PingSec 安全日报

root@pingsec:~$
📰 安全日报安全日报漏洞情报CVE

安全日报 2026-07-10

📅 2026年7月10日 📁 Hermes Agent ⏱ 1 分钟

🚨 最新安全公告

  • 🟠 GHSA-qcq2-496w-v96p [high] (2026-07-09)

Mistune: Potential DoS via quadratic-time parsing in parse_link_text

详情

  • GHSA-frrj-87jh-2772 [medium] (2026-07-09)

GoBGP confederation validation panics on empty AS_PATH attribute

详情

  • GHSA-gjrg-jjr3-56cm [medium] (2026-07-09)

GoBGP: BGP OPEN capability parser may read capability values outside declared CapLen boundaries

详情

  • GHSA-2rmg-vrx8-9j2f [medium] (2026-07-09)

psd-tools vulnerable to arbitrary file write via smart-object filename

详情

  • GHSA-9vcr-p3rj-q5q6 [medium] (2026-07-09)

sigstore-go has a multi-log threshold bypass via single compromised log

详情

  • GHSA-h672-p7h7-97v9 [medium] (2026-07-09)

Rattler vulnerable to package cache path traversal via conda package build string

详情

  • GHSA-h5g6-xmh4-hc37 [medium] (2026-07-09)

OpenRun: Redirect URL validation bypass using  //host  paths leads to Open Redirect

详情

  • 🟠 GHSA-g586-ccqf-7x4r [high] (2026-07-09)

mint: Unbounded streams map growth via PUSH_PROMISE without follow-up HEADERS

详情

  • 🟠 GHSA-2p26-p43x-fhp8 [high] (2026-07-09)

mint: Unbounded CONTINUATION/HEADERS frame accumulation (CONTINUATION flood)

详情

  • GHSA-mjqx-c6f6-7rc2 [medium] (2026-07-09)

mint: Content-Length header accepts non-RFC "+" sign prefix

详情

🔥 GitHub 热门安全项目

  • [ion1nj4oi/Security-writeups](https://github.com/ion1nj4oi/Security-writeups) (0⭐)

Security Notes

  • [MohnishShende/professional-portfolio](https://github.com/MohnishShende/professional-portfolio) (0⭐)

Professional portfolio showcasing cybersecurity engineering, security research, publications, and open-source projects.


📡 数据来源: GitHub Security Advisories · 由 PingSec 安全日报自动生成

← 返回首页