最新预警列表

MEDIUM CISA KEV 2026-06-05

CVE-2026-28318:SolarWinds SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability

SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.

CRITICAL CERT/CC VU 2026-06-03

VU#595768: Securly Chrome Extension contains multiple weak encryption and access control vulnerabilities

Overview Version 3.0.7 of the Securly Chrome Extension contains multiple vulnerabilities involving insecure data transmission, weak cryptography, and improper access control. These issues may expose sensitive filtering rules, enable the manipulation of do

MEDIUM Cisco PSIRT 2026-06-03

Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no cus

CRITICAL CERT/CC VU 2026-06-02

VU#615987: Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments

Overview VoLTE deployments on Verizon’s IMS network have operated without negotiated SIP integrity protection. In observed test conditions, SIP signaling—including registration, call setup, and messaging—traveled without IPsec ESP encapsulation and withou

CRITICAL CERT/CC VU 2026-06-02

VU#265691: Appsmiths SQL Query autocomplete renderer contains a cross site scripting vulnerability

Overview A stored cross-site scripting (XSS) vulnerability has been discovered in Appsmith, specifically in the CodeMirror based SQL query editor’s autocomplete renderer. CVE-2026-7299 has been assigned to track the vulnerability. An attacker with develop

CRITICAL CERT/CC VU 2026-06-02

VU#873170: Collibra Agent contains improper authentication and path traversal vulnerabilities

Overview The Collibra Platform Agent contains vulnerabilities that can be chained by a remote, unauthenticated attacker to achieve remote code execution. An attacker can exploit these issues by uploading a crafted ZIP archive that writes attacker-controll

CRITICAL CERT-EU 2026-05-06

2026-006: Critical Vulnerability in PAN-OS

On 6 May 2026, Palo Alto published a security advisory addressing a critical vulnerability affecting PAN-OS. This vulnerability allows an unauthenticated attacker to execute arbitrary code with root privileges. Palo Alto observed limited exploitation of t

HIGH CERT-EU 2026-04-30

2026-005: High Vulnerability in the Linux Kernel ("Copy Fail")

On 29 April 2026, a high local privilege escalation vulnerability in the Linux kernel, tracked as CVE-2026-31431 and named "Copy Fail", was publicly disclosed. The vulnerability affects every mainstream Linux distributions shipping a kernel built since 20

CRITICAL Huawei PSIRT 2026-03-25

Security Advisory - Authentication Bypass Vulnerability in Huawei PC Products

来自官方公开订阅源的近期安全预警,建议结合原文评估影响与修复优先级。

MEDIUM Huawei PSIRT 2026-03-25

Security Advisory - A CGI application vulnerability in Some Huawei Products

来自官方公开订阅源的近期安全预警,建议结合原文评估影响与修复优先级。

CRITICAL CERT-EU 2026-03-25

2026-004: Critical Vulnerability in SharePoint Exploited

On 17 March 2026, Microsoft updated one of its January 2026 security advisories related to a remote code execution vulnerability in Microsoft SharePoint. Specifically, Microsoft raised the CVSS score and changed the FAQ section to indicate that the vulner

MEDIUM CERT-EU 2026-03-23

2026-003: Multiple Vulnerabilities in Citrix NetScaler and Citrix ADC

On 23 March 2026, Citrix published a security advisory addressing multiple vulnerabilities affecting NetScaler ADC and NetScaler Gateway. These vulnerabilities may lead to sensitive information disclosure and user session mix-up under specific configurati

CRITICAL CERT-EU 2026-02-26

2026-002: Multiple Vulnerabilities in Cisco Products

On 25 February 2026, Cisco released security advisories addressing multiple high and critical severity vulnerabilities in Cisco Catalyst SD-WAN controllers and Cisco SD-WAN Manager. If exploited, these vulnerabilities could allow attackers to gain adminis

MEDIUM Huawei PSIRT 2026-02-25

Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'

来自官方公开订阅源的近期安全预警,建议结合原文评估影响与修复优先级。

CRITICAL CERT-EU 2026-01-30

2026-001: Critical vulnerabilities in Ivanti EPMM

On 29 January 2026, Ivanti released a security advisory addressing two critical vulnerabilities in their EPMM products. An attacker could exploit those flaws to achieve unauthenticated remote code execution on the vulnerable device. One of these vulnerabi

站内所有资源、漏洞预警、工具与专题内容仅面向企业授权自测、合规研究与安全运维使用。本站不提供可直接用于非法攻击的程序、载荷或黑产平台入口。