https://aiblog.0x996.dev/exploit-for-cve-2026-8206-exploit-2/2026-06-04T00:08:53.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-8206-exploit/2026-06-04T00:08:45.000Zhttps://aiblog.0x996.dev/cve-2026-8206-cvss-9-8-the-kirki-freeform-page-builder-website-builder-customizer-plugin-for-wordp/2026-06-04T00:08:35.000Zhttps://aiblog.0x996.dev/2026-06-04-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-93/2026-06-04T00:06:11.000Zhttps://aiblog.0x996.dev/shai-hulud-supply-chain-attack-npm-malware-campaign/2026-06-03T03:01:14.000Zhttps://aiblog.0x996.dev/open-source-vulnerability-trends-2025-github-security/2026-06-03T03:01:01.000Zhttps://aiblog.0x996.dev/cve-2025-48595-android-framework-integer-overflow-vulnerability/2026-06-03T00:07:33.000Zhttps://aiblog.0x996.dev/cve-2022-0492-linux-kernel-improper-authentication-vulnerability/2026-06-03T00:07:23.000Zhttps://aiblog.0x996.dev/cve-2024-21182-oracle-weblogic-server-unspecified-vulnerability/2026-06-03T00:07:10.000Zhttps://aiblog.0x996.dev/2026-06-03-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-101/2026-06-03T00:04:53.000Zhttps://aiblog.0x996.dev/react2dos-cve-2026-23869-flight-protocol-dos-analysis/2026-06-02T03:01:09.000Zhttps://aiblog.0x996.dev/crystalx-rat-prankware-spyware-maas-analysis/2026-06-02T03:00:59.000Zhttps://aiblog.0x996.dev/cve-2026-9082-drupal-core-error-based-sql-injection/2026-06-02T00:08:54.000Zhttps://aiblog.0x996.dev/webapps-wordpress-orderconvo-14-path-traversal/2026-06-02T00:08:07.161Zhttps://aiblog.0x996.dev/exploit-for-cve-2025-10162-exploit/2026-06-02T00:07:48.000Zhttps://aiblog.0x996.dev/cve-2026-48188-cvss-9-1-an-improper-input-validation-vulnerability-in-otrs-or-otrs-community-edition-2/2026-06-02T00:07:16.000Zhttps://aiblog.0x996.dev/cve-2026-48188-cvss-9-1-an-improper-input-validation-vulnerability-in-otrs-or-otrs-community-edition/2026-06-02T00:06:57.000Zhttps://aiblog.0x996.dev/2026-06-02-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-106/2026-06-02T00:04:41.000Zhttps://aiblog.0x996.dev/citrix-netscaler-memory-leak-rxss-cve-2025-12101/2026-06-01T03:00:58.000Zhttps://aiblog.0x996.dev/clipbanker-malware-proxifier-infection-chain-2025/2026-06-01T03:00:48.000Zhttps://aiblog.0x996.dev/cve-2026-35333-strongswan-radius-dae-dos/2026-06-01T00:09:32.000Zhttps://aiblog.0x996.dev/cve-2026-35330-strongswan-simaka-heap-buffer-overflow/2026-06-01T00:08:47.000Zhttps://aiblog.0x996.dev/cve-2026-44376-cubecart-reflected-xss/2026-06-01T00:08:24.000Zhttps://aiblog.0x996.dev/remote-wing-ftp-server-8-1-3-authenticated/2026-06-01T00:08:05.000Zhttps://aiblog.0x996.dev/cve-2026-42471-mixphp-unsafe-deserialization-rce/2026-06-01T00:07:19.000Zhttps://aiblog.0x996.dev/cve-2026-10187-cvss-9-8-a-vulnerability-was-detected-in-totolink-n300rh-6-1c-1353_b20190305-affected-by/2026-06-01T00:06:51.000Zhttps://aiblog.0x996.dev/cve-2026-7465-cvss-8-8-the-spectra-gutenberg-blocks-website-builder-for-the-block-editor-plugin-for-w/2026-06-01T00:06:40.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-7465-exploit/2026-06-01T00:06:30.000Zhttps://aiblog.0x996.dev/2026-06-01-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-95/2026-06-01T00:04:19.000Zhttps://aiblog.0x996.dev/axios-cve-2026-44492-ipv4-mapped-ipv6-proxy-bypass-ssrf/2026-05-31T03:01:45.000Zhttps://aiblog.0x996.dev/axios-1-15-2-patch-bypass-prototype-pollution-proxy-authorization-injection/2026-05-31T03:01:34.000Zhttps://aiblog.0x996.dev/cve-2026-43284-linux-kernel-local-privilege-escalation-page-cache/2026-05-31T00:13:04.000Zhttps://aiblog.0x996.dev/cve-2026-34472-zte-zxhn-h188a-authentication-bypass/2026-05-31T00:12:07.000Zhttps://aiblog.0x996.dev/cve-2026-34473-zte-router-dos-unauthenticated/2026-05-31T00:11:43.000Zhttps://aiblog.0x996.dev/cve-2026-46522-imagemagick-miff-bzip-infinite-loop-dos/2026-05-31T00:11:01.000Zhttps://aiblog.0x996.dev/cve-2026-1830-wordpress-quick-playground-rce/2026-05-31T00:10:23.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-0257-exploit/2026-05-31T00:09:37.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-8732-exploit/2026-05-31T00:09:28.000Zhttps://aiblog.0x996.dev/cve-2026-8732-cvss-9-8-the-wp-maps-pro-plugin-for-wordpress-is-vulnerable-to-privilege-escalation-via-a/2026-05-31T00:09:19.000Zhttps://aiblog.0x996.dev/2026-05-31-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-69/2026-05-31T00:07:11.000Zhttps://aiblog.0x996.dev/axios-prototype-pollution-mitm-cve-2026-44494/2026-05-30T03:00:45.000Zhttps://aiblog.0x996.dev/axios-prototype-pollution-credential-theft-cve-2026-44495/2026-05-30T03:00:33.000Zhttps://aiblog.0x996.dev/cve-2026-0770-langflow-rce-vulnerability-analysis/2026-05-30T00:15:15.000Zhttps://aiblog.0x996.dev/cve-2026-0926-prodigy-commerce-local-file-inclusion/2026-05-30T00:14:41.000Zhttps://aiblog.0x996.dev/cve-2026-44680-mikroorm-sql-injection/2026-05-30T00:14:15.000Zhttps://aiblog.0x996.dev/cve-2026-32202-windows-ntlmv2-hash-capture-lnk/2026-05-30T00:13:51.000Zhttps://aiblog.0x996.dev/local-zte-h298a-h108n-unauthenticated-credential-exposure/2026-05-30T00:12:30.903Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-44596-exploit/2026-05-30T00:11:42.000Zhttps://aiblog.0x996.dev/cve-2026-0257-palo-alto-networks-pan-os-authentication-bypass-vulnerability/2026-05-30T00:10:49.000Zhttps://aiblog.0x996.dev/2026-05-30-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-83/2026-05-30T00:08:05.000Zhttps://aiblog.0x996.dev/http-security-headers-web-applications-defense/2026-05-29T03:00:40.000Zhttps://aiblog.0x996.dev/coruna-framework-operation-triangulation-ios-exploit-kit-analysis/2026-05-29T03:00:28.000Zhttps://aiblog.0x996.dev/opencats-0-9-7-4-sql-injection-blind/2026-05-29T00:09:33.000Zhttps://aiblog.0x996.dev/cve-2026-36355-realtek-rtl819x-local-privilege-escalation/2026-05-29T00:08:59.000Zhttps://aiblog.0x996.dev/cve-2026-36356-meig-forge-slt711-rce/2026-05-29T00:08:09.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-47100-exploit/2026-05-29T00:07:35.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-48710-exploit/2026-05-29T00:07:24.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-48030-exploit/2026-05-29T00:07:14.000Zhttps://aiblog.0x996.dev/2026-05-29-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-90/2026-05-29T00:05:01.000Zhttps://aiblog.0x996.dev/industrial-automation-threat-landscape-q4-2025-kaspersky/2026-05-28T03:01:26.000Zhttps://aiblog.0x996.dev/litellm-supply-chain-attack-analysis-2026/2026-05-28T03:01:11.000Zhttps://aiblog.0x996.dev/cve-2026-44262-scramble-rce-extract-eval/2026-05-28T00:11:32.000Zhttps://aiblog.0x996.dev/webapps-espocrm-9-3-3-ssrf/2026-05-28T00:10:39.000Zhttps://aiblog.0x996.dev/webapps-casdoor-3-54-1-arbitrary-file-write/2026-05-28T00:09:58.000Zhttps://aiblog.0x996.dev/cve-2026-43284-cve-2026-43500-linux-kernel-local-privilege-escalation/2026-05-28T00:09:20.000Zhttps://aiblog.0x996.dev/dlink-dsl2600u-rom0-password-disclosure/2026-05-28T00:08:02.000Zhttps://aiblog.0x996.dev/cve-2026-8398-daemon-tools-lite-embedded-malicious-code-vulnerability/2026-05-28T00:07:32.000Zhttps://aiblog.0x996.dev/cve-2026-45321-tanstack-unspecified-vulnerability/2026-05-28T00:07:21.000Zhttps://aiblog.0x996.dev/cve-2026-48027-nx-console-embedded-malicious-code-vulnerability/2026-05-28T00:07:08.000Zhttps://aiblog.0x996.dev/community-powered-security-with-ai-an-open-source-framework-for-security-research/2026-05-28T00:05:14.000Zhttps://aiblog.0x996.dev/2026-05-28-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-90/2026-05-28T00:04:56.000Zhttps://aiblog.0x996.dev/frontier-ai-models-software-security-risks-unit42/2026-05-27T03:01:04.000Zhttps://aiblog.0x996.dev/apache-http-server-mod-http2-double-free-dos-cve-2026-23918/2026-05-27T03:00:50.000Zhttps://aiblog.0x996.dev/cve-2026-31431-linux-kernel-local-privilege-escalation-aead-algif-analysis/2026-05-27T00:15:37.000Zhttps://aiblog.0x996.dev/cve-2026-41940-cpanel-crlf-injection-authentication-bypass/2026-05-27T00:13:55.000Zhttps://aiblog.0x996.dev/cve-2026-7567-wordpress-temporary-login-auth-bypass/2026-05-27T00:13:33.000Zhttps://aiblog.0x996.dev/cve-2026-23918-apache-http-server-double-free-dos/2026-05-27T00:13:03.000Zhttps://aiblog.0x996.dev/cve-2026-42607-grav-cms-zip-slip-rce/2026-05-27T00:11:26.000Zhttps://aiblog.0x996.dev/cve-2026-9405-cvss-9-8-a-security-flaw-has-been-discovered-in-totolink-a8000ru-7-1cu-643_b20200521-thi/2026-05-27T00:10:25.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-33137-exploit/2026-05-27T00:10:15.000Zhttps://aiblog.0x996.dev/cve-2026-48172-litespeed-cpanel-plugin-privilege-escalation-vulnerability/2026-05-27T00:10:05.000Zhttps://aiblog.0x996.dev/2026-05-27-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-64/2026-05-27T00:08:01.000Zhttps://aiblog.0x996.dev/fortiweb-auth-bypass-cve-2025-64446-analysis/2026-05-26T03:00:53.000Zhttps://aiblog.0x996.dev/aws-bedrock-agentcore-iam-god-mode-attack-chain/2026-05-26T03:00:41.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-0926-exploit-2/2026-05-26T00:08:20.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-0926-exploit/2026-05-26T00:08:06.000Zhttps://aiblog.0x996.dev/2026-05-26-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-76/2026-05-26T00:06:05.000Zhttps://aiblog.0x996.dev/axios-supply-chain-attack-ai-monitoring/2026-05-25T03:01:19.000Zhttps://aiblog.0x996.dev/ivanti-epmm-pre-auth-rce-cve-2026-1281-cve-2026-1340-analysis/2026-05-25T03:01:05.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-9018-exploit/2026-05-25T00:07:10.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-23813-exploit/2026-05-25T00:07:00.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2025-13673-exploit/2026-05-25T00:06:50.000Zhttps://aiblog.0x996.dev/2026-05-25-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-87/2026-05-25T00:04:18.000Zhttps://aiblog.0x996.dev/juniper-junos-evolved-cve-2026-21902-pre-auth-rce-analysis/2026-05-24T03:01:24.000Zhttps://aiblog.0x996.dev/teampcp-supply-chain-checkmarx-bitwarden-xinference-april-2026/2026-05-24T03:01:12.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-6279-exploit/2026-05-24T00:09:40.