Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on winning that race. You don't control which bug lands. You control what it can reach once it does. That is a question abo...

Exploit for Improper Access Control in Proftpd

OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-W...

PT-2026-45996

Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the...

PT-2026-46031

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI/P2PDMA component where the p2pmem alloc mmap function triggers a warning condition when CONFIG DEBUG VM is enabled. This occurs because the function uses an...

CVE-2026-36608

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...

CVE-2026-36608

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...

From Attack Simulation to SIEM Rule: Deterministic Detection-As-Code Synthesis with Probe-Level Traceability

Security teams routinely simulate attacks against their own systems to check whether their monitoring would catch a real intruder. These Breach-and-Attack-Simulation BAS tools surface findings, but the security information and event management SIEM systems that watch production need detection rul...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the clk qcom gfx3d module. When determining the GFX3D clock rate, the parent mapping does not...

Linux Distros Unpatched Vulnerability : CVE-2026-46248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif i...

PT-2026-46011

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ath12k wifi driver where a stale link mapping is retained in ahvif-links map. This occurs when an arvif is initialized in non-AP STA mode but MLO connection...

CVE-2026-3871

A buffer overflow vulnerability in the UPnP DeletePortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

CVE-2026-3870

A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

CVE-2026-3871

A buffer overflow vulnerability in the UPnP DeletePortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

CVE-2026-3871

A buffer overflow vulnerability in the UPnP DeletePortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

CVE-2026-3870

A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

CVE-2026-10566 FoundationAgents MetaGPT schema.py Message.check_instruct_content deserialization

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

CVE-2026-10566 FoundationAgents MetaGPT schema.py Message.check_instruct_content deserialization

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

PT-2026-45684

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.check instruct content of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit ha...

Bitdefender Napoca 缓冲区错误漏洞

Bitdefender Napoca is a lightweight Type-1 bare-machine virtual machine monitor developed by Bitdefender as open source. Bitdefender Napoca has a buffer error vulnerability, which stems from an out-of-bounds write in the BIOS INT 0x15/E820 memory mapping processing routine. This vulnerability cou...

NiceGUI 安全漏洞

NiceGUI is an easy-to-use, Python-based UI framework developed under the open source license. Versions of NiceGUI prior to 3.12.0 contained a security vulnerability. This vulnerability stemmed from two FastAPI routes that allowed subpath parameters to be resolved into directories, potentially...