Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by an integer overflow issue in Skia. This vulnerability could allow remote attackers who have compromised rendering processes to execute a sandbox...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1752)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1752 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes CVE-2026-31449 In the Linux kernel, the following vulnerability has been...

Evolving Skill-Structured Attack Memory Enhances LLM Jailbreaking

Jailbreak attacks on large language models LLMs aim to induce LLMs to produce content that they are expected to refuse. Automated black-box jailbreak generation is especially important for safety evaluation, where the attacker observes only model outputs and needs to automatically search for...

Linux Distros Unpatched Vulnerability : CVE-2026-9541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File...

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2026-1745)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1745 advisory. Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the...

CVE-2026-9606

The vulnerability CVE-2026-9606 affects itsourcecode Courier Management System 1.0, specifically the /manage_user.php component. The root cause is manipulation of the ID parameter that leads to a SQL injection, with remote exploitation confirmed and a public exploit disclosed. The CVSS-based data...

CVE-2026-9606

A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manageuser.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be...

CVE-2026-9604

A vulnerability was detected in JeecgBoot up to 3.9.1. This vulnerability affects unknown code of the component AiragModelController. The manipulation of the argument list/queryById results in improper access controls. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2026-9605 GNU libredwg Dwgbmp Utility bits.c bit_read_RC heap-based overflow

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

CVE-2026-9605

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

EUVD-2026-32023

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

CVE-2026-9605 GNU libredwg Dwgbmp Utility bits.c bit_read_RC heap-based overflow

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

CVE-2026-9605

GNU libredwg up to 0.13.4.8160 has a heap-based buffer overflow in the bit_read_RC function (bits.c) of the Dwgbmp Utility. The flaw can be triggered remotely and an exploit has been published. A patch identified by hash 8f03865f37f5d4ffd616fef802acc980be54d300 is available; applying the patch is...

CVE-2026-9584

A security vulnerability has been detected in code-projects Project Management System 1.0. Affected is an unknown function of the file chk.php of the component Login. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly a...

CVE-2026-9604

A vulnerability was detected in JeecgBoot up to 3.9.1. This vulnerability affects unknown code of the component AiragModelController. The manipulation of the argument list/queryById results in improper access controls. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2026-9604 JeecgBoot AiragModelController access control

A vulnerability was detected in JeecgBoot up to 3.9.1. This vulnerability affects unknown code of the component AiragModelController. The manipulation of the argument list/queryById results in improper access controls. The attack can be executed remotely. The exploit is now public and may be used...

EUVD-2026-32018

A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible. The exploit has...

XSS-PAYLOADS

No d...

CVE-2026-9583

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

CVE-2026-9579

A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument userIdentity results in improper access controls. The attack may be launched remotely. The exploit...