PT-2026-26178

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and earlier Description SiYuan, a personal knowledge management system, has an incomplete blocklist in its SanitizeSVG function. The function blocks 'data:text/html' and 'data:image/svg+xml' in 'href' attributes but fails...

IBM Concert Software 安全漏洞

IBM Concert Software is an application lifecycle risk identification software from International Business Machines IBM. A security vulnerability exists in IBM Concert Software versions 1.0.0 through 2.0.0 that originates from a remote attacker who can hijack a victim's click-through action...

Can Large Language Models Improve Phishing Defense? A Large-Scale Controlled Experiment on Warning Dialogue Explanations

Phishing has become a prominent risk in modern cybersecurity, often used to bypass technological defences by exploiting predictable human behaviour. Warning dialogues are a standard mitigation measure, but the lack of explanatory clarity and static content limits their effectiveness. In this pape...

AI-supported spear phishing fools more than 50% of targets

One of the first things everyone predicted when artificial intelligence AI became more commonplace was that it would assist cybercriminals in making their phishing campaigns more effective. Now, researchers have conducted a scientific study into the effectiveness of AI supported spear phishing, a...

IBM CICS TX 安全漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. A security vulnerability exists in IBM CICS TX version 11.1, which stems from the presence of a click-through operation that allows a remote attacker to hijack a victim's click-through...

IBM Jazz Team Server 安全漏洞

IBM Jazz Team Server is an application server from IBM USA. provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A security vulnerability exists in IBM Jazz...

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A security vulnerability exists in IBM InfoSphere Information Server that stems from the fact th...

Multiple Siemens Products Input Validation Error Vulnerability (CNVD-2020-23037)

Siemens Scalance X-200 is an industrial Ethernet switch from Siemens, Germany. An input validation error vulnerability exists in multiple Siemens products, which can be exploited by attackers to hijack click-through actions by other users...

CVE-2014-7292

Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 2.1.8102.813, 2.2 2.2.8279.16125, and 2.3 2.3.9074.18820 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to ct.ashx...

Open redirect

Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 2.1.8102.813, 2.2 2.2.8279.16125, and 2.3 2.3.9074.18820 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to ct.ashx...

Newtelligence dasBlog 2.3 Open Redirect

Exploit Title: Newtelligence dasBlog Open Redirect Vulnerability Product: dasBlog Vendor: Newtelligence Vulnerable Versions: 2.3 2.3.9074.18820 2.2 2.2.8279.16125 2.12.1.8102.813 Tested Version: 2.3 2.3.9074.18820 Advisory Publication: OCT 15, 2014 Latest Update: OCT 15, 2014 Vulnerability Type:...

Adobe Flash Patch Guidance Working, Kinda

Mozilla’s move to nudge Firefox users into updating the browser’s Flash Player plug-in has been a phenomenal success with about 10 million users clicking through to the Web page with Adobe’s patch. Mozilla released some brief statistics to track the success of its new program, which serves up a...