momo安全漏洞库

多模块数据检索平台

登录 注册
Intelligence Digest

威胁情报

统一威胁情报视图,聚合漏洞监控、网安开源项目与官方源情报

共聚合 4743 条情报 漏洞监控 2962 / 网安开源项目 1546 / 威胁情报 235

漏洞监控

来自 GitHub Issues、仓库检索和关键词命中的 CVE / RCE / POC 动态。

2962总量

网安开源项目

优先展示中文安全团队维护的开源项目,兼顾工具落地场景和最近更新时间。

1546总量

威胁情报

来自 360、奇安信、斗象等官方站点的公开情报聚合。

235总量
Chromium: CVE-2026-6364 Out of bounds read in Skia
Microsoft MSRC CVE-2026-6364 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
Kqboy/RoboCup3D
GitHub 开源项目 Kqboy/RoboCup3D 更新 2026-03-29 入库 2026-04-02 08:10
FC Portugal主体基于Python的RoboCup3D仿真的机器人源码在优化算法和攻防策略后的HUFUT-Engine | language: Python | stars: 0 | forks: 0 | updated 2026-03-29T14:01:43Z | pushed 2026-03-29T14:01:40Z
每周高级威胁情报解读(2026.02.27~03.05)
奇安信威胁情报中心 中危 发布时间 2026-03-06 入库 2026-03-15 01:30
SloppyLemming 组织针对巴基斯坦和孟加拉国发起大规模网络间谍活动;Dust Specter APT攻击伊拉克政府官员深入分析; Hydra Saiga 组织攻击活动;Contagious Interview 利用 GitHub 上 VSCode 的自动化功能
Chromium: CVE-2026-6363 Type Confusion in V8
Microsoft MSRC CVE-2026-6363 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
wfcjlh/WebSec-Study
GitHub 开源项目 wfcjlh/WebSec-Study 更新 2026-03-29 入库 2026-04-03 01:22
Web安全学习|漏洞挖掘实战|渗透笔记与工具整理 | stars: 0 | forks: 0 | updated 2026-03-29T13:24:34Z | pushed 2026-03-29T13:24:31Z
A Vulnerability in pac4j-jwt (JwtAuthenticator) Could Allow for Authentication Bypass
CIS Advisories 信息 发布时间 2026-03-05 入库 2026-03-15 01:30
<p>A vulnerability has been discovered in pac4j-jwt (JwtAuthenticator) which could allow for authentication bypass. pac4j-jwt is a Java module within the pac4j security framework designed for generating, validating, and ...
Chromium: CVE-2026-6362 Use after free in Codecs
Microsoft MSRC CVE-2026-6362 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
warterbili/pentest_lsd
GitHub 开源项目 warterbili/pentest_lsd 更新 2026-03-29 入库 2026-04-03 01:22
无意间促成第一次的渗透测试,加油 | language: Python | stars: 1 | forks: 0 | updated 2026-03-29T11:46:00Z | pushed 2026-03-25T18:11:15Z
Multiple Vulnerabilities in Cisco Products Could Allow for Remote Code Execution
CIS Advisories 信息 发布时间 2026-03-05 入库 2026-03-15 01:30
<p>Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. </p><p><br></p><ul><li>Cisco Secure Firewall Management Center (FMC) is a centralized ma...
Chromium: CVE-2026-6361 Heap buffer overflow in PDFium
Microsoft MSRC CVE-2026-6361 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
hanc00l/nemo-agent
GitHub 开源项目 hanc00l/nemo-agent 更新 2026-03-29 入库 2026-04-03 01:22
基于 Claude Code 的自动化渗透测试 Agent,目标是达到中高级网络安全专家水平。 | language: Python | stars: 3 | forks: 0 | updated 2026-03-29T11:36:38Z | pushed 2026-04-05T12:37:05Z
“AI助手的背叛”|利用大模型会话分享的SEO投毒攻击分析报告
腾讯安全威胁情报中心 中危 发布时间 2026-03-04 入库 2026-03-15 01:30
新型攻击利用大模型会话分享+SEO投毒,借官方域名信任诱导执行恶意代码,精准窃取MacOS用户凭证及加密资产。警惕"AI指南"中的隐形陷阱!
Chromium: CVE-2026-6360 Use after free in FileSystem
Microsoft MSRC CVE-2026-6360 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
Th3-SAIl/MapAPI-Leak-Debugger
GitHub 开源项目 Th3-SAIl/MapAPI-Leak-Debugger 更新 2026-03-29 入库 2026-04-03 01:22