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-6960-exploit/2026-05-24T00:09:30.000Zhttps://aiblog.0x996.dev/cve-2026-6960-cvss-9-8-the-bookingpress-pro-plugin-for-wordpress-is-vulnerable-to-arbitrary-file-upload/2026-05-24T00:09:18.000Zhttps://aiblog.0x996.dev/firefox-bug-cve-2026-6770-enabled-cross-site-tracking-and-tor-fingerprinting/2026-05-24T00:08:04.000Zhttps://aiblog.0x996.dev/cve-2026-5118-cvss-9-8-the-divi-form-builder-plugin-for-wordpress-is-vulnerable-to-privilege-escalation/2026-05-23T16:46:31.000Zhttps://aiblog.0x996.dev/cve-2026-6279-cvss-9-8-the-avada-builder-fusion-builder-plugin-for-wordpress-is-vulnerable-to-unauthe/2026-05-23T16:46:20.000Zhttps://aiblog.0x996.dev/cve-2026-9082-drupal-core-sql-injection-vulnerability/2026-05-23T16:46:07.000Zhttps://aiblog.0x996.dev/api-security-for-ai-agents-why-protection-has-never-been-more-important/2026-05-23T16:44:11.000Zhttps://aiblog.0x996.dev/article-925/2026-05-23T16:44:02.000Zhttps://aiblog.0x996.dev/2026-05-24-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-114/2026-05-23T16:43:01.000Zhttps://aiblog.0x996.dev/telegram-tdata-credential-harvesting-honeypot/2026-05-23T16:38:26.000Zhttps://aiblog.0x996.dev/teampcp-supply-chain-attack-checkmarx-bitwarden-xinference-canistersprawl-2026/2026-05-23T16:38:13.000Zhttps://aiblog.0x996.dev/your-ueba-is-lying-to-you-why-entity-record-quality-decides-everything/2026-05-23T00:05:32.000Zhttps://aiblog.0x996.dev/2026-05-23-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-102/2026-05-23T00:05:10.000Zhttps://aiblog.0x996.dev/janelarat-financial-trojan-latin-america-analysis/2026-05-22T17:31:18.000Zhttps://aiblog.0x996.dev/xi-tong-ce-shi/2026-05-22T17:31:01.000Zhttps://aiblog.0x996.dev/2025jin-rong-wei-xie-shen-du-pou-xi-diao-yu-zhuan-xiang-dian-shang-yu-shu-zi-fu-wu-qie-mi-ruan-jian-cheng-he-xin-qu-dong/2026-05-22T17:30:51.613Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-20223-exploit/2026-05-22T14:02:13.000Zhttps://aiblog.0x996.dev/cve-2026-41091-microsoft-defender-link-following-vulnerability-2/2026-05-22T14:02:00.000Zhttps://aiblog.0x996.dev/cve-2026-41091-microsoft-defender-link-following-vulnerability/2026-05-22T14:01:43.000Zhttps://aiblog.0x996.dev/cve-2026-20223-cvss-10-0-a-vulnerability-in-the-nbsp-access-validation-of-internal-rest-apis-of-cisco-sec/2026-05-22T14:01:27.000Zhttps://aiblog.0x996.dev/microsoft-fixes-entra-id-flaw-enabling-privilege-escalation/2026-05-22T13:59:37.000Zhttps://aiblog.0x996.dev/citrix-netscalerzai-pu-nei-cun-chao-du-lou-dong-cve-2026-3055-yi-zao-zai-ye-li-yong/2026-05-22T13:53:02.000Zhttps://aiblog.0x996.dev/smartermailyu-shou-quan-rcelou-dong-cve-2025-52691-10fen-lou-dong-de-jing-mo-xiu-fu-yu-li-yong-fen-xi/2026-05-22T13:52:52.000Zhttps://aiblog.0x996.dev/app-storeliang-xian-fakewallet-er-shi-yu-kuan-diao-yu-ying-yong-qie-qu-jia-mi-huo-bi/2026-05-22T03:00:56.000Zhttps://aiblog.0x996.dev/teampcpgong-ying-lian-gong-ji-zhong-qi-26tian-chen-ji-hou-san-lu-bing-fa-checkmarx-bitwarden-xinferencelun-xian/2026-05-22T03:00:46.000Zhttps://aiblog.0x996.dev/webapps-fuxa-1-2-9-rce/2026-05-22T00:14:18.000Zhttps://aiblog.0x996.dev/webapps-solaredge-csrf-oob-injection/2026-05-22T00:13:07.000Zhttps://aiblog.0x996.dev/local-lenovo-legionspace-1-7-11-2-daservice-unquoted-service-path/2026-05-22T00:12:09.000Zhttps://aiblog.0x996.dev/webapps-bookstack-25-12-1-denial-of-service/2026-05-22T00:11:24.000Zhttps://aiblog.0x996.dev/webapps-cockpit-359-rce/2026-05-22T00:10:34.000Zhttps://aiblog.0x996.dev/cve-2026-34926-trend-micro-apex-one-on-premise-directory-traversal-vulnerability/2026-05-22T00:09:54.000Zhttps://aiblog.0x996.dev/cve-2025-34291-langflow-origin-validation-error-vulnerability/2026-05-22T00:09:44.000Zhttps://aiblog.0x996.dev/cve-2026-4885-cvss-9-8-the-piotnet-addons-for-elementor-pro-plugin-for-wordpress-is-vulnerable-to-arbit/2026-05-22T00:09:35.000Zhttps://aiblog.0x996.dev/http-requests-with-x-vercel-set-bypass-cookie-header-tue-apr-28th/2026-05-22T00:09:19.000Zhttps://aiblog.0x996.dev/teampcp-supply-chain-campaign-update-008-26-day-pause-ends-with-three-concurrent-compromises-checkmarx-kics-bitwarden-cli-cascade-xinference-pypi-canistersprawl-npm-worm-identified-and-/2026-05-22T00:09:16.000Zhttps://aiblog.0x996.dev/apple-patches-exploited-notification-flaw-thu-apr-23rd/2026-05-22T00:09:15.000Zhttps://aiblog.0x996.dev/a-wav-with-a-payload-tue-apr-21st/2026-05-22T00:08:20.000Zhttps://aiblog.0x996.dev/new-android-spyware-morpheus-linked-to-italian-surveillance-firm/2026-05-22T00:08:17.000Zhttps://aiblog.0x996.dev/linkedin-browsergate/2026-05-22T00:08:13.000Zhttps://aiblog.0x996.dev/fast16-pre-stuxnet-malware-that-targeted-precision-engineering-software/2026-05-22T00:08:10.000Zhttps://aiblog.0x996.dev/2026-05-22-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-96/2026-05-22T00:07:20.000Zhttps://aiblog.0x996.dev/citrix-netscalerzai-pu-nei-cun-yue-jie-lou-dong-saml-idppei-zhi-xia-de-zhi-ming-shang/2026-05-21T03:00:51.000Zhttps://aiblog.0x996.dev/axiosgong-ying-lian-gong-ji-shen-du-fen-xi-zhao-xian-hei-ke-zhi-ru-kua-ping-tai-rat-bo-ji-quan-qiu-duo-xing-ye/2026-05-21T03:00:41.000Zhttps://aiblog.0x996.dev/local-remote-sunrise-helper-for-windows-2026-14-remote-code-execution/2026-05-21T00:12:13.000Zhttps://aiblog.0x996.dev/local-remote-sunrise-helper-for-windows-2026-14-unauthenticated-file-directory-listing/2026-05-21T00:11:35.000Zhttps://aiblog.0x996.dev/local-windows-snipping-tool-ntlmv2-hash-hijack/2026-05-21T00:11:03.000Zhttps://aiblog.0x996.dev/webapps-pjproject-2-16-heap-bufferoverflow/2026-05-21T00:10:15.000Zhttps://aiblog.0x996.dev/webapps-epati-antikor-ngfw-2-0-1301-authentication-bypass/2026-05-21T00:09:43.000Zhttps://aiblog.0x996.dev/cve-2009-3459-adobe-acrobat-and-reader-heap-based-buffer-overflow-vulnerability/2026-05-21T00:09:15.000Zhttps://aiblog.0x996.dev/cve-2009-1537-microsoft-directx-null-byte-overwrite-vulnerability/2026-05-21T00:09:07.000Zhttps://aiblog.0x996.dev/cve-2008-4250-microsoft-windows-buffer-overflow-vulnerability/2026-05-21T00:08:58.000Zhttps://aiblog.0x996.dev/italy-moves-to-extradite-chinese-national-to-the-u-s-over-hacking-charges/2026-05-21T00:08:42.000Zhttps://aiblog.0x996.dev/frontier-ai-and-the-future-of-defense-your-top-questions-answered/2026-05-21T00:08:32.000Zhttps://aiblog.0x996.dev/fracturing-software-security-with-frontier-ai-models/2026-05-21T00:08:31.000Zhttps://aiblog.0x996.dev/threat-brief-escalation-of-cyber-risk-related-to-iran-updated-april-17/2026-05-21T00:08:28.000Zhttps://aiblog.0x996.dev/understanding-current-threats-to-kubernetes-environments/2026-05-21T00:07:42.000Zhttps://aiblog.0x996.dev/progress-sharefilepu-xin-lou-dong-ke-zu-he-shi-xian-wei-ren-zheng-yuan-cheng-dai-ma-zhi-xing/2026-05-21T00:07:37.000Zhttps://aiblog.0x996.dev/dfir-from-alert-to-root-cause-using-osquery-without-leaving-elastic-security/2026-05-21T00:07:15.000Zhttps://aiblog.0x996.dev/detecting-web-server-probing-fuzzing-in-traefik-with-automated-cloudflare-response/2026-05-21T00:07:06.000Zhttps://aiblog.0x996.dev/2026-05-21-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-99/2026-05-21T00:06:48.000Zhttps://aiblog.0x996.dev/wi-fijia-mi-xing-tong-xu-she-airsnitchgong-ji-ru-he-tu-po-qi-ye-wu-xian-an-quan-fang-xian/2026-05-20T22:58:55.000Zhttps://aiblog.0x996.dev/aws-agentcoresha-xiang-tao-yi-dnssui-dao-tu-po-wang-luo-ge-chi-mo-ren-yuan-shu-ju-fu-wu-que-fa-ling-pai-yan-zheng/2026-05-20T22:58:48.000Zhttps://aiblog.0x996.dev/aizi-zhu-gong-ji-yun-huan-jing-duo-zhi-neng-ti-xi-tong-zealotshi-zhan-yan-zheng-yu-an-quan-qi-shi/2026-05-20T03:00:48.000Zhttps://aiblog.0x996.dev/duo-zhi-ti-xie-zuo-cheng-xin-ba-chang-shen-du-jie-xi-amazon-bedrockduo-zhi-neng-ti-ying-yong-ti-shi-zhu-ru-gong-ji-lian/2026-05-20T03:00:37.000Zhttps://aiblog.0x996.dev/webapps-apache-hertzbeat-1-8-0-remote-code-execution/2026-05-20T00:09:22.000Zhttps://aiblog.0x996.dev/webapps-wordpress-plugin-supsystic-contact-form-1-7-36-ssti/2026-05-20T00:08:52.000Zhttps://aiblog.0x996.dev/webapps-flowise-3-0-5-missing-authentication-for-critical-function/2026-05-20T00:08:13.000Zhttps://aiblog.0x996.dev/webapps-coreruleset-4-21-0-firewall-bypass-2/2026-05-20T00:07:51.000Zhttps://aiblog.0x996.dev/webapps-glances-4-5-2-command-injection-4/2026-05-20T00:07:25.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2024-34070-exploit/2026-05-20T00:06:55.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-8838-exploit/2026-05-20T00:06:46.000Zhttps://aiblog.0x996.dev/cve-2026-8838-cvss-9-8-unsafe-use-of-pythons-eval-on-server-received-data-in-the-vector_in-functio/2026-05-20T00:06:38.000Zhttps://aiblog.0x996.dev/threat-brief-widespread-impact-of-the-axios-supply-chain-attack/2026-05-20T00:06:21.000Zhttps://aiblog.0x996.dev/weaponizing-the-protectors-teampcps-multi-stage-supply-chain-attack-on-security-infrastructure/2026-05-20T00:06:17.000Zhttps://aiblog.0x996.dev/financial-cyberthreats-in-2025-and-the-outlook-for-2026/2026-05-20T00:06:15.000Zhttps://aiblog.0x996.dev/how-we-caught-the-axios-supply-chain-attack/2026-05-20T00:05:53.000Zhttps://aiblog.0x996.dev/dirty-frag-using-the-page-caches-as-an-attack-surface/2026-05-20T00:05:27.000Zhttps://aiblog.0x996.dev/prioritizing-alerts-triage-with-higher-order-detection-rules/2026-05-20T00:05:13.000Zhttps://aiblog.0x996.dev/phantom-in-the-vault-obsidian-abused-to-deliver-phantompulse-rat/2026-05-20T00:05:08.000Zhttps://aiblog.0x996.dev/the-cost-of-understanding-llm-driven-reverse-engineering-vs-iterative-llm-obfuscation/2026-05-20T00:05:03.000Zhttps://aiblog.0x996.dev/2026-05-20-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-89/2026-05-20T00:04:39.000Zhttps://aiblog.0x996.dev/tp-linkbao-fei-lu-you-qi-lou-dong-cve-2023-33538zao-miraijiang-shi-wang-luo-pi-liang-sao-miao-li-yong/2026-05-19T03:01:23.000Zhttps://aiblog.0x996.dev/yi-lang-wang-luo-wei-xie-sheng-ji-47tian-duan-wang-hou-hui-fu-guan-jian-ji-chu-she-shi-yu-jin-rong-qi-zha-cheng-gong-ji-jiao-dian/2026-05-19T03:01:10.000Zhttps://aiblog.0x996.dev/webapps-coreruleset-4-21-0-firewall-bypass/2026-05-19T00:13:53.000Zhttps://aiblog.0x996.dev/webapps-glances-4-5-2-command-injection-3/2026-05-19T00:06:34.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-46333-exploit/2026-05-19T00:06:05.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-0265-exploit/2026-05-19T00:05:56.