今日安全资讯(2026-04-29)
- 2Libra
- 3 年房价跌了 100 万,难过 1 会
- codex 登不上了,求招
- 【域名五一活动】折中折 ╮( ̄▽ ̄”“)╭
- 【💰】【投票】大家給 Claude 充值了嗎?
- 【💰】免费构建个人网站,欢迎讨论
- 【💰】如何克服对未来不确定性的恐惧?
- 【💰】推荐一下自己的博客
- 【🔒】4 月最后一次大更新了,隐藏内容扩展新增竞拍选项和一些优化改进
- 【🔒】『羊毛』同时尝试竞拍瑞幸兑换券一张(结合活动送一送一)
- 下了个在线 AI Rapper
- 今日烦躁 1
- 你参与过哪些开源项目吗?分享一下做了哪些贡献。
- 免费方案与商业方案的选择,为什么我选择和推荐使用后者。
- 列表 padding 太窄显得紧凑看得太难受了,用油猴调整了下样式,舒服了
- 好价
- 学生党,有没有平板推荐
- 我该如何在家庭里,不再继续消耗那个最爱我的人
- 所以, Rich 徽章的 50% 概率是有 Bug 吗? @Jimmy
- 是……卡皮巴拉!快来吸
- 每天上班感觉像是在坐牢一样
- 用户名
- 第一次写的 wordpress 主题,看看怎么样?
- 逃不了,跑不掉,怎么办
- 36氪
- 2025年我国全年词元累计调用量达21100万亿,日均调用量呈指数级增长
- 36氪首发 | 主攻氢涡轮增程的全倾转eVTOL,「华喜航空」完成数千万元种子轮融资
- 3名独董全票反对,科创板首现因年报难产触发退市风险
- 89股一季报获券商研报点赞,4月以来平均涨超10%
- 8天预计发送旅客1.58亿人次,铁路 “五一”假期运输今天启动
- 8点1氪丨百度废除字母职级标签;Meta被曝准备撤销对Manus收购;张雪称曾拒绝了半个亿的商务合作
- AI世纪对决开庭,马斯克在OpenAI审判中出庭作证
- A股三大指数午间休盘集体上涨,新能源产业链大涨
- A股三大指数集体低开,五粮液股价跌破100元
- A股三大指数集体收涨
- CoreWeave:OpenAI是“极佳的合作伙伴”,但并非唯一
- LG电子据悉将与英伟达合作,提升物理人工智能能力
- Millennium、挪威主权财富基金据悉参与了宁德时代50亿美元的股票配售
- OpenAI强硬回击增长质疑:一切业务“运转如飞”
- OpenAI预计用户将大幅转向更便宜的ChatGPT套餐
- OpenAI:企业和广告业务正在增长
- OpenRouter发布最新大模型调用量排行榜,混元Hy3 preview登顶
- WorkBuddy正式打通腾讯文档
- “36氪企业全情报”官方股票舆情交流社群,正式开放招募!
