最新预警列表

HIGH Cisco PSIRT 2026-07-03

Cisco Catalyst Center Arbitrary File Read Vulnerability

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container.  This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vuln

HIGH Cisco PSIRT 2026-07-03

ClamAV Vulnerabilities Affecting Cisco Products: July 2026

Multiple vulnerabilities in ClamAV could allow a remote attacker to cause a denial of service (DoS) condition, interrupting scanning operations. For more information about these vulnerabilities, see the Details section of this advisory. For additional inf

HIGH Cisco PSIRT 2026-07-03

Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability

A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker wi

HIGH Cisco PSIRT 2026-07-03

Cisco Advance Notification for Publication of July 1, 2026, Security Advisories

On July 1, 2026, the Cisco Product Security Incident Response Team (PSIRT) published the following advisories: Cisco Security Advisory CVE-ID Security Impact Rating CVSS Base Score Cisco Catalyst Center Arbitrary File Read Vulnerability CVE-2026-20191 Hig

HIGH 阿里云 Alibaba Cloud Linux 安全公告 2026-07-03

CVE-2026-46300(Fragnesia)内核漏洞不受影响情况说明

高危CVE修复说明CVE-2026-31431 内核升级修复说明CVE-2026-43284 & CVE-2026-43500 (DirtyFrag)内核漏洞修复说明

HIGH 阿里云 Alibaba Cloud Linux 安全公告 2026-07-03

CVE-2026-43284 & CVE-2026-43500 (DirtyFrag)内核漏洞修复说明

高危CVE修复说明CVE-2026-31431 内核升级修复说明CVE-2026-46300(Fragnesia)内核漏洞不受影响情况说明

HIGH 阿里云 Alibaba Cloud Linux 安全公告 2026-07-03

CVE-2026-31431 内核升级修复说明

高危CVE修复说明CVE-2026-43284 & CVE-2026-43500 (DirtyFrag)内核漏洞修复说明CVE-2026-46300(Fragnesia)内核漏洞不受影响情况说明

HIGH CISA KEV 2026-06-29

CVE-2026-48558:SimpleHelp SimpleHelp Authentication Bypass Vulnerability

SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable config

HIGH CISA KEV 2026-06-25

CVE-2026-20230:Cisco Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write

HIGH CISA KEV 2026-06-25

CVE-2026-12569:PTC PTC Windchill and FlexPLM Improper Input Validation Vulnerability

PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by sending a malicious request to the network.

HIGH openEuler 安全公告 OSV 2026-06-24

CVE-2026-7774:python3 security update

python3 security update

HIGH NVD Recent 2026-06-23

CVE-2025-53114:CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0

CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgeme

HIGH NVD Recent 2026-06-22

CVE-2026-55746:Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to stored Cross-Site Scripting in the Personal File Storage

Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to stored Cross-Site Scripting in the Personal File Storage (PFS) module. A folder title (pff_title) is imported with the 'TXT' filter, which does not strip or encode HTML (the tag check in cot_

HIGH NVD Recent 2026-06-22

CVE-2026-55744:Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage

Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.main.php, the file upload action ('a=upload') processes uploaded files without calling cot_check_x

HIGH NVD Recent 2026-06-22

CVE-2026-55741:Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration configu

Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action ('a=update') processes POST data via cot_config_updat

站内所有资源、漏洞预警、工具与专题内容仅面向企业授权自测、合规研究与安全运维使用。本站不提供可直接用于非法攻击的程序、载荷或黑产平台入口。