LIVE · REĀLDATI

Globālā kiberdraudu karte

Reāllaika botnet C2 (command-and-control) un globālā skenēšanas/brute-force aktivitāte no atvērtām threat intelligence kopām. Atjauno periodiski.

Avoti: abuse.ch Feodo Tracker · SANS ISC DShield

ⓘ Reāllaika botnet C2 + skenēšanas aktivitātes indikatori no atvērtām threat intelligence kopām. Pēdējais atjauninājums: -

REĀLLAIKĀ · CVE

Top 20 jaunākās ievainojamības

Publicētas CVE ievainojamības no publiskiem avotiem. Atjauno periodiski.

Avots: NVD - National Vulnerability Database (NIST)

CVE-2026-35081 Augsta · 8,1

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input.

CWE-20
CVE-2026-35080 Augsta · 8,1

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

CWE-73
CVE-2026-35079 Augsta · 8,1

The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

CWE-73
CVE-2026-35078 Augsta · 8,1

The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

CWE-73
CVE-2026-35077 Augsta · 8,1

The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

CWE-73
CVE-2026-35076 Augsta · 8,1

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

CWE-73
CVE-2026-35075 Kritiska · 9,8

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.

CWE-1393
CVE-2026-10722 Zema · 3,3

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to in…

CWE-189
CVE-2025-41259 Nav noteikts

SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update.

CWE-367
CVE-2026-47065 Kritiska · 9,8

ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessment: Fully addressed. When the serialised stream contains a TC_PROXYCLASSDESC (the marker for a java.lang.reflect.Proxy ), J…

CWE-502
CVE-2026-41032 Augsta · 7,5

It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information.

CWE-200
CVE-2025-15656 Augsta · 8,8

Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0.

CWE-266
CVE-2025-15655 Augsta · 7,6

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mojoomla School Management allows SQL Injection. This issue affects School Management: from n/a through 93.2.0.

CWE-89
CVE-2025-14774 Augsta · 7,4

Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

CWE-863
CVE-2025-14773 Augsta · 8,0

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

CWE-79
CVE-2025-14772 Augsta · 8,8

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

CWE-639
CVE-2025-14771 Kritiska · 9,9

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

CWE-552
CVE-2026-4035 Augsta · 7,7

A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlle…

CWE-201
CVE-2025-15654 Augsta · 7,1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fox-themes Prague allows Reflected XSS. This issue affects Prague: from n/a through 2.2.8.

CWE-79
CVE-2026-5078 Vidēja · 5,3

Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to the log stream without neutralizing control characters. An unauthenticated attacker can send…

CWE-117

ⓘ Saraksts tiek atjaunināts periodiski no publiskiem CVE avotiem.

REĀLLAIKĀ · TECH NEWS

Top 20 tehnoloģiju ziņas

Populārākās ziņas no globāliem tehnoloģiju, drošības un programmatūras stāstiem. Atjauno periodiski.

Avots: Hacker News

  1. 01
    If Claude Fable stops helping you, you'll never know
    ▲ 185 mips_avatar 💬 79
  2. 02
    Exif Smuggling
    ▲ 31 rolph 💬 14
  3. 03
    Company Will Add Phone, AirPod, and Smartwatch Trackers to ALPRs
    ▲ 49 Cider9986 💬 15
  4. 04
    Upcoming breaking changes for NPM v12
    ▲ 80 plasma 💬 24
  5. 05
    Alpine Linux 3.24.0 Released
    ▲ 89 fossdd 💬 18
  6. 06
    Google's 20% 'project' has become AI's 120% 'attention'
    ▲ 22 scottdbuchanan 💬 2
  7. 07
    Grit: Rewriting Git in Rust with Agents
    ▲ 36 cbrewster 💬 13
  8. 08
    Ultrafast machine learning on FPGAs via Kolmogorov-Arnold Networks
    ▲ 120 ag2718 💬 14
  9. 09
    Brexit Ten Years On: The Economy
    ▲ 39 mooreds 💬 38
  10. 10
    Apple's AI Can Now Change Your Passwords. What Could Possibly Go Wrong?
    ▲ 52 speckx 💬 23
  11. 11
    Ask HN: Are you still using a Vision Pro?
    ▲ 105 y1n0 💬 131
  12. 12
    CEOs Who Think AI Replaces Their Employees Are Just Bad CEOs
    ▲ 275 speckx 💬 120
  13. 13
    GPT-2: Too Dangerous To Release (2019)
    ▲ 229 AbuAssar 💬 85
  14. 14
    Where is the AI jobs crisis?
    ▲ 119 bwestergard 💬 177
  15. 15
    The LD_DEBUG environment variable (2012)
    ▲ 50 tanelpoder 💬 1
  16. 16
    What it feels like to work with Mythos
    ▲ 131 swolpers 💬 121
  17. 17
    Claude Mythos 5 / Fable 5
    ▲ 12 kwar13 💬 1
  18. 18
    System Card: Claude Fable 5 and Claude Mythos 5 [pdf]
    ▲ 202 scrlk 💬 79
  19. 19
    Claude Fable 5
    ▲ 1560 Philpax 💬 1248
  20. 20
    I Think Rutger Bregman and the School for Moral Ambition Are Full of Shit
    ▲ 24 louwrentius 💬 9

ⓘ Saraksts tiek atjaunināts periodiski no publiskiem tehnoloģiju ziņu avotiem.