- “华喜航空”完成数千万元种子轮融资
- “擎天租”完成数亿元Pre-A轮融资
- 一季度我国海洋经济实现良好开局,生产总值2.6万亿元
- 一季度我国社会物流总额同比增长6.2%
- 一汽解放:一季度净利润9931万元,同比增长241.82%
- 一汽解放:公司半固态电池计划在下一代整车平台中应用
- 万科A:一季度净亏损59.52亿元
- 三六零:一季度净利润1.09亿元,同比扭亏为盈
- 三花智控:一季度净利润9.28亿元,同比增长2.68%
- 世界黄金协会:一季度全球黄金总需求(含场外交易)达1231吨,同比增长2%
- 业绩落地重塑股票估值逻辑,346股获机构首次关注
- 东阳光药H股全流通获批
- 两市融资余额增加1.57亿元
- 中上协:一季度全市场新增首发上市公司30家,首发募资总额258.79亿元
- 中信建投:一季度净利润36.67亿元,同比增长99.03%
- 中信建投:中东有望成为中国物流企业全球化的重要增长极
- 中国中免:一季度净利润23.48亿元,同比增长21.18%
- 中国中车:一季度净利润33.78亿元,同比增长10.66%
- 中国卫通:一季度净利润2684.15万元,同比下降61.9%
- 中国核电:一季度净利润20.64亿元,同比下降34.19%
- 中国石油:一季度净利润483.33亿元,同比增长1.9%
- 中国重汽:一季度净利润4.55亿元,同比增长46.5%
- 中国银河:一季度净利润33.2亿元,同比增长10.09%
- 中国银行:一季度净利润566.31亿元,同比增长4.17%
- 中曼石油:一季度净利润3165.51万元,同比下降86.22%
- 中泰证券:Q1被动基金、北向资金流出银行板块,继续看好银行股稳健性和持续性
- 中远海发:一季度净利润4.13亿元,同比下降14.01%
- 中金公司:一季度净利润35.77亿元,同比增长75.19%
- 乐道L80开启预售
- 云南白药:一季度净利润20.37亿元,同比增长5.31%
- 云天励飞向港交所提交上市申请
- 亚行预计本地区今年通货膨胀率为5.2%
- 亚马逊已在AWS上架多款全新OpenAI产品
- 交通银行:一季度净利润261.62亿元,同比增长3.11%
- 京东方A:一季度净利润17.07亿元,同比增长5.78%
- 人民币兑美元中间价报6.8608,下调19点
- 仪表盘显示故障,克莱斯勒在美召回20271辆汽车
- 伊利股份:一季度净利润53.95亿元,同比增长10.68%
- 传闻拓竹科技存在入股、入主公司相关规划?银禧科技:不属实
- 作为债券市场“天然多头”,多家银行去年在债券投资上遭遇亏损
- 元宝Bot正式接入Hermes Agent
- 兆易创新:一季度净利润14.61亿元,同比增长522.79%
- 兆驰股份:2026年光通信业务将作为公司产业升级的核心战略方向
- 公募基金4月调研近5000次,一季报绩优公司成掘金重点
- 农业银行:一季度净利润751.85亿元,同比增长4.52%
- 创业板指拉升涨超1%
- 创业板指盘中涨超2%
- 券商一季度业绩表现分化,自营业务成胜负手
- 前米哈游高管创业,AI 原生增长 Agent LeapMind Growth 获 CMC 资本领投
- 加州海岸委员会向马斯克和SpaceX致歉,承诺未来监管决策不考虑政治因素
- 北京市场监管局约谈雅迪、爱玛等8家电动自行车企业
- 北京戴纳实验科技股份有限公司向港交所提交上市申请书
- 北方铜业:一季度净利润6.15亿元,同比增长65.74%
- 半日主力资金加仓电力设备股,抛售银行股
- 华尔街各大银行增持美债,持仓量创2007年以来新高
- 华泰证券:储能大单落地,钠电产业趋势强化
- 华菱钢铁:一季度净利润1.98亿元,同比下降64.82%
- 华谊兄弟:公司股票被实施其他风险警示,简称变更为“ST华谊”
- 南京10宗涉宅用地44.88亿元成交,最高溢价率27.75%
- 南方航空:公司及控股子公司拟向空客合计购买137架A320NEO系列飞机
- 厦门士兰集华微电子公司注册资本增至51.1亿元
- 友邦保险据报聘麦肯锡、美世等顾问公司进行全面业务评估
- 双汇发展:预计全年肉制品吨均利润同比可能略降、仍保持在高位
- 可回收火箭密集验证窗口开启,商业航天产业链有望迈入规模化量产元年
- 可孚医疗:一季度净利润1.07亿元,同比增长17.08%
- 台积电旗下子公司出售安谋控股股票,交易金额2.31亿美元
- 吉利汽车:第一季度母公司拥有人应占利润为人民币41.7亿元,同比下降27%
- 同兴科技:一季度净利润1037.34万元,同比下降23.84%
- 商业卫星公司微纳星空完成IPO辅导验收
- 国务院任命证监会有关负责人
