拓扑可扩展性和执行效率。实验结果表明，为LLM-MAS配备有效的攻击修复不仅能恢复系统完整性，还能通过促进早期共识、切断对抗智能体典型的大量令牌生成，显著降低整体运营成本。这项研究为多智能体系统的安全监控提供了标准化评估工具，适合安全研究人员和AI开发者阅读。

大型语言模型（LLM）的微调能够使其适应特定应用，但高昂的计算成本使得资源受限的组织难以独立完成。云平台可以提供所需资源，但数据隐私问题使得将敏感信息共享给第三方存在风险。分割学习（Split Learning）作为一种有前景的解决方案，将模型划分为客户端和服务器两部分，通过交换中间数据实现协作且安全的训练，从而使资源受限的参与者能够安全地适配LLM。近年来，涌现了大量研究来推进这一范式，提出了多种模型方法、系统优化以及隐私防御-攻击技术。为了理清该领域的发展脉络，本文首次全面综述了针对LLM微调的分割学习。我们提出了一种统一的细粒度训练流水线来定位关键操作组件，并从三个核心维度：模型级优化、系统级效率和隐私保护，对现有工作进行系统回顾。通过这一结构化分类，我们为推进可扩展、鲁棒且安全的协作式LLM适配奠定了基础。本文适合对LLM微调、隐私保护分布式学习感兴趣的研究人员和工程师阅读。

该论文针对审计专有数据语义属性时的隐私与透明矛盾，提出了一种名为“Agentic Witnessing”的框架。传统方法如零知识证明（ZKP）适用于精确代数约束，但难以验证定性、非结构化属性（如代码库中的逻辑）。该框架将验证从可证明执行扩展到可证明推理，由验证者、证明者和审计者三个智能体组成。验证者被允许提出有限数量的简单布尔问题（真/假），审计者（基于大型语言模型LLM）运行在可信执行环境（TEE）中，通过模型上下文协议（MCP）动态检查证明者的私有数据集，产生是/否结论并附加密审计记录：一条签名哈希链，将推理轨迹绑定到原始数据集和TEE的硬件信任根。论文在21篇同行评审计算机科学论文的GitHub代码库上演示了自动化工件评估，例如验证代码库是否实现了论文描述的系统。将源代码视为私有数据，验证了对应出版物中描述的五项高层属性。实验表明，这一TEE驱动的智能体审计机制能有效实现隐私保护监督，将定性验证与数据披露需求解耦。

Industrial Control Systems (ICS) integrate computing, physical processes, and communication to operate critical infrastructures such as power grids, water treatment plants, and oil and gas facilities. As ICS become increasingly targeted by cyberattacks, timely and reliable anomaly diagnosis is essential for protecting operational safety. However, existing ICS anomaly detection approaches face prac

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin scope by exploiting improper authorization checks in the chat.send path.

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description:  In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skip_tls_validation (by default it is disabled) intending to affect only the Prometheus reporter, the undocumented global side effect cr

A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument _INSECURE_NO_AUTH results in missing authentication. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitation is known to

A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function _check_auth of the file gateway/platforms/api_server.py of the component API_SERVER_KEY Handler. The manipulation leads to improper authentication. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit ha

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server (camel-platform-http-main) and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and JWTAuthenticationConfigurer classes derive the authentication path from properties.getPath() when camel.server.authentic

Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse

This update succeeds&#;x26;#;xc2;&#;x26;#;xa0;TeamPCP Supply Chain Campaign Update 007, published April 8, 2026, which left the campaign in credential-monetization mode following the Cisco source code theft via Trivy-linked credentials, Google GTIG&#;x26;#;39;s formal designation of the operators as UNC6780 (with their credential stealer named SANDCLOCK), and the lapsed CISA KEV remediation deadli

A prototype pollution vulnerability affects example-js < 3.5.0. Dependents that merge untrusted input may be impacted.

京ICP证080047号[京ICP备08010314号-6]

京网文〔2020〕6051-1195号

（总）网出证（京）字第281号

京公网安备 11000002002063号

浙公网安备 33010602009975号

【域名注册】关于新网注册商下已备案域名合规规则调整的通知

【口语评测（基础版）】产品退市公告

【邮件推送】关于发信域名升级频率策略调整公告

腾讯云 2026 年五一假期服务公告

【验证码】关于天御验证码停止支持微信小程序插件 V1.0 的公告

http://www.huawei.com/cn/psirt/all-bulletins

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network.

Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.

Background Security Improvements

Get help with security issues

submit your research

update the software on your iPhone or iPad

update the software on your Mac

Latest security bulletins

Latest Compatibility Definition Document (CDD)

Tools, build, and related reference

Compatibility Definition Document (CDD)

Compatibility Test Suite (CTS)

网站安全防护知道创宇十年web安全防护经验，多层安全防护体系结合独有的云端大数据和安全CDN加速，能对黑客恶意发起的诸如DDOS攻击、DNS攻击、CC攻击高效识别和拦截，有效防护您的网站安全不被黑客攻击。

SeebugSeebug 是一个权威的漏洞参考、分享与学习的安全漏洞社区平台，是国内权威的漏洞库，在国内和国际都享有知名度。 目前收录漏洞数量 52206，PoC 数量 44236，十年风雨，感恩白帽子一路相伴！

PocsuitePocsuite 是由知道创宇安全研究团队打造的一款开源的远程漏洞测试框架。它是知道创宇安全研究团队发展的基石，是团队发展至今一直维护的一个项目，保障了我们的 Web安全研究能力的领先。

Paper专业的技术文章，安全经验的积累。Paper 栏目专注于安全技术文章的收录。我们推崇黑客精神，技术分享和热衷解决问题及超越极限，Seebug Paper 期待您的分享。

Cookie settings

Mozilla Monitor

The Mozilla Manifesto

Mozilla Foundation

Accessibility Policy

Create an Account

Instructions for subscribing to email notifications

Product Security Home

Security Bulletins

Priority and Severity Ratings

Newsletter Subscription

Adobe Security Notifications

## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `>= 2026.4.5, < 2026.4.20` - Patched version: `2026.4.20` ## Impact A malicious workspace `.env` could set `MINIMAX_API_HOST` and redirect credentialed MiniMax requests to an attacker-controlled origin, exposing the MiniMax API key in the outbound `Authorization` header. This requires running OpenClaw from an atta

多款Huawei产品DHCP拒绝服务漏洞

Linux kernel "drivers/usb/serial/whiteheat.c" 拒绝服务漏洞

Huawei Enterprise Information Engine SQL注入漏洞

Siemens COMOS 本地提权漏洞

Siemens RuggedCom ROS和ROX设备信息泄露

WL-330NUL远程命令执行漏洞

Tibbo Technology AggreGate远程代码执行漏洞

Symantec Endpoint Protection Manager-RU6-MP3任意操作系统命令执行漏洞

Joomla “Ja-Ka-Filter-And-Search” 组件 SQL 注入漏洞

京公网安备 11010502034610号

【腾讯云代码助手】关于 CodeBuddy、WorkBuddy 计费方案调整的公告

【云安全中心】关于《云安全中心服务条款》及《云安全中心服务等级协议》更新的通知

【安全通告】Xinference 供应链投毒风险通告

【大模型服务平台 TokenHub】服务条款与服务等级协议更新通知

【TDSQL-C MySQL 版】关于首尔二区机房电力异常情况通知

Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.