📡 每日漏洞情报简报 2026-05-09
📡 每日漏洞情报简报 — 2026-05-09
📊 共 10 篇 | 🔴 高危 0 | 🆔 CVE 0
📋 漏洞分类汇总
其他 (10)
- That AI Extension Helping You Write Emails? It’s Reading Them First—
- Essential Data Sources for Detection Beyond the Endpoint—
- HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)—
- ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)—
- TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)—
🆕 新增 Semgrep 规则
command_injection_auto_202605090807_1(injection) — os.system() - command injection risk - 来源: That AI Extensioncommand_injection_auto_202605090807_2(injection) — subprocess.run() - check shell parameter - 来源: That AI Extencommand_injection_auto_202605090807_3(injection) — subprocess.Popen() - check shell parameter - 来源: That AI Extcommand_injection_auto_202605090807_4(injection) — os.popen() - command injection risk - 来源: That AI Extensioncommand_injection_auto_202605090807_5(injection) — eval() - code injection risk - 来源: That AI Extension Helpingcommand_injection_auto_202605090807_6(injection) — exec() - code injection risk - 来源: That AI Extension Helping
生成时间: 2026-05-09 08:07:46 | 订阅源: 57 个安全博客 | 仅供技术研究