[16/01/2026 16:31] Lula crítica fake news e IA depois de segundo vídeo de Nikolas - Estado de Minas

[16/01/2026 17:13] Jovem abandonado em trilha: MP pede reparação de R$ 13 mil - Correio Braziliense

[16/01/2026 13:43] "Já pode chamar este escândalo de Toffolão?" - O Antagonista

[16/01/2026 16:24] Lula não vai participar da assinatura oficial do acordo entre o Mercosul e a União Europeia; entenda - G1

[16/01/2026 19:17] Camilo Santana evita responder ataques de Ciro e diz que só fala com o adversário 'na Justiça' - Diário do Nordeste

[16/01/2026 20:13] Carlos Madeiro: Ciro confirma candidatura sem cravar cargo e anuncia chapa com ex-rival - UOL Notícias

[16/01/2026 16:34] Policiais de Lisboa são acusados de torturar imigrantes e pessoas em situação de rua: 'Bem-vindo a Portugal' - G1

[16/01/2026 12:48] Utilizando o Proteus, Marinha Britânica realiza o primeiro voo de helicóptero não tripulado de sua história - AEROIN

[16/01/2026 03:00] Quem é Ali Khamenei, implacável líder supremo que enfrenta seu maior desafio no Irã - G1

[16/01/2026 10:55] Tensão no Irã: EUA estariam deslocando porta-aviões para o Oriente Médio - CNN Brasil

[CVE-2025-10689] [Modified: 03-10-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was identified in D-Link DIR-645 105B01. This issue affects the function soapcgi_main of the file /soap.cgi. Such manipulation of the argument service leads to command injection. The attack can be launched remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.

[CVE-2025-57293] [Modified: 03-10-2025] [Analyzed] [V3.1 S8.8:HIGH] A command injection vulnerability in COMFAST CF-XR11 (firmware V2.7.2) exists in the multi_pppoe API, processed by the sub_423930 function in /usr/bin/webmgnt. The phy_interface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to /cgi-bin/mbox-config?method=SET&section=multi_pppoe. When the action parameter is set to "one_click_redial", the unsanitized phy_interface is used in a system() call, enabling execution of malicious commands. This can lead to unauthorized access to sensitive files, execution of arbitrary code, or full device compromise.

[CVE-2025-57295] [Modified: 03-10-2025] [Analyzed] [V3.1 S8.0:HIGH] H3C devices running firmware version NX15V100R015 are vulnerable to unauthorized access due to insecure default credentials. The root user account has no password set, and the H3C user account uses the default password "admin," both stored in the /etc/shadow file. Attackers with network access can exploit these credentials to gain unauthorized root-level access to the device via the administrative interface or other network services, potentially leading to privilege escalation, information disclosure, or arbitrary code execution.

[CVE-2025-10035] [Modified: 24-10-2025] [Analyzed] [V3.1 S10.0:CRITICAL] A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

[CVE-2025-59215] [Modified: 25-09-2025] [Analyzed] [V3.1 S7.0:HIGH] Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

[CVE-2025-59216] [Modified: 25-09-2025] [Analyzed] [V3.1 S7.0:HIGH] Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

[CVE-2025-59220] [Modified: 25-09-2025] [Analyzed] [V3.1 S7.0:HIGH] Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

[CVE-2025-30755] [Modified: 22-09-2025] [Analyzed] [V3.1 S6.1:MEDIUM] OpenGrok 1.14.1 has a reflected Cross-Site Scripting (XSS) issue when producing the cross reference page. This happens through improper handling of the revision parameter. The application reflects unsanitized user input into the HTML output.

[CVE-2025-59712] [Modified: 23-09-2025] [Analyzed] [V3.1 S6.4:MEDIUM] Snipe-IT before 8.1.18 allows XSS.

[CVE-2025-59713] [Modified: 23-09-2025] [Analyzed] [V3.1 S6.8:MEDIUM] Snipe-IT before 8.1.18 allows unsafe deserialization.

[CVE-2025-59714] [Modified: 08-10-2025] [Analyzed] [V3.1 S6.5:MEDIUM] In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs.

[CVE-2025-59715] [Modified: 23-09-2025] [Analyzed] [V3.1 S4.8:MEDIUM] SMSEagle before 6.11 allows reflected XSS via a username or contact phone number.

[CVE-2025-59717] [Modified: 08-10-2025] [Analyzed] [V3.1 S5.4:MEDIUM] In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array).

[CVE-2025-10456] [Modified: 29-10-2025] [Analyzed] [V3.1 S7.1:HIGH] A vulnerability was identified in the handling of Bluetooth Low Energy (BLE) fixed channels (such as SMP or ATT). Specifically, an attacker could exploit a flaw that causes the BLE target (i.e., the device under attack) to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth specification. This leads to undefined behavior, including potential assertion failures, crashes, or memory corruption, depending on the BLE stack implementation.

[CVE-2025-10457] [Modified: 29-10-2025] [Analyzed] [V3.1 S4.3:MEDIUM] The function responsible for handling BLE connection responses does not verify whether a response is expected—that is, whether the device has initiated a connection request. Instead, it relies solely on identifier matching.

[CVE-2025-10458] [Modified: 29-10-2025] [Analyzed] [V3.1 S7.6:HIGH] Parameters are not validated or sanitized, and are later used in various internal operations.

[CVE-2025-7403] [Modified: 29-10-2025] [Analyzed] [V3.1 S7.6:HIGH] Unsafe handling in bt_conn_tx_processor causes a use-after-free, resulting in a write-before-zero. The written 4 bytes are attacker-controlled, enabling precise memory corruption.

[CVE-2025-9905] [Modified: 23-09-2025] [Analyzed] [V3.1 S7.3:HIGH] The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special .h5 archive file that uses the Lambda layer feature of keras which allows arbitrary Python code in the form of pickled code. The vulnerability comes from the fact that the safe_mode=True option is not honored when reading .h5 archives. Note that the .h5/.hdf5 format is a legacy format supported by Keras 3 for backwards compatibility.

[CVE-2025-9906] [Modified: 23-09-2025] [Analyzed] [V3.1 S7.3:HIGH] The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .keras model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special config.json (a file within the .keras archive) that will invoke keras.config.enable_unsafe_deserialization() to disable safe mode. Once safe mode is disable, one can use the Lambda layer feature of keras, which allows arbitrary Python code in the form of pickled code. Both can appear in the same archive. Simply the keras.config.enable_unsafe_deserialization() needs to appear first in the archive and the Lambda with arbitrary code needs to be second.

[CVE-2025-10707] [Modified: 31-12-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A weakness has been identified in JeecgBoot up to 3.8.2. Affected is an unknown function of the file /message/sysMessageTemplate/sendMsg. Executing manipulation can lead to improper authorization. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.