OmniGen2 代码问题漏洞

OmniGen2 is a model for command-driven image editing, open-sourced by VectorSpaceLab. OmniGen2 has a code vulnerability that stems from insecure pickle deserialization in the reward server component, which may lead to remote code execution...

The New Era of Application Security: Reasoning-Based Agents, Runtime Reality, and Risk Intelligence

Key Takeaways AI reasoning systems improve vulnerability detection in source code, but do not address the full spectrum of application security risk. Modern application security must account for APIs, runtime environments, and externally exposed assets beyond the source repository. Continuous...

Schneider Electric EcoStruxure Foxboro DCS Code Issue Vulnerability

The Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric EcoStruxure Foxboro DCS, which can be exploited by an attacker to cause compromise of...

Spinnaker 代码问题漏洞

Spinnaker is an open-source continuous delivery platform developed by Spinnaker. It is used to release software changes with high speed and confidence. Spinnaker has a code vulnerability that stems from improper handling of underscores when Java URL objects are parsed, which may lead to bypassing...

Tiandy Easy7 Integrated Management Platform 代码问题漏洞

Tiandy Easy7 Integrated Management Platform is a comprehensive video surveillance management platform developed by Tiandy Company in China. The version 7.17.0 of Tiandy Easy7 Integrated Management Platform contains a code vulnerability. This vulnerability stems from the handling of the File...

OpenClaw code issue vulnerability (CNVD-2026-13590)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is a code problem vulnerability , the vulnerability stems from the attachment and media URL hydration exists server-side request forgery , an attacker can use the vulnerability to obtain arbitrary HTTPS URL...

GLPI 代码问题漏洞

GLPI is an open-source IT and asset management software developed by GLPI. This software provides a comprehensive IT resource management interface, allowing you to create databases to manage various IT assets such as computers, monitors, servers, printers, network devices, telephones, and even...

IBM Trusteer Rapport 代码问题漏洞

IBM Trusteer Rapport is a terminal security software developed by IBM Corporation, designed to protect browser sessions. Version 3.5.2309.290 of IBM Trusteer Rapport contains a code vulnerability. This vulnerability stems from an uncontrolled search path element in the DLL, which may allow local...

Fortinet FortiWeb 代码问题漏洞

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

SAP NetWeaver Enterprise Portal Administration 代码问题漏洞

SAP NetWeaver Enterprise Portal Administration is an access control software developed by the German company SAP. There is a code vulnerability in SAP NetWeaver Enterprise Portal Administration. This vulnerability arises from privileged users uploading untrusted or malicious content, which may...

Bytedesk 代码问题漏洞

Bytedesk is a multi-channel intelligent customer service platform developed by the individual developers of bytedesk.com. Versions of Bytedesk 1.3.9 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter apiUrl in the file...

Tiandy Video Surveillance System 代码问题漏洞

Tiandy Video Surveillance System is a video monitoring system developed by Tiandy Company in China. Version 7.17.0 of Tiandy Video Surveillance System has a code vulnerability. This vulnerability stems from incorrect handling of the parameter fileName in the file...

Ubuntu: Security Advisory (USN-8077-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

XXL-JOB 代码问题漏洞

XXL-JOB is a distributed task scheduling platform developed by Xuxueli. Versions of xxl-job 3.3.2 and earlier have code vulnerabilities. These vulnerabilities stem from operations on unknown functions in the JobInfoController.java file, which may lead to server-side request forgery attacks...

Bytedesk 代码问题漏洞

Bytedesk is a multi-channel intelligent customer service platform developed by the individual developers of bytedesk.com. Versions of Bytedesk 1.3.9 and earlier have code vulnerabilities. These vulnerabilities stem from operations related to the uploadFile function in the UploadRestController.jav...

Bytedesk 代码问题漏洞

Bytedesk is a multi-channel intelligent customer service platform developed by the individual developers of bytedesk.com. Versions of Bytedesk 1.3.9 and earlier have code vulnerabilities. These vulnerabilities stem from operations on the handleFileUpload function in the UploadRestService.java fil...

Acronis Cyber Protect 代码问题漏洞

Acronis Cyber Protect is an enterprise-oriented network protection solution developed by the Swiss company Acronis. It combines features such as backup, anti-malware, network security, and endpoint management—including vulnerability assessment, URL filtering, patch management, etc. Acronis Cyber...

EdTv 代码问题漏洞

EdTv is an online video publishing platform operated by EdTv Corporation. Version 2 of EdTv has a code vulnerability; this vulnerability stems from SQL injection in the id parameter within the admin/editsource section, which may allow for the execution of arbitrary SQL queries and the extraction ...

WordPress plugin Keenarch 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin AI Engine 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...