- 国家新闻出版署公布2026年4月份国产网络游戏审批信息,共147款游戏获批
- 国家统计局:2026年一季度文化企业实现营业收入35569亿元,比上年同期增长6.4%
- 国投电力:一季度净利润21.18亿元,同比增长1.91%
- 国能哈尔滨热电公司增资至约17.7亿元
- 国资入股,民营银行股权结构持续优化
- 国轩高科旗下江苏新能源科技公司增资至约26.8亿元
- 国金证券:大规模AI集群带动CPO加速,看好产业链公司
- 多地银行加速旗下村镇银行整合重组
- 多家金店品牌金饰克价大幅回落
- 天威视讯:一季度净亏损2154.02万元
- 天风证券:第一季度净利润22.36万元,同比下降99.07%
- 太平洋:一季度净利润2438.14万元,同比下降64.11%
- 央行今日开展259亿元7天期逆回购操作
- 央行北京市分行:一季度北京社会融资规模增量为6488.1亿元
- 央行:一季度末人民币房地产贷款余额51.7万亿元,同比下降3.4%
- 央行:一季度��金融机构人民币各项贷款余额280.51万亿元,同比增长5.7%
- 宁波甬投先导股权投资基金注册成立
- 寒武纪:一季度净利润10.13亿元,同比增长185.04%
- 山东黄金:一季度净利润14.46亿元,同比增长40.87%
- 山西汾酒:一季度净利润53.83亿元,同比下降19.03%
- 工商银行:一季度净利润869.41亿元,同比增长3.31%
- 巴拿马航空宣布订购至多60架波音737 MAX飞机
- 开立医疗:一季度营业收入4.81亿元,同比增长11.79%
- 影石创新2025营收近百亿,新品云台相机将发布
- 徐工汽车据悉考虑香港IPO,拟融资至多5亿美元
- 徐工集团回应徐工汽车被曝筹划港股IPO
- 恒指午间休盘涨1.23%,恒生科技指数涨1.07%
- 恒指开盘涨0.63%,恒生科技指数涨1.07%
- 意大利制药公司Chiesi同意以约19亿美元收购美国上市公司KalVista制药
- 成大生物在上海成立医药科技新公司
- 成都路桥:一季度净利润1347.29万元,同比增长225.3%
- 我国一季度重点钢企营收同比增长1.2%
- 拓普集团:一季度净利润5.52亿元,同比下降2.42%
- 招商证券:一季度净利润32.71亿元,同比增长41.73%
- 掌阅科技:2026年将全面推进AI短剧工业化布局
- 搭载华为智驾,奥迪「6系」电车上市,售价30.98万元起|最前线
- 摩根大通CEO戴蒙再度警告信贷市场风险,称潜在下行恐比预期更为严重
- 擎天租与瑞安办公达成战略合作
- 新希望:因生猪售价下降,一季度亏损8.98亿元
- 新政后首单“H转深A”诞生,越疆科技创业板IPO获受理
- 新易盛:预计今年扩产节奏将加快
- 春秋航空:一季度净利润9.83亿元,同比增长45.15%
- 最前线|未来宇航发布FX锋行系列空间飞行器,切入卫星组网部署与在轨服务市场
- 期货市场交投活跃,上市期货公司首季盈利集体倍增
- 机构今日买入铜冠铜箔等29股,卖出天味食品2.21亿元
- 极米科技:一季度净利润5026.95万元,同比下降19.75%
- 梅赛德斯-奔驰营收利润下滑,但对全年业绩持乐观态度
- 梅赛德斯-奔驰首席财务官:一季度成本削减计划带来近10亿欧元现金回流
- 欧盟《数字市场法》监管范围拟扩大至云服务与AI领域
- 欧盟报告称欧洲升温加速,多项气候指标破纪录
- 武汉聚芯微电子股份有限公司向港交所提交上市申请书
- 比博斯特完成超10亿元B轮融资,智能底盘三轴产品全覆盖|36氪独家
- 毕马威丢失五角大楼合同后,退出美国联邦政府审计业务
- 氪星晚报 |腾讯ima推出全新知识Agent——copilot;魔法原子:目标到2036年营收达140亿美元
- 汇川技术:向香港联交所递交H股发行与上市申请
- 沐曦股份:一季度营收5.62亿元,同比增长75.37%
- 沪指突破4100点整数关口
- 沪深两市成交额突破1万亿
- 沪深两市成交额突破2万亿元
- 泡泡玛特胡健:盈利不是乐园现阶段最重要的事
- 浪潮信息:一季度净利润6.05亿元,同比增长30.74%
- 海航控股:一季度净利润17.25亿元,同比增长533.63%
- 深圳进一步优化调整房地产相关政策
- 深成指涨幅扩大至2%
- 港股IPO热潮中的中资券商:保荐数量与市场份额领跑
- 湖南芒果数智增资至4亿元
- 源杰科技股价创新高
- 滴滴:“五一”异地打车预计较节前上涨56%,租车预订量较去年同期上涨30%
- 热门中概股美股盘前涨跌不一,蔚来涨超4%
- 烽火通信:一季度净利润3839.25万元, 同比下降30.44%
- 片仔癀:一季度净利润7.43亿元,同比下降25.64%
- 特变电工:一季度净利润18.15亿元,同比增长13.4%