MapAPI Leak Debugger 是一款专为渗透测试工程师以及企业安全研发打造的地图MAPAPIKEY泄露滥用的 Burp Suite 深度集成插件。它实现了从 被动流量特征提取 到 一键跨平台滥用深度探测 的完整安全测试闭环,并全面采用了 Burp 原生 HTTP 引擎进行底层驱动与报文渲染。 | language: Java | stars: 2 | forks: 0 | updated 2026-03-29T11:00:5...
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
CIS Advisories 中危 发布时间 2026-03-03 入库 2026-03-15 01:30
<p>Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but...
Chromium: CVE-2026-6318 Use after free in Codecs
Microsoft MSRC CVE-2026-6318 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
PLANETDUST/NewsLab
GitHub 开源项目 PLANETDUST/NewsLab 更新 2026-03-29 入库 2026-04-02 08:10
一个用于 Web 安全练习的 PHP 新闻资讯靶场项目。这不是一个面向生产环境的“正规管理系统”,而是一个用新闻资讯业务外壳包装出来的Web 漏洞练习项目 / 靶场项目。 它的重点不是业务有多规范,而是: - 入口足够典型:登录、注册、找回密码、新闻发布、评论、文件上传、后台页面 - 链路足够完整:前端页面、PHP 接口、MySQL、Cookie、Session、上传目录都在 - 代码足够直白:适合拿来做代码审计、漏洞复现、课堂演示和本...
腾讯云安全威胁情报SKill安全守护计划发布
腾讯安全威胁情报中心 信息 发布时间 2026-03-03 入库 2026-03-15 01:30
AI Agent时代,Skill供应链安全成新战场。科恩实验室首创大模型+沙箱双引擎研判,构建全生命周期威胁闭环,守护智能体生态安全基石。
Chromium: CVE-2026-6359 Use after free in Video
Microsoft MSRC CVE-2026-6359 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
JXJZJWHCM/WuRen
GitHub 开源项目 JXJZJWHCM/WuRen 更新 2026-03-29 入库 2026-04-03 01:22
玄坤信安科技有限公司开发的雾刃-AI自动化渗透测试平台(商业正式版) | stars: 3 | forks: 1 | updated 2026-04-24T12:02:08Z | pushed 2026-04-24T12:02:04Z
每日安全动态推送(26/3/3)
腾讯玄武实验室 信息 发布时间 2026-03-03 入库 2026-03-15 02:04
主流汽车品牌的胎压系统可实现静默车辆追踪;突破安卓沙箱机制的固件级后门;OpenClaw ClawJacked 漏洞导致 AI 代理被网站劫持
Chromium: CVE-2026-6317 Use after free in Cast
Microsoft MSRC CVE-2026-6317 发布时间 2026-04-17 入库 2026-04-17 23:56
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for mo...
kk12-30/AI-Vanguard
GitHub 开源项目 kk12-30/AI-Vanguard 更新 2026-03-28 入库 2026-04-03 01:22
Vanguard(先锋者)— AI自动化渗透工具 | stars: 39 | forks: 5 | updated 2026-03-28T10:31:21Z | pushed 2026-03-28T10:31:18Z
Claude “发现”,MonkeyScan “闭环”:AI 代码漏洞挖掘落地才是真能力
长亭科技 信息 发布时间 2026-02-28 入库 2026-03-15 02:04
强势围观!
daptheHuman/cve-2026-40176-cve-2026-40261
GitHub Repos/search daptheHuman/cve-2026-40176-cve-2026-40261 发布时间 2026-04-17 入库 2026-04-17 13:50
Zer08Bytes/hoststrike
GitHub 开源项目 Zer08Bytes/hoststrike 更新 2026-03-27 入库 2026-04-11 05:25
Host碰撞红队实战工具 | stars: 0 | forks: 0 | updated 2026-03-27T08:28:58Z | pushed 2026-03-27T08:28:55Z
每日安全动态推送(26/2/27)
腾讯玄武实验室 信息 发布时间 2026-02-27 入库 2026-03-15 02:04
SuperClaw:面向自主AI编码代理的安全红队开源框架;Cline CLI 供应链攻击事件;Windows 记事本恶意命令执行漏洞
0xgh057r3c0n/CVE-2026-0740
GitHub Repos/search 0xgh057r3c0n/CVE-2026-0740 发布时间 2026-04-17 入库 2026-04-17 11:36
Ninja Forms File Uploads <= 3.3.26 - Unauthenticated Arbitrary File Upload | language: Python
hzhsec/ProxyGlobal-Master
GitHub 开源项目 hzhsec/ProxyGlobal-Master 更新 2026-03-27 入库 2026-04-03 01:22
GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。 | language: HTML | stars: 4 | forks: 0 | updated 2026-03-27T07:58:53Z | pushed 2026-03-27T07:58:49Z
每周高级威胁情报解读(2026.02.13~02.26)
奇安信威胁情报中心 信息 发布时间 2026-02-27 入库 2026-03-15 01:30
Muddled Libra组织在受害者网络中创建虚拟机建立据点;MuddyWater APT 攻击中东事件大事记;Lazarus Group 正在与 Medusa 勒索软件合作;MuddyWater APT 发起新型网络攻击行动