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-8053-exploit/2026-05-19T00:05:48.000Zhttps://aiblog.0x996.dev/ci-cd-pipeline-abuse-the-problem-no-one-is-watching/2026-05-19T00:05:31.000Zhttps://aiblog.0x996.dev/tclbanker-brazilian-banking-trojan-spreading-via-whatsapp-and-outlook/2026-05-19T00:05:21.000Zhttps://aiblog.0x996.dev/copy-fail-and-dirtyfrag-linux-page-cache-bugs-in-the-wild/2026-05-19T00:05:17.000Zhttps://aiblog.0x996.dev/stop-putting-your-passwords-into-random-websites-yes-seriously-you-are-the-problem/2026-05-19T00:05:10.000Zhttps://aiblog.0x996.dev/codeql-zero-to-hero-part-5-debugging-queries/2026-05-19T00:04:55.000Zhttps://aiblog.0x996.dev/strengthening-supply-chain-security-preparing-for-the-next-malware-campaign/2026-05-19T00:04:52.000Zhttps://aiblog.0x996.dev/ai-supported-vulnerability-triage-with-the-github-security-lab-taskflow-agent/2026-05-19T00:04:49.000Zhttps://aiblog.0x996.dev/sometimes-you-can-just-feel-the-security-in-the-design-juniper-junos-evolved-cve-2026-21902-pre-auth-rce/2026-05-19T00:04:43.000Zhttps://aiblog.0x996.dev/2026-05-19-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-89/2026-05-19T00:04:29.000Zhttps://aiblog.0x996.dev/webapps-glances-4-5-2-command-injection-2/2026-05-18T14:05:37.000Zhttps://aiblog.0x996.dev/webapps-glances-4-5-2-command-injection/2026-05-18T14:03:35.000Zhttps://aiblog.0x996.dev/webapps-ninja-forms-uploads-unauthenticated-php-file-upload/2026-05-18T13:54:10.000Zhttps://aiblog.0x996.dev/teampcpgong-ying-lian-gong-ji-an-quan-gong-ju-lun-wei-shu-ju-qie-qu-tiao-ban-50mo-tai-ji-qi-lun-xian/2026-05-18T03:00:38.000Zhttps://aiblog.0x996.dev/32nian-lao-lou-dong-zhong-xian-gnu-inetutils-telnetdyu-ren-zheng-yuan-cheng-dai-ma-zhi-xing-lou-dong-cve-2026-32746/2026-05-18T03:00:25.000Zhttps://aiblog.0x996.dev/cve-2018-25335-cvss-9-8-wordpress-plugin-peugeot-music-1-0-contains-an-arbitrary-file-upload-vulnerabili/2026-05-18T00:06:13.000Zhttps://aiblog.0x996.dev/cve-2018-25332-cvss-9-8-gitbucket-4-23-1-contains-an-unauthenticated-remote-code-execution-vulnerability/2026-05-18T00:06:05.000Zhttps://aiblog.0x996.dev/cve-2018-25320-cvss-9-8-acl-analytics-versions-11-x-through-13-0-0-579-contain-an-arbitrary-code-executi/2026-05-18T00:05:57.000Zhttps://aiblog.0x996.dev/bugs-that-survive-the-heat-of-continuous-fuzzing/2026-05-18T00:05:42.000Zhttps://aiblog.0x996.dev/how-to-scan-for-vulnerabilities-with-github-security-labs-open-source-ai-powered-framework/2026-05-18T00:05:37.000Zhttps://aiblog.0x996.dev/a-year-of-open-source-vulnerability-trends-cves-advisories-and-malware/2026-05-18T00:05:33.000Zhttps://aiblog.0x996.dev/is-it-citrixbleed4-well-no-is-it-good-also-no-citrix-netscaler-memory-leak-rxss-cve-2025-12101/2026-05-18T00:05:29.000Zhttps://aiblog.0x996.dev/when-the-impersonation-function-gets-used-to-impersonate-users-fortinet-fortiweb-auth-bypass-cve-2025-64446/2026-05-18T00:05:14.000Zhttps://aiblog.0x996.dev/soapwn-pwning-net-framework-applications-through-http-client-proxies-and-wsdl/2026-05-18T00:05:10.000Zhttps://aiblog.0x996.dev/do-smart-people-ever-say-theyre-smart-smartertools-smartermail-pre-auth-rce-cve-2025-52691/2026-05-18T00:05:06.000Zhttps://aiblog.0x996.dev/attackers-with-decompilers-strike-again-smartertools-smartermail-wt-2026-0001-auth-bypass/2026-05-18T00:05:02.000Zhttps://aiblog.0x996.dev/2026-05-18-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-98/2026-05-18T00:04:52.000Zhttps://aiblog.0x996.dev/cpanel-whmren-zheng-rao-guo-ling-ri-lou-dong-cve-2026-41940-hu-lian-wang-guan-li-mian-ban-de-duo-mi-nuo-gu-pai-dao-ta/2026-05-17T03:00:55.000Zhttps://aiblog.0x996.dev/progress-sharefilecun-chu-kong-zhi-qi-pu-gao-wei-lou-dong-lian-wei-shou-quan-rcefeng-xian/2026-05-17T03:00:45.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-4882-exploit/2026-05-17T00:05:55.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-6433-exploit/2026-05-17T00:05:47.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-42897-exploit/2026-05-17T00:05:39.000Zhttps://aiblog.0x996.dev/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/2026-05-17T00:05:24.000Zhttps://aiblog.0x996.dev/buy-a-help-desk-bundle-a-remote-access-solution-solarwinds-web-help-desk-pre-auth-rce-chain-s/2026-05-17T00:05:21.000Zhttps://aiblog.0x996.dev/the-most-organized-threat-actors-use-your-itsm-bmc-footprints-pre-auth-remote-code-execution-chains/2026-05-17T00:05:14.000Zhttps://aiblog.0x996.dev/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746-pre-auth-rce/2026-05-17T00:05:09.000Zhttps://aiblog.0x996.dev/the-sequels-are-never-as-good-but-were-still-in-pain-citrix-netscaler-cve-2026-3055-memory-overread/2026-05-17T00:04:57.000Zhttps://aiblog.0x996.dev/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/2026-05-17T00:04:54.000Zhttps://aiblog.0x996.dev/youre-not-supposed-to-sharefile-with-everyone-progress-sharefile-pre-auth-rce-chain-cve-2026-2699-cve-2026-2701/2026-05-17T00:04:48.000Zhttps://aiblog.0x996.dev/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/2026-05-17T00:04:44.000Zhttps://aiblog.0x996.dev/2026-05-17-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-81/2026-05-17T00:04:34.000Zhttps://aiblog.0x996.dev/soapwn-netkuang-jia-httpke-hu-duan-dai-li-yu-wsdlzhong-de-zhi-ming-que-xian/2026-05-16T03:00:53.000Zhttps://aiblog.0x996.dev/itsmju-tou-lun-xian-bmc-footprintspu-chu-wei-shou-quan-rcelou-dong-lian/2026-05-16T03:00:41.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-8181-exploit/2026-05-16T00:06:02.000Zhttps://aiblog.0x996.dev/cve-2026-8181-cvss-9-8-the-burst-statistics-privacy-friendly-wordpress-analytics-google-analytics-al/2026-05-16T00:05:51.000Zhttps://aiblog.0x996.dev/cve-2026-42897-microsoft-exchange-server-cross-site-scripting-vulnerability/2026-05-16T00:05:42.000Zhttps://aiblog.0x996.dev/si-hou-an-quan-dong-tai-zhong-yang-wang-xin-ban-zhao-kai-quan-guo-wang-luo-fa-zhi-gong-zuo-hui-yi-she-bei-ma-diao-yu-gong-ji-bao-zeng-36bei-xin-xing-gong-ji-gong-ju-zai-wang-shang-da-si/2026-05-16T00:05:26.000Zhttps://aiblog.0x996.dev/long-xia-lai-xi-lu-meng-ke-ji-san-wei-yi-ti-fang-yu-ti-xi-rang-wang-luo-gao-bie-luo-ben-feng-xian/2026-05-16T00:05:24.000Zhttps://aiblog.0x996.dev/dang-xiao-long-xia-qian-ru-nei-wang-ru-he-jie-jue-ying-zi-ai-de-yin-ni-wei-ji/2026-05-16T00:05:23.000Zhttps://aiblog.0x996.dev/lu-meng-nffang-huo-qiang-zhu-lao-openclawan-quan-fang-xian-gou-zhu-aishi-dai-an-quan-ji-shi/2026-05-16T00:05:21.000Zhttps://aiblog.0x996.dev/lu-meng-ke-ji-da-mo-xing-an-quan-bai-pi-shu-fa-bu-ju-jiao-zhi-neng-ti-feng-xian-yu-fang-hu-hu-nin-an-quan-yang-xia/2026-05-16T00:05:10.000Zhttps://aiblog.0x996.dev/gao-xiao-you-jian-an-quan-zen-yao-zhua-bei-gong-da-zhe-fen-ke-fu-zhi-fan-ben-zhi-de-yi-kan/2026-05-16T00:05:08.000Zhttps://aiblog.0x996.dev/si-hou-an-quan-dong-tai-guo-jia-an-quan-bu-ti-xing-dun-ci-yuan-bao-fu-bei-hou-an-cang-jian-die-qie-qu-shu-ju-xian-jing-ping-guo-macwei-xie-50-32-lai-zi-mu-ma-dao-qie-yong-hu-yin-si-chen/2026-05-16T00:05:07.000Zhttps://aiblog.0x996.dev/yi-caas-2-0-zhong-gou-shu-zi-xin-ren-ling-hang-hou-liang-zi-shi-dai-ya-shu-trustasia-2026chun-ji-zhan-lue-fa-bu-hui-yuan-man-ju-xing/2026-05-16T00:05:05.000Zhttps://aiblog.0x996.dev/2026-05-16-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-101/2026-05-16T00:04:52.000Zhttps://aiblog.0x996.dev/phantomrpc-windows-rpcjia-gou-zhong-de-xin-xing-ben-di-ti-quan-lou-dong-fen-xi/2026-05-15T03:00:51.000Zhttps://aiblog.0x996.dev/npmsheng-tai-mo-ri-jiang-lin-shai-huludruan-chong-kai-qi-gong-ying-lian-gong-ji-xin-ji-yuan/2026-05-15T03:00:33.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-42945-exploit/2026-05-15T00:06:19.000Zhttps://aiblog.0x996.dev/cve-2026-45321-malware-in-tanstack-packages-exfiltrates-cloud-credentials-github-tokens-an/2026-05-15T00:06:07.000Zhttps://aiblog.0x996.dev/cve-2026-20182-cisco-catalyst-sd-wan-controller-authentication-bypass-vulnerability/2026-05-15T00:05:54.000Zhttps://aiblog.0x996.dev/ying-zi-ai-wei-ji-lu-meng-wei-xie-qing-bao-san-ba-suo-gou-zhu-openclawfang-yu-ti-xi/2026-05-15T00:05:35.000Zhttps://aiblog.0x996.dev/yi-zhi-ai-long-xia-de-bing-huo-yi-zhou-cong-quan-wang-zhui-peng-dao-jin-ji-xie-zai-openclawbao-huo-bei-hou-de-san-da-zhi-neng-ti-an-quan-feng-xian-yu-ying-dui/2026-05-15T00:05:33.000Zhttps://aiblog.0x996.dev/ge-chong-clawceng-chu-bu-qiong-ni-de-long-xia-shi-fou-ye-yi-lun-wei-hei-ke-nei-gui/2026-05-15T00:05:29.000Zhttps://aiblog.0x996.dev/duo-guo-lian-he-xing-dong-dao-hui-quan-qiu-zui-da-ddosjiang-shi-wang-luo-tuan-huo/2026-05-15T00:05:27.000Zhttps://aiblog.0x996.dev/si-hou-an-quan-dong-tai-gong-xin-bu-nvdbping-tai-fa-bu-feng-xian-ti-shi-li-yong-ping-guo-ioslou-dong-de-gong-ji-huo-dong-ji-zeng-hei-ke-li-yong-react2shellfa-qi-zi-dong-hua-ping-zheng-q/2026-05-15T00:05:07.000Zhttps://aiblog.0x996.dev/next-js-middleware-authorization-bypass-vulnerability-are-you-vulnerable/2026-05-15T00:05:05.000Zhttps://aiblog.0x996.dev/top-10-dynamic-application-security-testing-dast-tools-for-2025/2026-05-15T00:05:03.000Zhttps://aiblog.0x996.dev/strengthen-your-web-applications-with-http-security-headers/2026-05-15T00:05:00.000Zhttps://aiblog.0x996.dev/2026-05-15-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-107/2026-05-15T00:04:42.000Zhttps://aiblog.0x996.dev/npmsheng-tai-wei-ji-shai-huludruan-chong-kai-qi-gong-ying-lian-gong-ji-xin-ji-yuan/2026-05-14T03:01:38.000Zhttps://aiblog.0x996.dev/silver-fox-zu-zhi-li-yong-xin-xing-abcdoor-hou-men-gong-ji-e-luo-si-yu-yin-du-shui-wu-ji-gou/2026-05-14T03:00:32.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-8161-exploit/2026-05-14T00:06:01.000Zhttps://aiblog.0x996.dev/cve-2026-8161-cvss-7-5-multiparty-4-2-3-and-lower-versions-are-vulnerable-to-denial-of-service-via-unca/2026-05-14T00:05:51.000Zhttps://aiblog.0x996.dev/cve-2026-45321-cvss-9-6-on-2026-05-11-between-approximately-19-20-and-19-26-utc-84-malicious-versions/2026-05-14T00:05:43.000Zhttps://aiblog.0x996.dev/disabling-directory-listing-on-your-web-server-and-why-it-matters/2026-05-14T00:05:22.000Zhttps://aiblog.0x996.dev/preventing-csrf-attacks-with-anti-csrf-tokens-best-practices-and-implementation/2026-05-14T00:05:20.000Zhttps://aiblog.0x996.dev/supply-chain-security-incident-update/2026-05-14T00:05:17.000Zhttps://aiblog.0x996.dev/checkmarx-security-update-april-26/2026-05-14T00:05:15.000Zhttps://aiblog.0x996.dev/guardrails-for-agentic-development/2026-05-14T00:05:01.000Zhttps://aiblog.0x996.dev/checkmarx-security-update-april-22/2026-05-14T00:04:59.000Zhttps://aiblog.0x996.dev/securing-your-ai-supply-chain-your-ai-is-running-but-you-dont-know-what-its-doing/2026-05-14T00:04:57.000Zhttps://aiblog.0x996.dev/checkmarx-application-security-guide-to-claude-mythos/2026-05-14T00:04:55.000Zhttps://aiblog.0x996.dev/2026-05-14-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-110/2026-05-14T00:04:42.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-45185-exploit/2026-05-13T07:52:20.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-6664-exploit/2026-05-13T07:52:01.