SecLens 情报中心

威胁情报

针对攻击活动、样本与IOC的持续情报更新。

Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability

发布时间 2026-06-03 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

Mirasvit | Mirasvit Full Page Cache Warmer | https://mirasvit.com/package/changelog/?package=mirasvit/module-cache-warmer ; https://nvd.nist.gov/vuln/detail/CVE-2026-45247
扩展字段
```
{
  "cve_id": "CVE-2026-45247",
  "due_date": "2026-06-06T00:00:00+00:00",
  "known_ransomware_campaign_use": "Unknown",
  "product": "Mirasvit Full Page Cache Warmer",
  "raw_date_added": "2026-06-03",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "Mirasvit"
}
```
CISA KEV Catalog catalog:kev ransomware:unknown source:cisa type:vulnerability known-exploited vulnerability
Android Framework Integer Overflow Vulnerability

发布时间 2026-06-02 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

Android | Framework | https://source.android.com/docs/security/bulletin/2026/2026-06-01 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48595
扩展字段
```
{
  "cve_id": "CVE-2025-48595",
  "due_date": "2026-06-05T00:00:00+00:00",
  "known_ransomware_campaign_use": "Unknown",
  "product": "Framework",
  "raw_date_added": "2026-06-02",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "Android"
}
```
CISA KEV Catalog catalog:kev ransomware:unknown source:cisa type:vulnerability known-exploited vulnerability
Linux Kernel Improper Authentication Vulnerability

发布时间 2026-06-02 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

Linux | Kernel | This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02…
扩展字段
```
{
  "cve_id": "CVE-2022-0492",
  "due_date": "2026-06-05T00:00:00+00:00",
  "known_ransomware_campaign_use": "Unknown",
  "product": "Kernel",
  "raw_date_added": "2026-06-02",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "Linux"
}
```
CISA KEV Catalog catalog:kev ransomware:unknown source:cisa type:vulnerability known-exploited vulnerability
Oracle WebLogic Server Unspecified Vulnerability

发布时间 2026-06-01 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

Oracle | WebLogic Server | https://www.oracle.com/security-alerts/cpujul2024.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-21182
扩展字段
```
{
  "cve_id": "CVE-2024-21182",
  "due_date": "2026-06-04T00:00:00+00:00",
  "known_ransomware_campaign_use": "Unknown",
  "product": "WebLogic Server",
  "raw_date_added": "2026-06-01",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "Oracle"
}
```
CISA KEV Catalog catalog:kev ransomware:unknown source:cisa type:vulnerability known-exploited vulnerability
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

发布时间 2026-05-29 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

Palo Alto Networks | PAN-OS | https://security.paloaltonetworks.com/CVE-2026-0257 ; https://nvd.nist.gov/vuln/detail/CVE-2026-0257
扩展字段
```
{
  "cve_id": "CVE-2026-0257",
  "due_date": "2026-06-01T00:00:00+00:00",
  "known_ransomware_campaign_use": "Unknown",
  "product": "PAN-OS",
  "raw_date_added": "2026-05-29",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "Palo Alto Networks"
}
```
CISA KEV Catalog catalog:kev ransomware:unknown source:cisa type:vulnerability known-exploited vulnerability
Daemon Tools Lite Embedded Malicious Code Vulnerability

发布时间 2026-05-27 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

Daemon | Daemon Tools Lite | https://blog.daemon-tools.cc/post/security-incident ; https://nvd.nist.gov/vuln/detail/CVE-2026-8398
扩展字段
```
{
  "cve_id": "CVE-2026-8398",
  "due_date": "2026-05-30T00:00:00+00:00",
  "known_ransomware_campaign_use": "Unknown",
  "product": "Daemon Tools Lite",
  "raw_date_added": "2026-05-27",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "Daemon"
}
```
CISA KEV Catalog catalog:kev ransomware:unknown source:cisa type:vulnerability known-exploited vulnerability
TanStack Unspecified Vulnerability

发布时间 2026-05-27 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

TanStack | TanStack | This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx ; https://nvd.nist.gov/vuln/detail/CVE-2026-45321
扩展字段
```
{
  "cve_id": "CVE-2026-45321",
  "due_date": "2026-06-10T00:00:00+00:00",
  "known_ransomware_campaign_use": "Known",
  "product": "TanStack",
  "raw_date_added": "2026-05-27",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "TanStack"
}
```
CISA KEV Catalog catalog:kev ransomware:known source:cisa type:vulnerability known-exploited vulnerability
Nx Console Embedded Malicious Code Vulnerability

发布时间 2026-05-27 08:00 (UTC+08:00) 抓取时间 2026-06-04 11:05 (UTC+08:00)

Nx | Nx Console | This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w ; https://nvd.nist.gov/vuln/detail/CVE-2026-48027
扩展字段
```
{
  "cve_id": "CVE-2026-48027",
  "due_date": "2026-06-10T00:00:00+00:00",
  "known_ransomware_campaign_use": "Known",
  "product": "Nx Console",
  "raw_date_added": "2026-05-27",
  "required_action": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "vendor_project": "Nx"
}
```
CISA KEV Catalog catalog:kev ransomware:known source:cisa type:vulnerability known-exploited vulnerability

全部来源 Cloudflare 博客腾讯云安全公告 Adobe 安全公告阿里云 AVD Ubuntu 安全通告启明星辰安全通告 Amazon Linux AL2 公告 Amazon Linux AL2023 公告 AWS 安全公告 MSRC 更新指南 Oracle 安全警报 Apple 安全更新 Chrome 稳定版更新 Red Hat 安全公告 Atlassian 安全公告 NVIDIA 安全公告华为安全公告联想安全公告阿里云 Linux 安全公告阿里云 Linux CVE 通知阿里云安全公告 Amazon Linux 1 (EOL)安全公告 Amazon Linux 安全公告长亭漏洞库 Seebug 漏洞库 CISA KEV Catalog 微步银狐情报微步银狐 IOC Ransomware.live 近期受害者工信部 CNVDB CNNVD 通报 CNNVD 漏洞库 CNVD 漏洞库 FreeBuf 社区 TC260 标准征求意见 Seebug 技术 Paper GitHub Advisory HackerOne 博客 Exploit-DB 安天每日安全简讯 LinuxSecurity Hybrid VulDB 地方采购（CCGP）中央采购（CCGP） The Hacker News 嘶吼安全资讯 Doonsec 微信聚合 arXiv cs.CR VIPRead 信息安全知识库 RSA Conference Podcast 会议与培训融资快讯并购整合情报快报事件通报工具更新产品发布

威胁情报

订阅来源 RSS