- 特斯拉称计划将FSD V14 Lite扩展到国际市场的HW3车辆
- 特朗普将提名麦克马斯特担任主管金融市场的助理财政部长
- 独家对谈|兴辉时代创始人高兴辉,90后小镇女孩离开教培大厂,三年创造2亿GMV的倔强人生
- 瑞幸咖啡:第一季度净营收119.955亿元,同比增长35.3%
- 白云机场:一季度净利润1.68亿元,同比下降43.32%
- 白宫据悉正在研讨恢复与Anthropic合作
- 盛路通信:与银河航天没有合作关系
- 目前我国矿产生产与冶炼加工规模稳居全球首位,2025年全国矿业产值约32.7万亿元
- 社保基金累计结余10.8万亿,耐心资本属性持续凸显
- 章建平退出寒武纪一季报前十大股东行列
- 第20届中国投资年会圆满闭幕! “K型曲线”下,寻找穿越分化的确定性
- 紫光数能海南技术公司注册资本增至1.5亿元
- 纽约市长力促缩减对冲基金和私募股权等公司享受的税项优惠
- 美国联邦通信委员会(FCC)正准备对迪士尼的电视执照进行审查
- 美图RoboNeo升级更新,推出影像创作Agent Teams
- 美股三大指数集体收跌,大型科技股多数下跌
- 美股大型科技股盘前普跌,苹果跌超1%
- 老铺黄金还不是爱马仕
- 联电第一季度营收超预期,下半年将调涨晶圆价格
- 腾讯ima推出全新知识Agent——copilot
- 苏宁易购:第一季度净利润2890.5万元,同比增长60.94%
- 英伟达推出Nemotron 3 Nano Omni模型
- 英伟达斥资1.3亿美元在班加罗尔签订10年租约,扩大印度业务版图
- 英伟达高管将与三星、SK海力士高管会面,洽谈实体人工智能合作事宜
- 英国国王会见黄仁勋等美国科技公司高管
- 苹果计划在iOS 27中借助AI对照片编辑功能进行全面升级
- 蓝焰控股:近期LNG价格上涨对公司经营业绩有一定正向影响
- 衢州发展:一季度净利润3.14亿元,同比下降25.83%
- 谷歌推出可将其他人工智能提供商的人工智能聊天历史记录导入Gemini的工具
- 财达证券:一季度净利润2.53亿元,同比增长114.53%
- 赛力斯:一季度营收257.5亿元,同比增长34.5%
- 赣锋锂业:一季度净利润18.37亿元,同比扭亏为盈
- 邮储银行:一季度净利润257.26亿元,同比增长1.9%
- 重庆啤酒:一季度净利润4.38亿元,同比下降7.4%
- 金龙鱼:一季度净利润14.82亿元,同比增长50.98%
- 铁矿石巨头淡水河谷业绩不及预期,受运营成本压力影响
- 锂电产业链涨势扩大,鹏辉能源等十余股涨停
- 长江电力:一季度净利润67.61亿元,同比增长30.5%
- 长飞光纤:一季度净利润4.95亿元,同比增长226.4%
- 阶跃星辰发布新一代图像生成编辑模型Step Image Edit 2
- 阿克曼旗下潘兴广场通过IPO和配股融资50亿美元
- 阿斯利康中国2026年第一季度总营收19.23亿美元
- 阿联酋宣布将退出欧佩克及“欧佩克+”
- 韩国与卡塔尔官员商讨先进产业投资合作事宜
- 韩国今年将为AI工厂项目提供530亿韩元支持
- 韩国资金涌入,港股硬科技资产受青睐
- 风电产业链业绩分化,“两海”市场成胜负手
- 首席经济学家、债市一姐刘郁卸任华西证券首席经济学家
- 香港交易所:第一季度股东应占溢利51.88亿港元,同比上升27%
- 香港证监会:离岸国债期货准备工作已进入最后阶段,推出时间将适时公布
- 香港迪士尼再度盈利,2025财年净利润5.36亿港元
- 魔法原子:目标到2036年营收达140亿美元
- 404 Media
- Ars Technica
- Bitdefender Labs
- Black Hills Information Security
- daniel.haxx.se
- daringfireball.net
- darkreading
- defend.network
- EFF
- ElcomSoft blog
- experimental-history.com
- gilesthomas.com
- Google AI Blog
- Hacker News Frontpage
- Anthropic Joins the Blender Development Fund as Corporate Patron
- Before GitHub
- BookStack Moves from GitHub to Codeberg
- Coffee with a splash of physics: how to make the most out of your brew
- Cybersec is a thankless job: expanding workload and shrinking pay packet