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2024-12912-exploit/2026-05-13T07:51:49.000Zhttps://aiblog.0x996.dev/stop-manual-triaging-start-agentic-fixing/2026-05-13T07:50:38.000Zhttps://aiblog.0x996.dev/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security/2026-05-13T07:50:14.000Zhttps://aiblog.0x996.dev/why-vulnerability-detection-doesnt-scale/2026-05-13T07:50:08.000Zhttps://aiblog.0x996.dev/attackability-why-context-not-reachability-should-drive-remediation/2026-05-13T07:50:05.000Zhttps://aiblog.0x996.dev/todays-odd-web-requests-wed-apr-29th/2026-05-13T07:40:31.000Zhttps://aiblog.0x996.dev/bad-bot-report-2026-the-internet-is-no-longer-human-and-its-changing-how-business-works/2026-05-13T07:37:58.000Zhttps://aiblog.0x996.dev/danger-of-libredtail-x5b-guest-diary-x5d-wed-apr-29th/2026-05-13T07:37:32.000Zhttps://aiblog.0x996.dev/imperva-customers-protected-against-cve-2026-41940-in-cpanel-whm/2026-05-13T07:37:22.000Zhttps://aiblog.0x996.dev/ssl-com-rotates-their-root-certificate-today-tue-may-5th/2026-05-13T07:32:17.000Zhttps://aiblog.0x996.dev/vimeo-confirms-breach-via-third-party-vendor-impacts-119k-users/2026-05-13T07:32:07.000Zhttps://aiblog.0x996.dev/malicious-ad-for-homebrew-leads-to-macsync-stealer-fri-may-1st/2026-05-13T07:29:11.000Zhttps://aiblog.0x996.dev/dshield-honeypot-update-mon-may-4th/2026-05-13T07:28:41.000Zhttps://aiblog.0x996.dev/article-4387/2026-05-13T07:28:29.000Zhttps://aiblog.0x996.dev/cve-2026-44681-authlib-oidc-implicit-hybrid-authorization-vulnerable-to-open-redirect/2026-05-13T07:27:18.000Zhttps://aiblog.0x996.dev/cve-2026-8260-cvss-8-8-a-vulnerability-was-found-in-d-link-dcs-935l-up-to-1-10-01-the-impacted-element/2026-05-13T07:20:39.000Zhttps://aiblog.0x996.dev/k8san-quan-jing-bao-yun-shen-fen-qie-qu-cheng-aptxin-chong-282-gong-ji-zeng-chang-bei-hou-de-an-liu/2026-05-13T06:54:20.000Zhttps://aiblog.0x996.dev/mei-ri-lou-dong-qing-bao-jian-bao-2026-05-12/2026-05-12T00:08:46.000Zhttps://aiblog.0x996.dev/cve-2021-47940-cvss-9-8-wordpress-plugin-download-from-files-version-1-48-and-earlier-contains-an-arbitr/2026-05-12T00:07:37.000Zhttps://aiblog.0x996.dev/cve-2021-47936-cvss-9-8-opencats-0-9-4-contains-a-remote-code-execution-vulnerability-that-allows-unauth/2026-05-12T00:07:16.000Zhttps://aiblog.0x996.dev/cve-2021-47933-cvss-9-8-wordpress-mstore-api-2-0-6-contains-an-arbitrary-file-upload-vulnerability-that/2026-05-12T00:06:54.000Zhttps://aiblog.0x996.dev/cve-2021-47932-cvss-9-8-wordpress-thecartpress-1-5-3-6-contains-an-unauthenticated-privilege-escalation/2026-05-12T00:06:37.000Zhttps://aiblog.0x996.dev/cve-2021-47923-cvss-9-8-opencart-3-0-3-8-contains-a-session-fixation-vulnerability-that-allows-attackers/2026-05-12T00:06:22.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-36980-exploit/2026-05-12T00:06:05.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-36981-exploit/2026-05-12T00:05:46.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-7458-exploit/2026-05-12T00:05:28.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-8260-exploit/2026-05-12T00:04:57.000Zhttps://aiblog.0x996.dev/2026-05-12-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-92/2026-05-12T00:03:35.000Zhttps://aiblog.0x996.dev/mei-ri-lou-dong-qing-bao-jian-bao-2026-05-11/2026-05-11T00:04:54.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-35397-exploit/2026-05-11T00:04:15.000Zhttps://aiblog.0x996.dev/cve-2026-42569-cvss-9-4-phpvms-is-a-php-application-to-run-and-simulate-an-airline-prior-to-version-7-0/2026-05-11T00:04:01.000Zhttps://aiblog.0x996.dev/cve-2026-42560-cvss-9-1-auth-provides-authentication-via-oauth2-direct-and-email-from-versions-1-18-0/2026-05-11T00:03:45.000Zhttps://aiblog.0x996.dev/cve-2026-44313-cvss-9-1-linkwarden-is-a-self-hosted-open-source-collaborative-bookmark-manager-to-colle/2026-05-11T00:03:29.000Zhttps://aiblog.0x996.dev/2026-05-11-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-89/2026-05-11T00:02:30.000Zhttps://aiblog.0x996.dev/jerrys-storexie-lu-345-000zhang-bei-dao-zhi-fu-qia/2026-05-10T23:22:36.000Zhttps://aiblog.0x996.dev/ying-guo-sheng-wu-yin-xing-shu-ju-xie-lu-50mo-fen-jian-kang-shu-ju-zai-zhong-guo-bei-chu-shou/2026-05-10T23:22:33.000Zhttps://aiblog.0x996.dev/yi-liao-she-bei-ju-tou-mei-dun-li-que-ren-shu-ju-xie-lu-shinyhunterssheng-cheng-qie-qu-chao-900mo-tiao-ji-lu/2026-05-10T23:10:24.000Zhttps://aiblog.0x996.dev/zarashu-ju-xie-lu-di-san-fang-an-quan-shi-jian-dao-zhi-19-7mo-ke-hu-xin-xi-pu-guang/2026-05-10T23:10:20.000Zhttps://aiblog.0x996.dev/webapps-traccar-gps-tracking-system-6-11-1-cross-site-websocket-hijacking-cswsh/2026-05-10T05:29:51.000Zhttps://aiblog.0x996.dev/mei-ri-lou-dong-qing-bao-jian-bao-2026-05-10/2026-05-10T00:12:03.000Zhttps://aiblog.0x996.dev/cve-2026-8153-cvss-9-8-os-command-injection-in-dashboard-server-interface-in-universal-robots-polyscope/2026-05-10T00:11:21.000Zhttps://aiblog.0x996.dev/cve-2013-10075-cvss-9-1-apache-session-versions-through-1-94-for-perl-re-creates-deleted-sessions-the/2026-05-10T00:11:02.000Zhttps://aiblog.0x996.dev/cve-2025-69691-cvss-9-9-netgate-pfsense-ce-2-8-0-allows-code-execution-in-the-xmlrpc-api-via-pfsense-exe/2026-05-10T00:10:40.000Zhttps://aiblog.0x996.dev/cve-2025-69690-cvss-9-1-netgate-pfsense-ce-2-7-2-allows-code-execution-by-using-the-module-installer-wit/2026-05-10T00:10:19.000Zhttps://aiblog.0x996.dev/cve-2023-46453-cvss-9-8-certain-gl-inet-devices-with-4-x-firmware-allow-authentication-bypass-resulting/2026-05-10T00:09:59.000Zhttps://aiblog.0x996.dev/cve-2024-51092-cvss-9-1-librenms-before-24-10-0-allows-a-remote-attacker-to-execute-arbitrary-code-via-o/2026-05-10T00:09:27.000Zhttps://aiblog.0x996.dev/cve-2026-43944-cvss-9-6-electerm-is-an-open-sourced-terminal-ssh-sftp-telnet-serialport-rdp-vnc-spice-ft/2026-05-10T00:09:00.000Zhttps://aiblog.0x996.dev/cve-2026-43941-cvss-9-6-electerm-is-an-open-sourced-terminal-ssh-sftp-telnet-serialport-rdp-vnc-spice-ft/2026-05-10T00:08:37.000Zhttps://aiblog.0x996.dev/cve-2026-41501-cvss-9-8-electerm-is-an-open-sourced-terminal-ssh-sftp-telnet-serialport-rdp-vnc-spice-ft/2026-05-10T00:08:17.000Zhttps://aiblog.0x996.dev/cve-2026-41500-cvss-9-8-electerm-is-an-open-sourced-terminal-ssh-sftp-telnet-serialport-rdp-vnc-spice-ft/2026-05-10T00:07:57.000Zhttps://aiblog.0x996.dev/cve-2026-42208-cvss-9-8-litellm-is-a-proxy-server-ai-gateway-to-call-llm-apis-in-openai-or-native-fo/2026-05-10T00:07:37.000Zhttps://aiblog.0x996.dev/2026-05-10-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-117/2026-05-10T00:04:49.000Zhttps://aiblog.0x996.dev/local-windows-11-24h2-local-privilege-escalation/2026-05-09T10:13:26.000Zhttps://aiblog.0x996.dev/local-throttlestop-kernel-driver-kernel-out-of-bounds-write-privilege-escalation/2026-05-09T10:11:17.217Zhttps://aiblog.0x996.dev/local-netbt-e-fatura-privilege-escalation/2026-05-09T10:10:20.965Zhttps://aiblog.0x996.dev/webapps-d-link-dir-650in-authenticated-command-injection/2026-05-09T10:03:39.696Zhttps://aiblog.0x996.dev/webapps-jumbo-website-manager-remote-code-execution/2026-05-09T09:56:42.625Zhttps://aiblog.0x996.dev/local-windows-kernel-elevation-of-privilege/2026-05-09T09:49:33.688Zhttps://aiblog.0x996.dev/webapps-zhiyuan-oa-arbitrary-file-upload-leading/2026-05-09T09:48:36.547Zhttps://aiblog.0x996.dev/webapps-wordpress-madara-local-file-inclusion/2026-05-09T09:48:09.007Zhttps://aiblog.0x996.dev/webapps-mailcow-2025-01a-host-header-password-reset-poisoning/2026-05-09T09:47:29.624Zhttps://aiblog.0x996.dev/webapps-siklu-etherhaul-series-eh-8010-arbitrary-file-upload/2026-05-09T09:45:30.759Zhttps://aiblog.0x996.dev/webapps-siklu-etherhaul-series-eh-8010-remote-command-execution/2026-05-09T09:44:31.760Zhttps://aiblog.0x996.dev/local-fedora-local-privilege-escalation/2026-05-09T09:43:33.448Zhttps://aiblog.0x996.dev/local-windows-11-23h2-denial-of-service-dos/2026-05-09T09:35:40.545Zhttps://aiblog.0x996.dev/local-linux-kernel-proc_readdir_de-6-18-rc5-local-privilege-escalation/2026-05-09T09:33:17.000Zhttps://aiblog.0x996.dev/local-linux-nf_tables-6-19-3-local-privilege-escalation-2/2026-05-09T09:27:19.000Zhttps://aiblog.0x996.dev/hardware-linksys-e1200-2-0-04-authenticated-stack-buffer-overflow-rce/2026-05-09T09:24:45.000Zhttps://aiblog.0x996.dev/webapps-mindsdb-25-9-1-1-path-traversal-2/2026-05-09T09:17:12.000Zhttps://aiblog.0x996.dev/remote-telnetd-2-7-buffer-overflow/2026-05-09T09:16:23.000Zhttps://aiblog.0x996.dev/webapps-ghost-cms-6-19-0-sqli/2026-05-09T09:10:46.000Zhttps://aiblog.0x996.dev/webapps-luajit-2-1-1774638290-arbitrary-code-execution/2026-05-09T09:02:39.000Zhttps://aiblog.0x996.dev/webapps-bludit-cms-3-18-4-rce/2026-05-09T08:55:21.000Zhttps://aiblog.0x996.dev/local-nocobase-2-0-27-vm-sandbox-escape/2026-05-09T08:47:53.000Zhttps://aiblog.0x996.dev/webapps-thingsboard-iot-platform-4-2-0-server-side-request-forgery-ssrf/2026-05-09T08:39:44.000Zhttps://aiblog.0x996.dev/x5b-guest-diary-x5d-beyond-cryptojacking-telegram-tdata-as-a-credential-harvesting-vector-lessons-from-a-honeypot-incident-wed-apr-22nd/2026-05-09T07:52:24.000Zhttps://aiblog.0x996.dev/webapps-summar-employee-portal-3-98-0-authenticated-sql-injection/2026-05-09T07:52:05.000Zhttps://aiblog.0x996.dev/react2dos-cve-2026-23869-when-the-flight-protocol-crashes-at-takeoff/2026-05-09T07:51:40.000Zhttps://aiblog.0x996.dev/the-npm-threat-landscape-attack-surface-and-mitigations/2026-05-09T07:51:14.000Zhttps://aiblog.0x996.dev/can-ai-attack-the-cloud-lessons-from-building-an-autonomous-cloud-offensive-multi-agent-system/2026-05-09T07:50:55.000Zhttps://aiblog.0x996.dev/when-wi-fi-encryption-fails-protecting-your-enterprise-from-airsnitch-attacks/2026-05-09T07:50:42.000Zhttps://aiblog.0x996.dev/a-deep-dive-into-attempted-exploitation-of-cve-2023-33538/2026-05-09T07:50:13.000Zhttps://aiblog.0x996.dev/cracks-in-the-bedrock-agent-god-mode/2026-05-09T07:49:46.000Zhttps://aiblog.0x996.dev/cracks-in-the-bedrock-escaping-the-aws-agentcore-sandbox/2026-05-09T07:49:28.000Zhttps://aiblog.0x996.dev/when-an-attacker-meets-a-group-of-agents-navigating-amazon-bedrocks-multi-agent-applications/2026-05-09T07:49:11.000Zhttps://aiblog.0x996.dev/double-agents-exposing-security-blind-spots-in-gcp-vertex-ai/2026-05-09T07:48:57.000Zhttps://aiblog.0x996.dev/fakewallet-crypto-stealer-spreading-through-ios-apps-in-the-app-store/2026-05-09T07:47:43.000Zhttps://aiblog.0x996.dev/threat-landscape-for-industrial-automation-systems-in-q4-2025/2026-05-09T07:47:27.000Zhttps://aiblog.0x996.dev/janelarat-a-financial-threat-targeting-users-in-latin-america/2026-05-09T07:47:14.000Zhttps://aiblog.0x996.dev/the-long-road-to-your-crypto-clipbanker-and-its-marathon-infection-chain/2026-05-09T07:46:44.000Zhttps://aiblog.0x996.dev/a-laughing-rat-crystalx-combines-spyware-stealer-and-prankware-features/2026-05-09T07:46:31.000Zhttps://aiblog.0x996.dev/an-ai-gateway-designed-to-steal-your-data/2026-05-09T07:46:00.000Zhttps://aiblog.0x996.dev/coruna-the-framework-used-in-operation-triangulation/2026-05-09T07:45:42.000Zhttps://aiblog.0x996.dev/mitigating-fragmented-sql-injection-attacks-effective-solutions/2026-05-09T07:44:45.000Zhttps://aiblog.0x996.dev/anti-ddos-firm-heaped-attacks-on-brazilian-isps/2026-05-09T07:44:10.000Zhttps://aiblog.0x996.dev/that-ai-extension-helping-you-write-emails-its-reading-them-first/2026-05-09T07:43:32.000Zhttps://aiblog.0x996.dev/cve-2026-5063-cvss-7-2-the-nex-forms-ultimate-forms-plugin-for-wordpress-plugin-for-wordpress-is-vuln/2026-05-09T07:43:19.000Zhttps://aiblog.0x996.dev/cve-2026-7698-cvss-7-3-a-vulnerability-was-identified-in-tiandy-easy7-integrated-management-platform-7/2026-05-09T07:43:03.000Zhttps://aiblog.0x996.dev/cve-2026-42364-cvss-9-9-an-os-command-injection-vulnerability-exists-in-the-ddnssetting-cgi-functionalit/2026-05-09T07:42:18.000Zhttps://aiblog.0x996.dev/silver-fox-uses-the-new-abcdoor-backdoor-to-target-organizations-in-russia-and-india/2026-05-09T07:42:00.000Zhttps://aiblog.0x996.dev/cve-2026-42370-cvss-9-0-a-stack-overflow-vulnerability-exists-in-the-webcam-server-login-functionality-o/2026-05-09T07:41:48.000Zhttps://