xiaozhi-mcphub 路径遍历漏洞

xiaozhi-mcphub is an MCP tool bridge and multi-endpoint management tool adapted to Xiaozhi AI platform by Junsen Huang's personal developer. A path traversal vulnerability exists in xiaozhi-mcphub 1.0.3 and earlier versions, which originates from the operation of the parameter manifest.name in th...

PT-2026-39045

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack issue exists in the TCP Authentication Option TCP-AO implementation. The Message Authentication Code MAC comparison was not performed in constant-time, which could allow ...

ROS-20260508-73-0011

A vulnerability in the .NET software platform is related to incorrect handling of a missing special element. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...

PT-2026-39206

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.14.13 Description The code-sandbox component in the AI Agent building platform has insufficient resource isolation and uncontrolled resource consumption. The service uses an application-level soft limit with a 500ms...

PT-2026-39044

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack is possible because Message Authentication Codes MACs are not compared in constant time. This allows an attacker to potentially deduce information by measuring the time t...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a non-constant time for the MAC comparison of tcp-md5, potentially leading to timing attacks...

CLSA-2026-1778142360 jq: Fix of 2 CVEs

CVE-2026-33947: limit path depth in jvsetpath, jvgetpath, and jvdelpaths to prevent stack overflow from deep path arrays - CVE-2026-33948: remove strlen-based length calculation that truncated JSON input at embedded NUL bytes, preventing parser-differential attacks...

CLSA-2026-1778127227 pcp: Fix of 2 CVEs

CVE-2024-45770: guard pmpost against symlink attacks on $PCPLOGDIR/NOTICES - CVE-2024-45769: harden libpcp pmDecodeValueSet to prevent heap corruption from crafted PDUs...

Stego Battlefield: Evaluating Image Steganography Attacks and Steganalysis Defenses

Image steganography is widely used to protect user privacy and enable covert communication. However, it can also be abused by the adversary as a covert channel to bypass content moderation, disseminate harmful semantics, and even hide malicious instructions in images to elicit dangerous outputs...

Hitachi Virtual Storage Platform和Hitachi Virtual Storage Platform One Block 安全漏洞

Hitachi Virtual Storage Platform and Hitachi Virtual Storage Platform One Block are products of Hitachi, a Japanese company. Hitachi Virtual Storage Platform is a series of computer data storage systems used in data centers. Hitachi Virtual Storage Platform One Block is a high-performance block...

DivvyDrive 安全漏洞

DivvyDrive is a file storage and sharing management platform developed by DivvyDrive Inc. in Turkey. Versions of DivvyDrive prior to 4.8.3.2 contained security vulnerabilities. These vulnerabilities stemmed from improper control over modifications to object properties and unlimited resource...

WordPress plugin BEAR 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via the trainerlogin function. An attacker can redirect a user's browser to an external, attacker-controlled URL by supplying a crafted next parameter, potentially exposing sensitive information such as the original URL...

EUVD-2026-27856

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

CVE-2026-20172

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

CVE-2026-20172 Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

CVE-2026-20172

CVE-2026-20172 affects Cisco Enterprise Chat and Email (ECE) Lite Agent file upload functionality. The issue arises from inadequate validation of uploaded file contents, enabling an authenticated user with at least Agent role to upload a file containing malicious scripts/HTML. The application cou...

CVE-2026-20172

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

BIT-JAVA-2024-40896

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...