- Greece to ban anonymity on social media
- HashiCorp co-founder says GitHub 'no longer a place for serious work'
- He asked AI to count carbs 27000 times. It couldn't give the same answer twice
- I Won a Championship That Doesn't Exist
- Laguna XS.2 and M.1
- Show HN: Rip.so – a graveyard for dead internet things
- Soft launch of open-source code platform for government
- Tell HN: An update from the new Tindie team
- Waymo in Portland
- HackerNews
- Signal é’“éąźć´ťĺŠ¨çž„ĺ‡†ĺžˇĺ›˝ĺŽ˜ĺ‘˜ďźŒç–‘äźźäż„ç˝—ć–ŻčĄŒĺŠ¨
- ç ”çŠśäşşĺ‘˜ĺ‘现关锎 GitHub RCE ćźć´žďźšäť…éœ€ä¸€ćŹĄ Git Push ĺłĺŻĺˆŠç”¨
- 靑厢ćŁĺœ¨ĺˆŠç”¨ LiteLLM éŤ˜ĺąé˘„čŽ¤čŻ SQL 注兼ćźć´ž
- 视频ćœĺŠĄ Vimeo 祎莤 Anodot ćł„éœ˛äş‹äťśĺŻźč‡´ç”¨ćˆˇć•°ćŽćš´éœ˛
- 塴輿 LofyGang 团䟙沉寂三嚴ĺŽĺˇĺœŸé‡ćĽďźŒĺ‘辡 Minecraft LofyStealer çŞƒĺ–器洝动
- HackerNoon
- ICT Security Magazine
- IEEE Spectrum
- InfoSec Write-ups - Medium
- infosecurity-magazine.com
- IT Service Management News
- joanwestenberg.com
- johndcook.com
- LoRexxar's Blog
- MIT Technology Review
- Recent Commits to cve:main
- SANS Internet Storm Center, InfoCON: green
- Schneier on Security
- Security Affairs
- shkspr.mobi
- Sploitus.com Exploits RSS Feed
- chrome-exploit-simulator exploit
- Exploit for CVE-2024-8503 exploit
- Exploit for CVE-2026-1306 exploit
- Exploit for CVE-2026-6807 exploit
- Exploit for OS Command Injection in Asustor Data_Master exploit
- ExploitSense exploit
- offensive-security-labs exploit
- Script-for-profile-press-exploit-in-wordpress exploit
- Web-Client-Side-Vulnerabilities-Practical-Exploitation-and-Mitigation exploit
- WP-Plugin-Fuzzer-PoC- exploit
- TechCrunch
- Amazon is already offering new OpenAI products on AWS
- Amazon launches an AI-powered audio Q&A experience on product pages
- At his OpenAI trial, Musk relitigates an old friendship
- Australia forces Big Tech firms to pay for news or face a 2.25% tax
- BMW i Ventures has a new $300M fund and AI is riding shotgun
- Coby Adcock’s Scout AI raises $100 million to train its models for war. We visited its bootcamp.