aiblog.0x996.dev/essential-data-sources-for-detection-beyond-the-endpoint/2026-05-09T07:40:16.000Zhttps://aiblog.0x996.dev/cve-2026-7784-cvss-7-3-a-vulnerability-has-been-found-in-rtgs2017-nagaagent-up-to-5-1-0-this-issue-aff/2026-05-09T07:40:04.000Zhttps://aiblog.0x996.dev/cve-2026-44028-cvss-7-5-an-issue-was-discovered-in-nix-before-2-34-7-and-lix-before-2-95-2-unbounded-re/2026-05-09T07:39:50.000Zhttps://aiblog.0x996.dev/cve-2026-43527-cvss-7-7-openclaw-before-2026-4-14-contains-a-server-side-request-forgery-vulnerability-i/2026-05-09T07:39:35.000Zhttps://aiblog.0x996.dev/cve-2026-43530-cvss-8-8-openclaw-versions-2026-2-23-before-2026-4-12-contain-a-weakened-exec-approval-bi/2026-05-09T07:39:23.000Zhttps://aiblog.0x996.dev/cve-2026-7833-cvss-7-2-a-weakness-has-been-identified-in-efm-iptime-c200-up-to-1-092-this-vulnerabilit/2026-05-09T07:39:09.000Zhttps://aiblog.0x996.dev/ghsa-3h96-34p3-xm76-graphql-rubys-ruby-lexer-does-not-count-comment-tokens-for-the-purposes-of-max_/2026-05-09T07:38:56.000Zhttps://aiblog.0x996.dev/cve-2026-32688-plug-cowboy-vulnerable-to-unauthenticated-remote-dos-via-http-2-scheme-atom-t/2026-05-09T07:38:43.000Zhttps://aiblog.0x996.dev/cve-2026-7750-cvss-8-8-a-vulnerability-was-detected-in-totolink-n300rh-3-2-4-b20220812-this-vulnerabil/2026-05-09T07:38:28.000Zhttps://aiblog.0x996.dev/cve-2026-24072-cvss-8-8-an-escalation-of-privilege-bug-in-various-modules-in-apache-http-2-4-66-and-earl/2026-05-09T07:38:03.000Zhttps://aiblog.0x996.dev/cve-2026-23918-cvss-8-8-double-free-and-possible-rce-vulnerability-in-apache-http-server-with-the-http-2/2026-05-09T07:37:45.000Zhttps://aiblog.0x996.dev/cve-2026-40563-cvss-7-1-description-improper-control-of-generation-of-code-code-injection-vulnerabi/2026-05-09T07:37:18.000Zhttps://aiblog.0x996.dev/cve-2026-5100-cvss-7-5-the-awp-classifieds-plugin-for-wordpress-is-vulnerable-to-sql-injection-via-the/2026-05-09T07:37:05.000Zhttps://aiblog.0x996.dev/cve-2026-3456-cvss-7-5-the-geekybot-generate-ai-content-without-prompt-chatbot-and-lead-generation-p/2026-05-09T07:36:48.000Zhttps://aiblog.0x996.dev/cve-2026-4803-cvss-7-2-the-royal-elementor-addons-plugin-for-wordpress-is-vulnerable-to-stored-cross-si/2026-05-09T07:36:13.000Zhttps://aiblog.0x996.dev/cve-2026-34408-cvss-9-1-an-issue-was-discovered-in-gambio-4-9-2-0-patched-in-2024-02-v1-0-0-for-gx4-v4/2026-05-09T07:35:45.000Zhttps://aiblog.0x996.dev/cve-2026-44456-hono-bodylimit-can-be-bypassed-for-chunked-unknown-length-requests/2026-05-09T07:35:12.000Zhttps://aiblog.0x996.dev/cve-2026-44455-hono-jsx-has-unvalidated-jsx-tag-names-that-may-allow-html-injection/2026-05-09T07:35:00.000Zhttps://aiblog.0x996.dev/ghsa-qxrw-f6fh-34r7-lemmy-resend-verification-endpoint-exposes-registered-email-addresses-to-unauthe/2026-05-09T07:34:45.000Zhttps://aiblog.0x996.dev/cve-2026-44439-playwright-capture-permits-access-to-local-files-and-internal-network-resources/2026-05-09T07:34:31.000Zhttps://aiblog.0x996.dev/cve-2026-44437-angular-ssr-has-open-redirect-and-request-steering-via-encoded-x-forwarded-prefi/2026-05-09T07:34:18.000Zhttps://aiblog.0x996.dev/ghsa-qcxq-75wr-5cm8-ldap3_proto-has-ldap-filter-stack-exhaustion/2026-05-09T07:34:04.000Zhttps://aiblog.0x996.dev/ghsa-84jc-3hj2-hwc7-kanidmd_lib-image-upload-validators-run-before-authorization-png-validator-pan/2026-05-09T07:33:47.000Zhttps://aiblog.0x996.dev/ghsa-r5fr-9gmv-jggh-scim_proton-and-kanidm_proto-have-an-authenticated-process-abort-via-scim-filter/2026-05-09T07:33:27.000Zhttps://aiblog.0x996.dev/ghsa-53hj-r94p-8c8f-kanidm-has-non-constant-time-comparison-of-oauth2-client_secret/2026-05-09T07:33:16.000Zhttps://aiblog.0x996.dev/ghsa-gpxg-fx2g-qxj2-kanidm-stored-html-injection-in-passkey-enrolment-partial-via-displayname-h/2026-05-09T07:33:04.000Zhttps://aiblog.0x996.dev/ghsa-22w3-693w-x895-webauthn-rs-core-webauthn-authenticator-rs-origin-validation-mismatch-possible/2026-05-09T07:32:51.000Zhttps://aiblog.0x996.dev/cve-2026-44425-shellhub-has-crash-dos-via-field-injection-in-filter-and-sort-by-parameters/2026-05-09T07:32:20.000Zhttps://aiblog.0x996.dev/ghsa-cqmh-pcgr-q42f-axonflow-openclaw-fix-introduces-plugin-cache-and-credential-file-permission-ha/2026-05-09T07:32:05.000Zhttps://aiblog.0x996.dev/cve-2026-44423-shellhub-has-cross-tenant-idor-in-get-api-sessions-uid-that-discloses-ssh-se/2026-05-09T07:31:19.000Zhttps://aiblog.0x996.dev/cve-2026-44424-shellhub-has-cross-tenant-idor-in-get-api-devices-uid-that-discloses-device/2026-05-09T07:31:03.000Zhttps://aiblog.0x996.dev/ghsa-248h-974q-xrc2-axonflow-sdk-java-webhook-signing-key-hmac-sha256-not-exposed-by-sdk-type-pr/2026-05-09T07:30:33.000Zhttps://aiblog.0x996.dev/ghsa-mhc4-qq83-fmrr-axonflow-sdk-go-webhook-signing-key-hmac-sha256-not-exposed-by-sdk-type-prev/2026-05-09T07:30:22.000Zhttps://aiblog.0x996.dev/ghsa-9h64-2846-7x7f-axonflow-fixed-bugs-by-implementing-multi-tenant-isolation-and-access-control-ha/2026-05-09T07:29:26.000Zhttps://aiblog.0x996.dev/cve-2026-42577-netty-epoll-transport-denial-of-service-via-rst-on-half-closed-tcp-connection/2026-05-09T07:29:06.000Zhttps://aiblog.0x996.dev/cve-2026-0897-keras-vulnerable-to-dos-via-malicious-keras-model-hdf5-shape-bomb-causes-petab/2026-05-09T07:28:52.000Zhttps://aiblog.0x996.dev/cve-2026-44375-nerdbank-messagepack-attacker-controlled-stackalloc-in-datetime-decoding-causes/2026-05-09T07:28:26.000Zhttps://aiblog.0x996.dev/cve-2026-44374-backstage-catalog-unprocessed-read-endpoints-allow-authenticated-cross-owner-da/2026-05-09T07:28:10.000Zhttps://aiblog.0x996.dev/cve-2026-42845-grav-form-plugin-has-an-anonymous-page-content-overwrite-via-form-file-upload-fi/2026-05-09T07:27:51.000Zhttps://aiblog.0x996.dev/cve-2026-44372-nitro-has-an-open-redirect-via-protocol-relative-url-bypass-in-wildcard-route-ru/2026-05-09T07:27:39.000Zhttps://aiblog.0x996.dev/cve-2026-44373-nitro-has-a-proxy-scope-bypass-via-percent-encoded-path-traversal-in-routerules/2026-05-09T07:27:25.000Zhttps://aiblog.0x996.dev/cve-2026-44368-pyquorum-timing-side-channel-in-mul_mod/2026-05-09T07:27:13.000Zhttps://aiblog.0x996.dev/cve-2026-42602-opentelemetry-collector-contribs-azureauthextension-authenticate-method-does-no/2026-05-09T07:26:56.000Zhttps://aiblog.0x996.dev/cve-2026-44364-misp-modules-website-missing-csrf-protection-in-the-website-home-blueprint/2026-05-09T07:26:44.000Zhttps://aiblog.0x996.dev/cve-2026-44363-misp-modules-has-nsafe-remote-resource-fetching-in-expansion/2026-05-09T07:26:26.000Zhttps://aiblog.0x996.dev/cve-2026-44351-fast-jwt-jwt-auth-bypass-due-to-empty-hmac-secret-accepted-by-async-key-resolve/2026-05-09T07:26:13.000Zhttps://aiblog.0x996.dev/ghsa-95q8-x6r6-672m-lemmy-may-expose-private-community-data-through-community-saved-liked-and-mod/2026-05-09T07:25:56.000Zhttps://aiblog.0x996.dev/ghsa-jmxc-hhwx-gvv3-private-lemmy-instances-expose-multi-community-metadata-without-authentication/2026-05-09T07:25:44.000Zhttps://aiblog.0x996.dev/cve-2026-44245-kyverno-policy-reporter-ui-has-xss-via-stored-property-values-in-propertycard-co/2026-05-09T07:25:27.000Zhttps://aiblog.0x996.dev/cve-2026-44349-daptin-fuzzy-search-injects-unvalidated-column-name-into-raw-sql/2026-05-09T07:25:08.000Zhttps://aiblog.0x996.dev/cve-2026-44335-praisonai-has-an-ssrf-bypass/2026-05-09T07:24:11.000Zhttps://aiblog.0x996.dev/ghsa-7mw3-79jq-xc7f-aiograpi-has-dependency-on-vulnerable-orjson-3-11-4-cve-2025-67221/2026-05-09T07:23:56.000Zhttps://aiblog.0x996.dev/cve-2026-42572-hatchet-affected-by-cross-tenant-information-disclosure-in-listtasksbydagids/2026-05-09T07:23:35.000Zhttps://aiblog.0x996.dev/cve-2026-44244-gitpython-newline-injection-in-config_writer-set_value-enables-rce-via-core/2026-05-09T07:23:18.000Zhttps://aiblog.0x996.dev/cve-2026-42559-rmcp-streamable-http-server-transport-has-a-dns-rebinding-vulnerability/2026-05-09T07:22:10.000Zhttps://aiblog.0x996.dev/ghsa-v5mh-h5hx-7v92-kube-router-gobgp-grpc-admin-port-exposed-on-node-primary-ip-without-authentica/2026-05-09T07:21:34.000Zhttps://aiblog.0x996.dev/cve-2026-44223-vllm-extract_hidden_states-speculative-decoding-crashes-server-on-any-request-w/2026-05-09T07:21:18.000Zhttps://aiblog.0x996.dev/cve-2026-44307-mako-vulnerable-to-path-traversal-via-backslash-uri-on-windows-in-templatelookup/2026-05-09T07:20:49.000Zhttps://aiblog.0x996.dev/cve-2026-42557-jupyterlabs-command-linker-attributes-in-html-enable-one-click-command-executio/2026-05-09T07:20:29.000Zhttps://aiblog.0x996.dev/cve-2026-42555-valtimo-has-spel-injection-via-standardevaluationcontext-that-allows-remote-code/2026-05-09T07:20:14.000Zhttps://aiblog.0x996.dev/cve-2026-31195-cvss-8-8-the-ping-diagnostic-handler-in-bin-httpd_clientside-for-altice-labs-sfr-franc/2026-05-09T07:20:01.000Zhttps://aiblog.0x996.dev/cve-2026-31196-cvss-8-8-the-traceroute-diagnostic-handler-in-bin-httpd_clientside-for-altice-labs-sfr/2026-05-09T07:19:40.000Zhttps://aiblog.0x996.dev/cve-2026-42788-bandit-http-2-frame-size-limit-bypass-via-late-buffer-check-enables-memory-exhau/2026-05-09T07:19:28.000Zhttps://aiblog.0x996.dev/cve-2026-39807-bandit-trusts-client-supplied-uri-scheme-on-plaintext-connections/2026-05-09T07:19:14.000Zhttps://aiblog.0x996.dev/cve-2026-39805-bandit-is-vulnerable-to-cl-cl-request-smuggling-via-unrejected-duplicate-conten/2026-05-09T07:18:49.000Zhttps://aiblog.0x996.dev/cve-2026-42786-bandit-buffers-unbounded-websocket-continuation-frames-allowing-unauthenticated/2026-05-09T07:18:01.000Zhttps://aiblog.0x996.dev/cve-2026-39804-bandits-unbounded-websocket-inflate-causes-beam-oom-with-a-single-frame/2026-05-09T07:17:48.000Zhttps://aiblog.0x996.dev/cve-2026-44544-gittufs-policy-can-be-rolled-back-to-prior-valid-versions/2026-05-09T07:17:41.000Zhttps://aiblog.0x996.dev/ghsa-mmpx-jh39-wrv6-filebrowser-vulnerable-to-stored-xss-via-svg-file-in-public-share-missing-csp-h/2026-05-09T07:17:17.000Zhttps://aiblog.0x996.dev/cve-2026-44542-filebrowser-public-share-delete-api-path-traversal-allows-unauthenticated-arbitr/2026-05-09T07:16:54.000Zhttps://aiblog.0x996.dev/cve-2026-44283-etcd-rbac-bypass-allows-unauthorized-data-access-via-prevkv-lease-attachment-in/2026-05-09T07:16:33.000Zhttps://aiblog.0x996.dev/cve-2026-44520-docling-graph-has-ssrf-via-missing-internal-ip-validation-in-urlinputhandler/2026-05-09T07:16:04.000Zhttps://aiblog.0x996.dev/ghsa-w5p8-4jcx-2j6r-imageproc-integer-overflow-in-kernel-size-check-leads-to-out-of-bounds-read/2026-05-09T07:15:53.000Zhttps://aiblog.0x996.dev/ghsa-qg8r-f7x3-25f7-imageproc-out-of-bounds-read-via-nan-coordinates-in-bilinear-bicubic-sampling/2026-05-09T07:15:41.000Zhttps://aiblog.0x996.dev/ghsa-5qv7-j6w5-fr4m-imageproc-has-fragile-bounds-check-when-sampling-from-image/2026-05-09T07:15:27.000Zhttps://aiblog.0x996.dev/cve-2026-44426-shellhub-has-cross-tenant-idor-in-get-api-namespaces-tenant-via-api-key-bypa/2026-05-09T07:15:07.000Zhttps://aiblog.0x996.dev/ghsa-q2qq