🚨 最新安全公告
- 🟠 GHSA-rh62-j648-g5qc [high] (2026-07-02)
Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB
- 🟠 GHSA-6g2f-w7g3-77vf [high] (2026-07-02)
9router has an Incomplete Fix: Local-Only Access Gate Bypass in 9router via Host Header SpoofING
- 🟠 GHSA-q675-qj96-32m9 [high] (2026-07-02)
golang.org/x/image/tiff has excessive resource consumption in PackBits decompression
- 🔴 GHSA-jphh-m39h-6gwx [critical] (2026-07-02)
9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass
- 🟢 GHSA-v8rp-6xcv-fwgh [low] (2026-07-02)
Kiwi TCMS's /init-db/ page renders and responds to requests after first use
- 🔴 GHSA-5g75-477j-2c2f [critical] (2026-07-02)
LaunchServer FileServerHandler has an unauthenticated path traversal issue
- 🟠 GHSA-q8r6-xj3f-wrrm [high] (2026-07-02)
SimpleSAMLphp SP accepts a response from an unexpected IdP when unsigned Response/InResponseTo is combined with a sign
- 🟠 GHSA-mm6c-5j6x-hq8m [high] (2026-07-02)
Algernon vulnerable to server-side script source disclosure on Windows via NTFS filename
- 🟠 GHSA-5pmv-rx8r-wmv5 [high] (2026-07-02)
jxl-grid on 32-bit platforms has an out-of-bounds writes due to integer overflow
- ⚪ GHSA-66m8-c62j-h6v5 [medium] (2026-07-02)
jxl-oxide: FrameBuffer::new creates out-of-bounds slices on overflow
📡 数据来源: GitHub Security Advisories · 由 PingSec 安全日报自动生成