- Earth AI is vertically integrating the search for critical minerals
- Firestorm Labs raises $82M to take drone factories into the field
- Google expands Pentagon’s access to its AI after Anthropic’s refusal
- Google Translate now lets you practice pronunciation
- How one venture firm is investing in an increasingly fragmented world
- Jack Dorsey-backed Vine reboot Divine launches to the public
- Lovable launches its vibe-coding app on iOS and Android
- Match Group invests $100M in Sniffies, a cruising app for gay men
- Meet Shapes, the app bringing humans and AI into the same group chats
- Paragon is not collaborating with Italian authorities probing spyware attacks, report says
- Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
- US Supreme Court appears split over controversial use of ‘geofence’ search warrants
- text/plain
- The Decoder
- Google rolls out Gemini memory in Europe and wants you to bring your ChatGPT data along
- Here is what an LLM that knows nothing after 1930 thinks our world looks like in 2026
- Musk and Altman face off in court over OpenAI's for-profit pivot
- White House moves to restore Anthropic access after Pentagon standoff
- With Nemotron 3 Nano Omni, Nvidia reveals what really goes into a modern multimodal model
- The Verge
- Apple TV’s new horror series is scarier because it’s also hilarious
- China freezes new robotaxi licenses after Baidu chaos
- Claude can now plug directly into Photoshop, Blender, and Ableton
- Electric air taxis are finally taking flight — just not with passengers
- Elon Musk takes the stand in high-profile trial against OpenAI
- Elon Musk tells the jury that all he wants to do is save humanity
- Former FCC officials want to force a vote on the ‘weapon’ Brendan Carr has invoked against broadcasters
- Google Home makes it easier to understand why devices aren’t working
- Google Translate can now help you with pronunciation
- James Comey indicted over Instagram seashell photo that allegedly threatened Trump
- Larry’s risky business
- Live updates from Elon Musk and Sam Altman’s court battle over the future of OpenAI
- Logitech made a analog and mechanical keyboard in one
- Saros reminded me how great the DualSense can be
- Taylor Swift deepfakes are pushing scams on TikTok
- Taylor Swift is stepping up the legal war on AI copycats
- The latest Kindle Paperwhite drops to its best price all year
- The Nex Playground gaming console is $60 off this week
- The resurrected Commodore 64 is getting a facelift like the original
- You can get dragged into a police investigation by proximity alone — for now
- Your PS5 can now transform into a Linux PC
- VulDB Recent Entries
- CVE-2025-10503 | WSO2 Identity Server up to 7.0.0.87 Authentication Endpoint cross site scripting
- CVE-2025-60887 | Cista up to 0.15 Untrusted Page cista::raw deserialized deserialization
- CVE-2025-67223 | Aranda Service Desk up to 8.3.11 unrestricted upload
- CVE-2026-22740 | Vmware Spring Framework up to 5.3.47/6.1.26/6.2.17/7.0.6 Multipart Request resource consumption
- CVE-2026-27760 | OpenCATS up to 0.9.7.4 AJAX Endpoint config.php define action code injection
- CVE-2026-3325 | CRM Sistemas de Fidelización MegaCMS 12.0.0 POST Request get_provincias id_territorio sql injection
- CVE-2026-4019 | Complianz Plugin up to 7.4.5 on WordPress REST API Endpoint cmplz_rest_consented_content authorization
- CVE-2026-40556 | GNU nano up to 8.x Local Directory Page ~/.local permission assignment
- CVE-2026-40969 | Vmware Spring gRPC up to 1.0.2 Raw Message information exposure
- CVE-2026-41873 | Apache Pony Mail HTTP Request request smuggling