-hmj6-3wpp-hickory-proto-vulnerable-to-cpu-exhaustion-during-message-encoding-due-to-o-n2/2026-05-09T07:14:53.000Zhttps://aiblog.0x996.dev/ghsa-3v94-mw7p-v465-hickory-proto-nsec3-closest-encloser-proof-validation-enters-unbounded-loop-on/2026-05-09T07:14:42.000Zhttps://aiblog.0x996.dev/ghsa-258c-965c-p3hc-daptins-session-management-vulnerability-leads-to-insufficient-session-expirati/2026-05-09T07:14:30.000Zhttps://aiblog.0x996.dev/ghsa-m38g-vww2-mvgx-talos-linux-has-a-local-privilege-escalation-from-untrusted-workloads/2026-05-09T07:14:09.000Zhttps://aiblog.0x996.dev/cve-2026-44514-kubetail-has-a-cross-site-websocket-hijacking-issue-that-allows-attacker-to-read/2026-05-09T07:13:58.000Zhttps://aiblog.0x996.dev/ghsa-j7w6-vpvq-j3gm-diffusers-none-py-has-trust-remote-code-bypass/2026-05-09T07:13:42.000Zhttps://aiblog.0x996.dev/cve-2026-44511-katalyst-koi-session-cookies-can-be-replayed-after-user-logout/2026-05-09T07:13:33.000Zhttps://aiblog.0x996.dev/cve-2026-42459-free5gc-udm-has-improper-input-validation-and-generation-of-error-messages-conta/2026-05-09T07:13:21.000Zhttps://aiblog.0x996.dev/cve-2026-42328-go-ipld-primes-dag-cbor-and-dag-json-decoders-have-unbounded-recursion-depth/2026-05-09T07:13:12.000Zhttps://aiblog.0x996.dev/cve-2026-44312-css-parser-improper-certificate-validation-allows-mitm-injection-of-remote-css/2026-05-09T07:12:54.000Zhttps://aiblog.0x996.dev/cve-2026-42083-free5gc-pcf-missing-authentication-middleware-in-npcf_smpolicycontrol-allows-ac/2026-05-09T07:12:37.000Zhttps://aiblog.0x996.dev/cve-2026-42082-free5gc-amf-has-missing-concurrent-nas-smc-validation-during-ngap-handover/2026-05-09T07:12:06.000Zhttps://aiblog.0x996.dev/ghsa-fpf5-4jw8-67x8-rust-zserio-has-unbounded-memory-allocation/2026-05-09T07:11:55.000Zhttps://aiblog.0x996.dev/cve-2026-42081-free5gc-amf-bypasses-ue-security-capabilities-on-ngap-pathswitchrequest/2026-05-09T07:11:36.000Zhttps://aiblog.0x996.dev/cve-2026-44504-aegra-has-cross-user-run-injection-in-threads-thread_id-runs-idor/2026-05-09T07:11:20.000Zhttps://aiblog.0x996.dev/cve-2026-44503-kiota-abstractions-redirecthandler-leaks-cookie-proxy-authorization-headers-on-c/2026-05-09T07:11:00.000Zhttps://aiblog.0x996.dev/ghsa-39g5-644c-qwcg-container-pf-rule-injection-via-domain-name-argument-in-container-system-dns-c/2026-05-09T07:10:31.000Zhttps://aiblog.0x996.dev/cve-2026-41050-fleet-helm-impersonation-bypass-of-restclientgetter-retains-cluster-admin-d/2026-05-09T07:10:18.000Zhttps://aiblog.0x996.dev/cve-2026-42597-gotenberg-allows-chromium-url-conversion-routes-to-read-arbitrary-files-under-t/2026-05-09T07:09:00.000Zhttps://aiblog.0x996.dev/cve-2026-42596-gotenberg-vulnerable-to-unauthenticated-ssrf-via-default-deny-list-bypass-in-dow/2026-05-09T07:08:48.000Zhttps://aiblog.0x996.dev/cve-2026-42594-gotenberg-has-an-unauthenticated-denial-of-service-via-echo-context-pool-reuse-i/2026-05-09T07:08:31.000Zhttps://aiblog.0x996.dev/cve-2026-42593-goteberg-has-arbitrary-pdf-read-via-stampexpression-and-watermarkexpression-in-m/2026-05-09T07:07:50.000Zhttps://aiblog.0x996.dev/cve-2026-42592-gotenbergs-dns-rebinding-bypasses-ssrf-validation-on-chromium-url-conversion-ro/2026-05-09T07:07:26.000Zhttps://aiblog.0x996.dev/cve-2026-42591-gotenberg-has-a-server-side-request-forgery-ssrf-issue/2026-05-09T07:07:04.000Zhttps://aiblog.0x996.dev/cve-2026-42590-gotenbergs-exiftool-group-prefix-syntax-bypasses-dangerous-tag-blocklist/2026-05-09T07:06:52.000Zhttps://aiblog.0x996.dev/cve-2026-42589-gotenberg-has-unauthenticated-rce-via-exiftool-metadata-key-injection/2026-05-09T07:06:40.000Zhttps://aiblog.0x996.dev/cve-2026-42587-netty-httpcontentdecompressor-maxallocation-bypass-when-content-encoding-set-to/2026-05-09T07:05:56.000Zhttps://aiblog.0x996.dev/cve-2026-42586-netty-redis-codec-encoder-has-a-crlf-injection-issue/2026-05-09T07:05:02.000Zhttps://aiblog.0x996.dev/cve-2026-42585-netty-vulnerable-to-http-request-smuggling-due-to-malformed-transfer-encoding/2026-05-09T07:04:41.000Zhttps://aiblog.0x996.dev/cve-2026-42584-netty-has-httpclientcodec-response-desynchronization/2026-05-09T07:04:23.000Zhttps://aiblog.0x996.dev/cve-2026-42583-netty-lz4framedecoder-is-vulnerable-to-resource-exhaustion/2026-05-09T07:04:13.000Zhttps://aiblog.0x996.dev/cve-2026-42582-netty-http-3-qpack-literal-unbounded-allocation/2026-05-09T07:03:59.000Zhttps://aiblog.0x996.dev/cve-2026-44331-cvss-8-1-in-proftpd-through-1-3-9a-before-7666224-a-sql-injection-vulnerability-in-sqlta/2026-05-09T07:03:44.000Zhttps://aiblog.0x996.dev/cve-2026-7856-cvss-7-2-a-flaw-has-been-found-in-d-link-di-8100-16-07-26a1-this-affects-an-unknown-part/2026-05-09T07:03:19.000Zhttps://aiblog.0x996.dev/cve-2026-7332-cvss-7-2-the-latepoint-calendar-booking-plugin-for-appointments-and-events-plugin-for-w/2026-05-09T07:02:55.000Zhttps://aiblog.0x996.dev/cve-2026-7448-cvss-7-2-the-latepoint-calendar-booking-plugin-for-appointments-and-events-plugin-for-w/2026-05-09T07:02:43.000Zhttps://aiblog.0x996.dev/cve-2026-7841-cvss-8-8-a-remote-code-execution-vulnerabilityexists-in-notification-settings-on-geovisi/2026-05-09T07:02:29.000Zhttps://aiblog.0x996.dev/cve-2026-1719-cvss-7-5-the-gravity-bookings-premium-plugin-for-wordpress-is-vulnerable-to-sql-injection/2026-05-09T07:02:12.000Zhttps://aiblog.0x996.dev/cve-2026-42877-facturascripts-vulnerable-to-stored-xss-via-product-reference-in-sales-purchases/2026-05-09T06:59:41.000Zhttps://aiblog.0x996.dev/cve-2026-27964-facturascripts-vulnerable-to-reflected-cross-site-scripting-xss-via-cookie-man/2026-05-09T06:59:20.000Zhttps://aiblog.0x996.dev/cve-2026-27891-facturascripts-vulnerable-to-remote-code-execution-rce-via-zip-slip-in-plugin/2026-05-09T06:58:35.000Zhttps://aiblog.0x996.dev/ghsa-54pg-9963-v8vg-compromised-version-of-intercom-client-published-to-npm/2026-05-09T06:58:21.000Zhttps://aiblog.0x996.dev/ghsa-gr3r-crp5-qrrm-compromised-tag-of-intercom-php-published-via-github/2026-05-09T06:58:03.000Zhttps://aiblog.0x996.dev/cve-2026-42553-cinny-vulnerable-to-access-token-disclosure-via-invalidated-emoji-pack-avatar-ur/2026-05-09T06:57:48.000Zhttps://aiblog.0x996.dev/cve-2026-44513-diffusers-has-a-trust_remote_code-bypass-via-custom_pipeline-and-local-custo/2026-05-09T06:56:52.000Zhttps://aiblog.0x996.dev/cve-2026-44248-netty-mqtt-resource-exhaustion-in-mqttdecoder/2026-05-09T06:56:36.000Zhttps://aiblog.0x996.dev/cve-2026-44007-vm2-nodevm-nesting-true-bypasses-require-false-allowing-sandbox-escape-and/2026-05-09T06:56:12.000Zhttps://aiblog.0x996.dev/cve-2026-43998-vm2-has-a-nodevm-require-root-bypass-via-symlink-traversal-that-allows-sandbox-e/2026-05-09T06:56:01.000Zhttps://aiblog.0x996.dev/cve-2026-44003-vm2s-transformer-fast-path-bypass-exposes-internal-state-variable/2026-05-09T06:55:37.000Zhttps://aiblog.0x996.dev/cve-2026-44002-vm2-is-vulnerable-to-host-file-path-disclosure-via-stack-trace-information-leak/2026-05-09T06:55:25.000Zhttps://aiblog.0x996.dev/cve-2026-44000-vm2-host-promise-resolution-preserves-object-identity-across-sandbox-boundary/2026-05-09T06:55:11.000Zhttps://aiblog.0x996.dev/cve-2026-44004-vm2-sandbox-access-to-host-buffer-alloc-allows-timeout-bypass-resulting-in-memor/2026-05-09T06:54:53.000Zhttps://aiblog.0x996.dev/cve-2026-44001-vm2-has-a-sandbox-escape-via-promise-constructor-unhandled-rejection-process-cr/2026-05-09T06:54:40.000Zhttps://aiblog.0x996.dev/cve-2026-43999-vm2-has-a-nodevm-builtin-allowlist-bypass-via-module-builtins-module-_load/2026-05-09T06:54:02.000Zhttps://aiblog.0x996.dev/cve-2026-44005-vm2-mutable-proxies-for-host-intrinsic-prototypes-allows-sandbox-escape/2026-05-09T06:53:48.000Zhttps://aiblog.0x996.dev/cve-2026-44006-vm2-has-a-sandbox-escape-vulnerability/2026-05-09T06:52:54.000Zhttps://aiblog.0x996.dev/cve-2026-44662-rust-openssl-vulnerable-to-heap-buffer-overflow-when-encrypting-with-aes-key-wra/2026-05-09T06:52:15.000Zhttps://aiblog.0x996.dev/cve-2026-44661-utcp-http-vulnerable-to-ssrf-via-attacker-controlled-openapi-servers-0-url-in-h/2026-05-09T06:51:54.000Zhttps://aiblog.0x996.dev/ghsa-v7qw-hx66-4w9x-netbox-data-flows-has-stored-xss-in-objectalias-names-rendered-inside-dataflow-t/2026-05-09T06:51:39.000Zhttps://aiblog.0x996.dev/ghsa-j7h9-2jh7-g967-mcp-ssh-tool-has-file-transfer-path-policy-bypass-and-bearer-token-comparison-ha/2026-05-09T06:51:20.000Zhttps://aiblog.0x996.dev/cve-2026-44641-microsoft-apm-clis-plugin-json-component-paths-escape-plugin-root-and-copy-arbi/2026-05-09T06:51:05.000Zhttps://aiblog.0x996.dev/ghsa-fpw6-hrg5-q5x5-ech0s-acess-tokens-with-expiry-never-cannot-be-revoked-logout-panics-delete-d/2026-05-09T06:50:48.000Zhttps://aiblog.0x996.dev/ghsa-p64j-f4x9-wq66-ech0s-oauth-redirect-uri-validation-ignores-path-component-enables-exchange-co/2026-05-09T06:50:32.000Zhttps://aiblog.0x996.dev/ghsa-8mc6-xjpr-h98x-ech0-has-server-side-request-forgery-ssrf-via-connect-handler-fetchpeerconnect/2026-05-09T06:50:17.000Zhttps://aiblog.0x996.dev/ghsa-pj6q-4vq4-r8cg-ech0-allows-put-api-echo-like-id-unauthenticated-anonymous-callers-to-modify/2026-05-09T06:50:05.000Zhttps://aiblog.0x996.dev/ghsa-rgj7-vg8v-j4wr-ech0s-unauthenticated-like-endpoint-enables-arbitrary-engagement-metric-inflati/2026-05-09T06:49:51.000Zhttps://aiblog.0x996.dev/ghsa-3v85-fqvh-7rxf-ech0s-rss-feed-renders-unescaped-tag-names-and-raw-html-markdown-stored-xss-ag/2026-05-09T06:49:30.000Zhttps://aiblog.0x996.dev/ghsa-rj4g-rqgh-rx9h-ech0-comment-models-email-field-returned-on-public-api-comments-endpoints/2026-05-09T06:49:06.000Zhttps://aiblog.0x996.dev/cve-2026-44523-note-mark-has-a-jwt-secret-weakness-that-allows-full-account-takeover-via-token/2026-05-09T06:48:46.000Zhttps://aiblog.0x996.dev/cve-2026-44522-note-mark-arbitrary-file-write-via-path-traversal-in-asset-names-leads-to-remot/2026-05-09T06:48:25.000Zhttps://aiblog.0x996.dev/ghsa-h4fw-6r7f-w494-webauthn-has-a-user-verification-downgrade-via-default-open-clientoverridepolicy/2026-05-09T06:48:12.000Zhttps://aiblog.0x996.dev/ghsa-cwfq-rfcr-8hmp-zebras-transparent-sighash_single-handling-diverges-from-zcashd-for-correspondi/2026-05-09T06:47:57.000Zhttps://aiblog.0x996.dev/cve-2026-44497-zebra-has-consensus-divergence-in-transparent-sighash-hash-type-handling-due-to/2026-05-09T06:47:44.000Zhttps://aiblog.0x996.dev/cve-2026-44500-zebra-vulnerable-to-allocation-amplification-in-inbound-network-deserializers/2026-05-09T06:47:05.000Zhttps://aiblog.0x996.dev/cve-2026-44498-zebras-block-validator-undercounts-coinbase-and-p2sh-sigops/2026-05-09T06:46:47.000Zhttps://aiblog.0x996.dev/cve-2026-44589-nuxt-og-image-ssrf-bypass-of-ghsa-pqhr-mp3f-hrpp-v6-2-5-fix-ipv6-redirect/2026-05-09T06:46:29.000Zhttps://aiblog.0x996.dev/cve-2026-42879-facturascripts-vulnerable-to-authenticated-remote-code-execution-rce-via-gif-i/2026-05-09T06:46:13.000Zhttps://aiblog.0x996.dev/cve-2026-42878-facturascripts-vulnerable-to-unauthenticated-phpinfo-disclosure-via-installer/2026-05-09T06:45:42.000Zhttps://aiblog.0x996.dev/cve-2026-40981-cvss-7-5-when-using-google-secrets-manager-as-a-backend-for-the-spring-cloud-config-serve/2026-05-09T06:45:27.000Zhttps://aiblog.0x996.dev/cve-2026-41002-cvss-7-2-the-base-directory-spring-cloud-config-server-git-basedir-used-by-the-spring/2026-05-09T06:45:13.000Zhttps://aiblog.0x996.dev/cve-2026-41640-cvss-7-5-nocobase-is-an-ai-powered-no-code-low-code-platform-for-building-business-applic/2026-05-09T06:44:51.000Zhttps://aiblog.0x996.dev/cve-2026-41660-cvss-7-1-admidio-is-an-open-source-user-management-solution-prior-to-version-5-0-9-a-lo/2026-05-09T06:44:26.000Zhttps://aiblog.0x996.dev/cve-2026-41669-cvss-8-2-admidio-is-an-open-source-user-management-solution-prior-to-version-5-0-9-the/2026-05-09T06:44:12.000Zhttps://aiblog.0x996.dev/cve-2026-41139-cvss-8-8-math-js-is-an-extensive-math-library-for-javascript-and-node-js-from-version-13/2026-05-09T06:43:27.000Zhttps://aiblog.0x996.dev/cve-2026-41143-cvss-8-8-yeswiki-is-a-wiki-system-written-in-php-prior-to-version-4-6-1-yeswiki-bazar-m/2026-05-09T06:43:14.000Zhttps://aiblog.0x996.dev/cve-2026-41641-cvss-7-2-nocobase-is-an-ai-powered-no-code-low-code-platform-for-building-business-applic/2026-05-09T06:43:02.000Zhttps://aiblog.0x996.dev/cve-2026-4348-cvss-7-5-the-betterdocs-pro-plugin-for-wordpress-is-vulnerable-to-sql-injection-via-the/2026-05-09T06:42:45.000Zhttps://aiblog.0x996.dev/cve-2026-6692-cvss-8-8-the-slider-revolution-plugin-for-wordpress-is-vulnerable-to-arbitrary-file-uploa/2026-05-09T06:42:32.000Zhttps://aiblog.0x996.dev/cve-2026-7252-cvss-8-1-the-wp-optimize-cache-compress-images-minify-clean-database-to-boost-page/2026-05-09T06:42:21.000Zhttps://aiblog.0x996.dev/cve-2025-9661-cvss-8-1-os-command-injection-vulneravility-in-the-management-gui-maintenance-utility-o/2026-05-09T06:42:08.000Zhttps://aiblog.0x996.dev/cve-2026-4430-cvss-7-8-out-of-bounds-write-vulnerability-in-the-document-foundation-libreoffice-via-cra/2026-05-09T06:41:50.000Zhttps://aiblog.0x996.dev/cve-2025-68060-cvss-7-6-improper-neutralization-of-special-elements-used-in-an-sql-command-sql-injecti/2026-05-09T06:41:34.000Zhttps://aiblog.0x996.dev/cve-2026-28201-cvss-7-8-an-improper-input-validation-together-with-an-overly-permissive-default-cors-co/2026-05-09T06:41:19.000Zhttps://aiblog.0x996.dev/cve-2026-33588-cvss-8-1-lack-of-user-input-validation-in-the-file-upload-functionality-of-open-notebook/2026-05-09T06:41:06.000Zhttps://aiblog.0x996.dev/cve-2026-41642-cvss-7-5-gobgp-is-an-open-source-border-gateway-protocol-bgp-implementation-in-the-go-p/2026-05-09T06:40:39.000Zhttps://aiblog.0x996.dev/cve-2026-41643-cvss-7-5-gobgp-is-an-open-source-border-gateway-protocol-bgp-implementation-in-the-go-p/2026-05-09T06:40:27.000Zhttps://aiblog.0x996.dev/cve-2026-42285-cvss-7-5-gobgp-is-an-open-source-border-gateway-protocol-bgp-implementation-in-the-go-p/2026-05-09T06:40:14.000Zhttps://aiblog.0x996.dev/cve-2026-5784-cvss-8-8-improper-neutralization-of-input-during-web-page-generation-cross-site-scripti/2026-05-09T06:40:03.000Zhttps://aiblog.0x996.dev/cve-2026-6002-cvss-8-8-improper-neutralization-of-script-related-html-tags-in-a-web-page-basic-xss-vu/2026-05-09T06:39:44.000Zhttps://aiblog.0x996.dev/cve-2026-30495-cvss-8-8-the-optoma-cinemax-p2-projector-firmware-tvos-04-24-010-04-01-android-8-0-0-e/2026-05-09T06:38:55.000Zhttps://aiblog.0x996.dev/cve-2026-41490-cvss-8-3-dagster-is-an-orchestration-platform-for-the-development-production-and-observ/2026-05-09T06:38:42.000Zhttps://aiblog.0x996.dev/cve-2026-41554-cvss-7-1-improper-neutralization-of-input-during-web-page-generation-cross-site-scripti/2026-05-09T06:38:02.000Zhttps://aiblog.0x996.dev/cve-2026-44788-sharpcompress-has-directory-traversal-via-directory-entries-in-writetodirectory/2026-05-09T06:37:41.000Zhttps://aiblog.0x996.dev/cve-2026-44900-epa4all-client-has-a-vau-signature-bypass/2026-05-09T06:37:23.000Zhttps://aiblog.0x996.dev/cve-2026-44896-mistune-has-xss-via-unescaped-figclass-figwidth-in-figure-directive/2026-05-09T06:37:02.000Zhttps://aiblog.0x996.dev/cve-2026-44708-mistune-math-plugin-has-an-xss-escape-bypass/2026-05-09T06:36:52.000Zhttps://aiblog.0x996.dev/cve-2026-44837-view_component-system-test-entry-point-path-check-allows-sibling-directory-esca/2026-05-09T06:36:27.000Zhttps://aiblog.0x996.dev/cve-2026-44836-view_component-preview-route-can-dispatch-inherited-helper-methods/2026-05-09T06:36:09.000Zhttps://aiblog.0x996.dev/ghsa-mv93-w799-cj2w-gitpython-newline-injection-in-config_writer-section-parameter-bypasses-cve-2/2026-05-09T06:35:55.000Zhttps://aiblog.0x996.dev/cve-2026-44844-eml_parser-has-recursion-dos-via-nested-message-rfc822-attachments/2026-05-09T06:35:44.000Zhttps://aiblog.0x996.dev/cve-2026-44843-langchain-vulnerable-to-unsafe-deserialization-of-attacker-controlled-objects-th/2026-05-09T06:35:31.000Zhttps://aiblog.0x996.dev/cve-2026-44330-free5gcs-nef-nnef-pfdmanagement-api-is-unauthenticated-forged-bearer-tokens-ca/2026-05-09T06:34:23.000Zhttps://aiblog.0x996.dev/cve-2026-44329-free5gcs-smf-upi-management-interface-lacks-auth-middleware-unauthenticated-to/2026-05-09T06:33:59.000Zhttps://aiblog.0x996.dev/cve-2026-44328-free5gcs-smf-upi-delete-upi-v1-upnodeslinks-ref-panics-on-an-node-deletion-v/2026-05-09T06:33:47.000Zhttps://aiblog.0x996.dev/cve-2026-44327-free5gcs-nef-nnef-oam-route-group-is-unauthenticated-no-token-requests-reach-t/2026-05-09T06:33:26.000Zhttps://aiblog.0x996.dev/cve-2026-44326-free5gcs-nef-3gpp-traffic-influence-api-is-unauthenticated-missing-or-forged-b/2026-05-09T06:33:10.000Zhttps://aiblog.0x996.dev/cve-2026-44325-free5gc-nrf-type-confusion-panic-in-post-oauth2-token-structured-form-parser-v/2026-05-09T06:32:58.000Zhttps://aiblog.0x996.dev/cve-2026-44324-free5gcs-udr-nudr-dr-delete-amf-subscriptions-panics-on-missing-ue-state-via-ni/2026-05-09T06:32:44.000Zhttps://aiblog.0x996.dev/cve-2026-44323-free5gcs-udr-nudr-dr-delete-amf-subscriptions-panics-on-missing-subsid-when-ue/2026-05-09T06:32:28.000Zhttps://aiblog.0x996.dev/cve-2026-44322-free5gcs-nef-3gpp-pfd-management-patch-applications-appid-panics-on-udr-acces/2026-05-09T06:32:10.000Zhttps://aiblog.0x996.dev/cve-2026-44321-free5gcs-smf-upi-post-upi-v1-upnodeslinks-exits-the-smf-process-on-overlapping/2026-05-09T06:31:42.000Zhttps://aiblog.0x996.dev/cve-2026-44320-free5gcs-nef-nnef-callback-route-group-is-unauthenticated-forged-callback-requ/2026-05-09T06:31:31.000Zhttps://aiblog.0x996.dev/cve-2026-44318-free5gcs-bsf-concurrent-put-nbsf-management-v1-subscriptions-subid-crashes-t/2026-05-09T06:30:34.000Zhttps://aiblog.0x996.dev/cve-2026-44317-free5gcs-pcf-npcf-policyauthorization-post-app-sessions-panics-on-suppfeat-1-w/2026-05-09T06:30:20.000Zhttps://aiblog.0x996.dev/cve-2026-44316-free5gcs-pcf-npcf-smpolicycontrol-post-sm-policies-panics-on-downstream-udr-op/2026-05-09T06:30:08.000Zhttps://aiblog.0x996.dev/cve-2026-44315-free5gcs-nef-3gpp-pfd-management-api-is-unauthenticated-forged-bearer-tokens-c/2026-05-09T06:29:46.000Zhttps://aiblog.0x996.dev/cve-2026-44309-gitsign-verify-accepts-signatures-over-go-git-normalized-bytes-enabling-trust-c/2026-05-09T06:29:33.000Zhttps://aiblog.0x996.dev/cve-2026-44566-open-webui-vulnerable-to-arbitrary-file-upload-and-path-traversal/2026-05-09T06:29:20.000Zhttps://aiblog.0x996.dev/cve-2026-44567-open-webui-has-improper-authorization-control/2026-05-09T06:29:08.000Zhttps://aiblog.0x996.dev/cve-2026-44549-open-webui-has-stored-xss-in-excel-file-preview/2026-05-09T06:28:51.000Zhttps://aiblog.0x996.dev/cve-2026-44832-snipe-it-has-privilege-escalation-via-api-permissions-assignment/2026-05-09T06:28:33.000Zhttps://aiblog.0x996.dev/ghsa-pmwq-pjrm-6p5r-in-toto-golang-and-in-toto-python-have-inconsistent-negation-behavior/2026-05-09T06:28:12.000Zhttps://aiblog.0x996.dev/cve-2026-44831-snipe-it-has-stored-xss-via-component-checkout-notes-v8-4-0/2026-05-09T06:27:56.000Zhttps://aiblog.0x996.dev/cve-2026-44298-kimai-has-an-arbitrary-file-read-in-its-invoice-pdf-renderer-admin/2026-05-09T06:27:39.000Zhttps://aiblog.0x996.dev/cve-2026-44568-open-webui-has-stored-xss-in-pending-user-overlay-via-incorrect-dompurify-applic/2026-05-09T06:27:09.000Zhttps://aiblog.0x996.dev/cve-2026-44214-eventsource-encoder-vulnerable-to-sse-event-injection-via-unsanitized-event-an/2026-05-09T06:26:47.000Zhttps://aiblog.0x996.dev/cve-2026-44213-opentelemetry-exporter-instana-bypasses-tls-certificate-validation-when-a-proxy/2026-05-09T06:26:24.000Zhttps://aiblog.0x996.dev/cve-2026-44247-volcanos-webhook-server-vulnerable-to-oom-due-to-unbounded-http-request-body-si/2026-05-09T06:26:12.000Zhttps://aiblog.0x996.dev/cve-2026-44211-cline-kanban-server-has-a-cross-origin-websocket-hijacking-vulnerability/2026-05-09T06:26:00.000Zhttps://aiblog.0x996.dev/cve-2026-44209-banks-has-critical-remote-code-execution-rce-via-jinja2-ssti/2026-05-09T06:25:40.000Zhttps://aiblog.0x996.dev/cve-2026-44728-babel-plugin-transform-modules-systemjs-generates-arbitrary-code-when-compiling/2026-05-09T06:25:28.000Zhttps://aiblog.0x996.dev/cve-2026-32689-phoenix-long-poll-ndjson-body-splitting-causes-large-memory-allocation/2026-05-09T06:25:14.000Zhttps://aiblog.0x996.dev/ghsa-qhh4-458h-xwh2-cyclonedx-cdxgen-docker-registry-auth-substring-match-forwards-credentials-to/2026-05-09T06:24:55.000Zhttps://aiblog.0x996.dev/mei-ri-lou-dong-qing-bao-jian-bao-2026-05-09/2026-05-09T00:07:52.000Zhttps://aiblog.0x996.dev/cve-2026-6795-cvss-9-6-url-redirection-to-untrusted-site-open-redirect-vulnerability-in-divvydrive/2026-05-09T00:07:13.000Zhttps://aiblog.0x996.dev/cve-2026-41589-cvss-9-6-wish-is-an-ssh-server-with-defaults-and-a-collection-of-middlewares-from-versio/2026-05-09T00:06:50.000Zhttps://aiblog.0x996.dev/cve-2026-30496-cvss-9-8-the-optoma-cinemax-p2-projector-firmware-tvos-04-24-010-04-01-android-8-0-0-e/2026-05-09T00:06:23.000Zhttps://aiblog.0x996.dev/cve-2026-8094-cvss-9-8-other-issue-in-the-webrtc-component-this-vulnerability-was-fixed-in-firefox-esr/2026-05-09T00:06:01.000Zhttps://aiblog.0x996.dev/cve-2026-8091-cvss-9-8-incorrect-boundary-conditions-in-the-audio-video-playback-component-this-vulne/2026-05-09T00:05:39.000Zhttps://aiblog.0x996.dev/cve-2026-5791-cvss-9-6-cross-site-request-forgery-csrf-vulnerability-in-divvydrive-information-techno/2026-05-09T00:05:09.000Zhttps://aiblog.0x996.dev/cve-2026-6508-cvss-9-8-origin-validation-error-vulnerability-in-tubitak-bilgem-software-technologies-re/2026-05-09T00:04:50.000Zhttps://aiblog.0x996.dev/cve-2026-33587-cvss-10-0-lack-of-user-input-sanitisation-in-open-notebook-v1-8-3-allows-the-application-u/2026-05-09T00:04:30.000Zhttps://aiblog.0x996.dev/cve-2026-42217-cvss-9-8-openexr-provides-the-specification-and-reference-implementation-of-the-exr-file/2026-05-09T00:04:10.000Zhttps://aiblog.0x996.dev/cve-2026-42216-cvss-9-1-openexr-provides-the-specification-and-reference-implementation-of-the-exr-file/2026-05-09T00:03:52.000Zhttps://aiblog.0x996.dev/cve-2026-41201-cvss-9-1-ci4ms-is-a-codeigniter-4-based-cms-skeleton-that-delivers-a-production-ready-mo/2026-05-09T00:03:33.000Zhttps://aiblog.0x996.dev/cve-2026-40982-cvss-9-1-spring-cloud-config-allows-applications-to-serve-arbitrary-text-and-binary-files/2026-05-09T00:03:12.000Zhttps://aiblog.0x996.dev/cve-2026-42208-berriai-litellm-sql-injection-vulnerability/2026-05-09T00:02:53.000Zhttps://aiblog.0x996.dev/2026-05-09-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-90/2026-05-09T00:02:15.000Zhttps://aiblog.0x996.dev/mei-ri-lou-dong-qing-bao-jian-bao-2026-05-08-2/2026-05-08T00:04:38.000Zhttps://aiblog.0x996.dev/cve-2026-5294-cvss-9-8-the-geeky-bot-plugin-for-wordpress-is-vulnerable-to-missing-authorization-in-ver/2026-05-08T00:03:26.