- CVE-2026-42377 | Brainstorm Force SureForms Pro Plugin up to 2.8.0 on WordPress authorization
- CVE-2026-42412 | weDevs WP User Frontend Plugin up to 4.3.1 on WordPress authorization
- CVE-2026-42513 | CDAC-Noida e-Sushrut Hospital Management Information System Server Response improper authentication (CIVN-2026-0207)
- CVE-2026-42514 | CDAC-Noida e-Sushrut Hospital Management Information System API cleartext transmission (CIVN-2026-0207)
- CVE-2026-42515 | CDAC-Noida e-Sushrut Hospital Management Information System API Request authorization (CIVN-2026-0207)
- CVE-2026-42516 | CDAC-Noida e-Sushrut Hospital Management Information System encoded authorization (CIVN-2026-0207)
- CVE-2026-42517 | CDAC-Noida e-Sushrut Hospital Management Information System Base64 Encoding authorization (CIVN-2026-0207)
- CVE-2026-42518 | CDAC-Noida e-Sushrut Hospital Management Information System hard-coded key (CIVN-2026-0207)
- CVE-2026-42641 | ILLID Share This Image Plugin up to 2.14 on WordPress server-side request forgery
- CVE-2026-42642 | StellarWP GiveWP Plugin up to 4.14.5 on WordPress authorization
- CVE-2026-42643 | StellarWP Image Widget Plugin up to 4.4.11 on WordPress cross site scripting
- CVE-2026-42644 | WPDeveloper BetterDocs Plugin up to 4.3.10 on WordPress exposure of sensitive system information to an unauthorized control sphere
- CVE-2026-42645 | Dmitry V. Barcode Scanner with Inventory & Order Manager Plugin cross-site request forgery
- CVE-2026-42646 | Steve Burge TaxoPress Plugin up to 3.44.0 on WordPress sql injection
- CVE-2026-42648 | Brainstorm Force Spectra Plugin up to 2.19.22 on WordPress authorization
- CVE-2026-42652 | wpeverest User Registration Plugin up to 5.1.5 on WordPress cross site scripting
- CVE-2026-7009 | cURL up to 8.19.0 OCSP Stapling certificate validation (51905671e07f087e28e57)
- CVE-2026-7320 | Mozilla Firefox up to 150.0.0 Video information disclosure
- CVE-2026-7322 | Mozilla Firefox up to 150.0.0 memory corruption
- CVE-2026-7322 | Mozilla Thunderbird up to 150.0.0 memory corruption
- CVE-2026-7323 | Mozilla Firefox up to 150.0.0 memory corruption
- CVE-2026-7323 | Mozilla Thunderbird up to 150.0.0 memory corruption
- CVE-2026-7324 | Mozilla Firefox up to 150.0.0 memory corruption
- CVE-2026-7324 | Mozilla Thunderbird up to 150.0.0 memory corruption
- CVE-2026-7333 | Google Chrome up to 147.0.7727.117 GPU use after free (ID 493955)
- CVE-2026-7334 | Google Chrome up to 147.0.7727.117 on macOS Views use after free (ID 496456)
- CVE-2026-7335 | Google Chrome up to 147.0.7727.117 Media use after free (ID 500387)
- CVE-2026-7336 | Google Chrome up to 147.0.7727.117 WebRTC use after free (ID 500767)
- CVE-2026-7337 | Google Chrome up to 147.0.7727.117 V8 type confusion (ID 500880)
- CVE-2026-7339 | Google Chrome up to 147.0.7727.117 WebRTC heap-based overflow (ID 493957)
- CVE-2026-7340 | Google Chrome up to 147.0.7727.117 on Windows ANGLE integer overflow (ID 497896)
- CVE-2026-7341 | Google Chrome up to 147.0.7727.117 WebRTC use after free (ID 504586)
- CVE-2026-7342 | Google Chrome up to 147.0.7727.117 on Android WebView use after free (ID 503889)
- CVE-2026-7343 | Google Chrome up to 147.0.7727.117 on Windows Views use after free (ID 503645)
- CVE-2026-7344 | Google Chrome up to 147.0.7727.117 on Windows Accessibility use after free (ID 503419)
- CVE-2026-7345 | Google Chrome up to 147.0.7727.117 Feedback sandbox (ID 502248)
- CVE-2026-7346 | Google Chrome up to 147.0.7727.117 Tint out-of-bounds write (ID 502206)
- CVE-2026-7347 | Google Chrome up to 147.0.7727.117 Chromoting use after free (ID 501722)