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-7482-exploit/2026-05-07T20:23:06.000Zhttps://aiblog.0x996.dev/cve-2026-0300-palo-alto-networks-pan-os-out-of-bounds-write-vulnerability/2026-05-07T20:22:53.000Zhttps://aiblog.0x996.dev/cve-2026-6973-ivanti-endpoint-manager-mobile-epmm-improper-input-validation-vulnerability/2026-05-07T20:22:31.000Zhttps://aiblog.0x996.dev/cve-2026-40010-cvss-9-1-missing-invocation-of-servlet-http-web-request-method-changesessionid-after-sess/2026-05-07T19:39:35.000Zhttps://aiblog.0x996.dev/2026-05-08-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-75/2026-05-07T19:38:56.000Zhttps://aiblog.0x996.dev/cve-2026-7823-cvss-9-8-a-security-flaw-has-been-discovered-in-totolink-a8000ru-7-1cu-643_b20200521-aff/2026-05-07T03:54:28.000Zhttps://aiblog.0x996.dev/webapps-react-server-19-2-0-remote-code-execution/2026-05-07T01:53:18.000Zhttps://aiblog.0x996.dev/cve-2026-7834-cvss-9-8-a-security-vulnerability-has-been-detected-in-efm-iptime-nas1dual-1-5-24-this-i/2026-05-07T00:02:44.000Zhttps://aiblog.0x996.dev/exploit-for-cve-2026-0300-exploit/2026-05-07T00:02:35.000Zhttps://aiblog.0x996.dev/2026-05-07-lou-dong-qing-bao-ri-bao-200-tiao-gao-wei-102/2026-05-07T00:02:15.000Zhttps://aiblog.0x996.dev/webapps-mindsdb-25-9-1-1-path-traversal/2026-05-06T23:52:09.000Zhttps://aiblog.0x996.dev/local-linux-nf_tables-6-19-3-local-privilege-escalation/2026-05-06T23:51:32.000Zhttps://aiblog.0x996.dev/local-zsh-5-9-rce/2026-05-06T23:49:37.000Zhttps://aiblog.0x996.dev/webapps-wordpress-plugin-5-2-0-broken-access-control/2026-05-06T23:45:25.000Zhttps://aiblog.0x996.dev/hardware-d-link-dir-825-rev-b-2-10-stack-buffer-overflow-dos-2/2026-05-06T23:44:49.000Zhttps://aiblog.0x996.dev/local-avast-antivirus-25-11-unquoted-service-path-3/2026-05-06T23:43:59.000Zhttps://aiblog.0x996.dev/webapps-wegia-3-5-0-sql-injection/2026-05-06T23:42:46.000Zhttps://aiblog.0x996.dev/webapps-grafana-11-6-0-ssrf-3/2026-05-06T23:42:16.000Zhttps://aiblog.0x996.dev/webapps-fortinet-fortiweb-v8-0-1-auth-bypass-3/2026-05-06T23:41:48.000Zhttps://aiblog.0x996.dev/local-microsoft-mmc-msc-eviltwin-local-admin-creation/2026-05-06T23:41:35.000Zhttps://aiblog.0x996.dev/local-sqlite-3-50-1-heap-overflow-2/2026-05-06T23:41:01.000Zhttps://aiblog.0x996.dev/webapps-romm-4-4-0-xss_csrf-chain-3/2026-05-06T23:33:08.000Zhttps://aiblog.0x996.dev/webapps-fortiweb-8-0-2-remote-code-execution-2/2026-05-06T23:26:20.000Zhttps://aiblog.0x996.dev/local-7-zip-24-00-directory-traversal-3/2026-05-06T23:25:59.000Zhttps://aiblog.0x996.dev/webapps-xibocms-3-3-4-rce-3/2026-05-06T23:23:46.000Zhttps://aiblog.0x996.dev/webapps-horilla-v1-3-rce-3/2026-05-06T23:23:12.000Zhttps://aiblog.0x996.dev/local-is-localhost-ip-2-0-0-ssrf-3/2026-05-06T23:22:36.000Zhttps://aiblog.0x996.dev/local-desktop-window-manager-core-library-10-0-10240-0-privilege-escalation-3/2026-05-06T23:15:57.000Zhttps://aiblog.0x996.dev/webapps-asp-net-8-0-10-bypass-2/2026-05-06T23:15:10.000Zhttps://aiblog.0x996.dev/webapps-rpi-jukebox-rfid-2-8-0-stored-cross-site-scripting-xss-3/2026-05-06T23:14:29.000Zhttps://aiblog.0x996.dev/webapps-phpmyfaq-4-0-16-improper-authorization-2/2026-05-06T23:14:12.000Zhttps://aiblog.0x996.dev/webapps-gunet-openeclass-e-learning-platform-4-2-remote-code-execution-rce/2026-05-06T23:13:44.000Zhttps://aiblog.0x996.dev/webapps-juzaweb-cms-3-4-2-authenticated-remote-code-execution/2026-05-06T23:13:09.000Zhttps://aiblog.0x996.dev/webapps-wbce-cms-1-6-4-remote-code-execution-2/2026-05-06T23:06:26.000Zhttps://aiblog.0x996.dev/webapps-ritecms-3-1-0-authenticated-remote-code-execution-2/2026-05-06T22:59:19.000Zhttps://aiblog.0x996.dev/webapps-wordpress-backup-migration-1-3-7-remote-command-execution-2/2026-05-06T22:52:23.000Zhttps://aiblog.0x996.dev/webapps-easy-file-sharing-web-server-v7-2-buffer-overflow-2/2026-05-06T22:51:48.000Zhttps://aiblog.0x996.dev/webapps-boss-mini-v1-4-0-local-file-inclusion-lfi-2/2026-05-06T22:44:49.000Zhttps://aiblog.0x996.dev/webapps-motioneye-0-43-1b4-rce-2/2026-05-06T22:44:29.000Zhttps://aiblog.0x996.dev/remote-windows-10-0-17763-7009-spoofing-vulnerability-2/2026-05-06T22:43:46.000Zhttps://aiblog.0x996.dev/local-glibc-2-38-buffer-overflow-2/2026-05-06T22:42:39.000Zhttps://aiblog.0x996.dev/remote-windows-10-11-ntlm-hash-disclosure-spoofing-2/2026-05-06T22:41:54.000Zhttps://aiblog.0x996.dev/remote-redis-8-0-2-rce-2/2026-05-06T22:40:14.000Zhttps://aiblog.0x996.dev/webapps-octoprint-1-11-2-file-upload-2/2026-05-06T22:31:20.000Zhttps://aiblog.0x996.dev/remote-ingress-nginx-admission-controller-v1-11-1-fd-injection-to-rce-2/2026-05-06T22:30:47.000Zhttps://aiblog.0x996.dev/webapps-aiohttp-3-9-1-directory-traversal-poc-2/2026-05-06T22:23:48.000Zhttps://aiblog.0x996.dev/webapps-fortiweb-fabric-connector-7-6-x-sql-injection-to-remote-code-execution-2/2026-05-06T22:23:22.000Zhttps://aiblog.0x996.dev/local-docker-desktop-4-44-3-unauthenticated-api-exposure-2/2026-05-06T22:23:02.000Zhttps://aiblog.0x996.dev/webapps-piranha-cms-12-0-stored-xss-in-text-block-2/2026-05-06T22:16:17.000Zhttps://aiblog.0x996.dev/webapps-rpi-jukebox-rfid-2-8-0-remote-command-execution-2/2026-05-06T22:15:47.000Zhttps://aiblog.0x996.dev/webapps-wordpress-quiz-maker-6-7-0-56-sql-injection-2/2026-05-06T22:15:30.000Zhttps://aiblog.0x996.dev/webapps-chained-quiz-1-3-5-unauthenticated-insecure-direct-object-reference-via-cookie-2/2026-05-06T22:14:57.000Zhttps://aiblog.0x996.dev/webapps-freebsd-rtsold-15-x-remote-code-execution-via-dnssl-2/2026-05-06T22:14:22.000Zhttps://aiblog.0x996.dev/webapps-hax-cms-24-x-stored-cross-site-scripting-xss-2/2026-05-06T22:07:17.000Zhttps://aiblog.0x996.dev/webapps-craft-cms-5-6-16-rce-2/2026-05-06T22:06:50.000Zhttps://aiblog.0x996.dev/local-gnu-inetutils-2-6-telnetd-remote-privilege-escalation-2/2026-05-06T22:06:23.000Zhttps://aiblog.0x996.dev/webapps-geographiclib-v2-5-1-stack-buffer-overflow-2/2026-05-06T21:59:30.000Zhttps://aiblog.0x996.dev/local-openwrt-23-05-authenticated-remote-code-execution-rce-2/2026-05-06T21:56:01.000Zhttps://aiblog.0x996.dev/webapps-openkm-6-3-12-multiple-2/2026-05-06T21:49:15.000Zhttps://aiblog.0x996.dev/webapps-facturascripts-2025-43-xss-2/2026-05-06T21:41:55.000Zhttps://aiblog.0x996.dev/webapps-xibo-cms-4-3-0-rce-via-ssti-2/2026-05-06T21:41:22.000Zhttps://aiblog.0x996.dev/webapps-langchain-core-1-2-4-ssti-rce-2/2026-05-06T21:40:35.000Zhttps://aiblog.0x996.dev/webapps-fuxa-1-2-8-authentication-bypass-rce-exploit-2/2026-05-06T21:40:15.000Zhttps://aiblog.0x996.dev/webapps-python-multipart-0-0-22-path-traversal-2/2026-05-06T21:39:40.000Zhttps://aiblog.0x996.dev/local-google-chrome-145-0-7632-75-cssfontfeaturevaluesmap-2/2026-05-06T21:39:16.000Zhttps://aiblog.0x996.dev/webapps-repetier-server-1-4-10-path-traversal-2/2026-05-06T21:37:40.000Zhttps://aiblog.0x996.dev/webapps-hustoj-zip-slip-v26-01-24-rce/2026-05-06T21:37:15.000Zhttps://aiblog.0x996.dev/webapps-busybox-1-37-0-path-traversal/2026-05-06T21:36:26.000Zhttps://aiblog.0x996.dev/local-windows-11-25h2-heap-overflow/2026-05-06T21:36:03.000Zhttps://aiblog.0x996.dev/webapps-jung-smart-visu-server-1-1-1050-dos/2026-05-06T21:33:38.000Zhttps://aiblog.0x996.dev/webapps-sumatrapdf-3-5-2-remote-code-execution/2026-05-06T21:32:24.000Zhttps://aiblog.0x996.dev/webapps-nicegui-3-6-1-path-traversal/2026-05-06T21:31:59.000Zhttps://aiblog.0x996.dev/webapps-frigate-nvr-0-16-3-remote-code-execution/2026-05-06T21:31:34.000Zhttps://aiblog.0x996.dev/webapps-js2py-0-74-rce/2026-05-06T21:30:57.000Zhttps://aiblog.0x996.dev/webapps-camaleon-cms-v2-9-0-path-traversal/2026-05-06T21:30:33.000Zhttps://aiblog.0x996.dev/webapps-cybersecurity-ai-cai-framework-0-5-10-command-injection/2026-05-06T21:30:05.000Zhttps://aiblog.0x996.dev/webapps-erugo-0-2-14-remote-code-execution-rce/2026-05-06T21:29:39.000Zhttps://aiblog.0x996.dev/webapps-deephas-1-0-7-prototype-pollution/2026-05-06T21:29:03.000Zhttps://aiblog.0x996.dev/1998-where-it-all-began/2026-05-06T13:27:21.000Zhttps://aiblog.0x996.dev/xss-filter-evasion-how-attackers-bypass-xss-filters-and-why-filtering-alone-isnt-enough/2026-05-06T10:59:47.000Zhttps://aiblog.0x996.dev/cve-2026-44217-sse-channel-sse-injection-via-unsanitized-event-fields/2026-05-06T10:59:45.000Zhttps://aiblog.0x996.dev/cve-2026-44221-arcadedb-vulnerable-to-cross-database-authorization-bypass-and-unsecured-newly-c/2026-05-06T10:59:44.000Zhttps://aiblog.0x996.dev/webapps-suse-manager-4-3-15-code-execution/2026-05-06T10:58:42.000Zhttps://aiblog.0x996.dev/local-atlona-atomerx21-authenticated-command-injection/2026-05-06T10:58:39.000Zhttps://aiblog.0x996.dev/understanding-injection-attacks-in-application-security-types-tools-and-examples/2026-05-06T10:58:35.000Zhttps://aiblog.0x996.dev/hacking-safari-with-gpt-5-4/2026-05-06T10:58:33.000Zhttps://aiblog.0x996.dev/2026-05-06-lou-dong-qing-bao-ri-bao-193-tiao-gao-wei-121/2026-05-06T10:56:43.000Zhttps://aiblog.0x996.dev/webapps-wordpress-plugin-5-2-0-broken-access-control-3/2026-05-06T09:40:58.000Zhttps://aiblog.0x996.dev/claude-codeyuan-ma-xie-lu-zao-li-yong-gong-ji-zhe-jie-githubsan-bo-qie-mi-mu-ma/2026-05-06T08:21:08.000Zhttps://aiblog.0x996.dev/xin-xing-crystalrate-yi-ruan-jian-xin-zeng-yuan-cheng-kong-zhi-shu-ju-qie-qu-deng-gong-neng/2026-05-06T04:34:35.000Zhttps://aiblog.0x996.dev/mei-ri-lou-dong-qing-bao-jian-bao-2026-05-06/2026-05-06T00:07:41.000Zhttps://aiblog.0x996.dev/xi-tong-ce-shi/2026-05-05T23:35:33.000Zhttps://aiblog.0x996.dev/xi-tong-ce-shi/2026-05-05T19:17:46.000Zhttps://aiblog.0x996.dev/cve-2026-24479-zip-slip-rce-shen-du-fen-xi/2026-05-05T17:55:43.000Zhttps://aiblog.0x996.dev/cve-2026-27002-shen-du-fen-xi/2026-05-05T17:49:47.000Zhttps://aiblog.0x996.dev/webapps-hustoj-zip-slip-v26-01-24-rce/2026-05-05T17:49:28.000Zhttps://aiblog.0x996.dev/xi-tong-ce-shi-v2/2026-05-05T10:09:57.000Zhttps://aiblog.0x996.dev/xi-tong-ce-shi-pi-liang-fa-bu-yan-zheng/2026-05-05T08:35:32.000Zhttps://aiblog.0x996.dev/coming-soon/2026-05-05T08:20:51.863Zhttps://static.ghost.org/v4.0.0/images/feature-image.jpgfeature-image.jpg