- CVE-2026-7348 | Google Chrome up to 147.0.7727.117 Codecs use after free (ID 500104)
- CVE-2026-7350 | Google Chrome up to 147.0.7727.117 WebMIDI use after free (ID 500018)
- CVE-2026-7352 | Google Chrome up to 147.0.7727.117 on Android Media use after free (ID 499023)
- CVE-2026-7353 | Google Chrome up to 147.0.7727.117 Skia heap-based overflow (ID 498809)
- CVE-2026-7363 | Google Chrome up to 147.0.7727.117 on Linux/ChromeOS Canvas use after free (ID 494352)
- CVE-2026-7384 | ezequiroga mcp-bases research_server.py search_papers topic path traversal
- CVE-2026-7386 | fatbobman mail-mcp-bridge up to 1.3.3 src/mail_mcp_server.py message_ids path traversal
- CVE-2026-7388 | EyouCMS up to 1.7.9 Template File FilemanagerLogic.php editFile code injection (IILDJS)
- CVE-2026-7389 | EyouCMS up to 1.7.9 application/common.php GetSortData sort_asc sql injection (IILFPE)
- CVE-2026-7390 | SourceCodester Pharmacy Sales and Inventory System 1.0 /index.php?page=customer Name cross site scripting
- CVE-2026-7391 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=save_supplier ID sql injection
- CVE-2026-7392 | SourceCodester Pharmacy Sales and Inventory System 1.0 ajax.php?action=delete_supplier ID sql injection
- CVE-2026-7393 | SourceCodester Pizzafy Ecommerce System 1.0 File Extension admin_class_novo.php save_menu img unrestricted upload
- CVE-2026-7394 | SourceCodester Pizzafy Ecommerce System 1.0 GET Parameter /admin/view_order.php ID sql injection
- CVE-2026-7396 | NousResearch hermes-agent 0.8.0 WeChat Work Platform Adapter wecom.py path traversal (Issue 8733)
- CVE-2026-7397 | NousResearch hermes-agent 0.8.0 tools/file_tools.py _check_sensitive_path symlink (Issue 8734)
- CVE-2026-7398 | florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54 Upload Endpoint app.py upload Name path traversal
- CVE-2026-7400 | geekgod382 filesystem-mcp-server 1.0.0 read_file_tool/write_file_tool server.py is_path_allowed path traversal
- CVE-2026-7401 | SourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php?action=register cross site scripting
- CVE-2026-7407 | SourceCodester Pizzafy Ecommerce System 1.0 Setting ajax.php?action=save_settings sql injection
- CVE-2026-7408 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_menu sql injection
- CVE-2026-7409 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_user sql injection
- CVE-2026-7410 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=add_to_cart pid sql injection
- wheresyoured.at
- Wired
- 13 Best Coolers for Sunshine and Nighttime (2026)
- 20% Off LG Promo Code & Coupons | May 2026
- Adidas Adizero Adios Pro Evo 3 Shoe Review: World Record Breaker
- Best Walking Pads for Working From Home (2026)
- Elon Musk Testifies That He Started OpenAI to Prevent a ‘Terminator Outcome’
- Essential Gear for an Emergency Kit—for Cars or Go-Bags
- How AI Could Help Combat Antibiotic Resistance
- OpenAI Really Wants Codex to Shut Up About Goblins
- Smart Cat Collars: Which Is Best for Health and GPS Tracking?
- Sniffies’ Users Worry About a ‘Straightification’ of the Gay Hookup App
- The Justice Department Has Destroyed Its Voting Rights Section
- The UK’s Answer to Darpa Wants to Rewire the Human Brain
- When Robots Have Their ChatGPT Moment, Remember These Pincers
- Which Automatic Litter Box Is Best? We Tested Litter-Robot’s Lineup
- Why Sharing a Screenshot Can Get You Jailed in the UAE
- Your Phone Notifications Reveal More Than You Realize. Here’s How to Lock Them Down
- ‘It’s Undignified’: Hundreds of Workers Training Meta’s AI Could Be Laid Off
- 不安全
- 代码审计星球
- 先知技术社区
- 奇客Solidot–传递最新科技情报
- 安全客
- 爱范儿
- 绿盟科技技术博客
- 量子位 QbitAI
- 黑海洋