LinuxÆØÐ¸ßΣÄÚºËÌáȨ·ì϶¡°Fragnasia¡±

°ä²¼¹¦·ò 2026-05-15

1.LinuxÆØÐ¸ßΣÄÚºËÌáȨ·ì϶¡°Fragnasia¡±


5ÔÂ14ÈÕ £¬Linux¿¯ÐаæÔÚ´¹Î£ÍƳö²¹¶¡ £¬ÒÔ½¨¸´Ò»¸öÃûΪ¡°Fragnasia¡±µÄиßΣÄÚºËȨÏÞÌáÉý·ì϶ £¬±àºÅΪCVE-2026-46300¡£¸Ã·ì϶ԴÓÚLinux XFRM ESP-in-TCP×ÓϵͳÖеÄÒ»¸öÂß¼­ÃýÎó £¬¿Éʹ·ÇÌØÈ¨±¾µØ¹¥»÷Õßͨ¹ýÏòÖ»¶ÁÎļþµÄÄÚºËÒ³Ãæ»º´æÐ´ÈëËÁÒâ×Ö½Ú £¬´Ó¶ø»ñµÃrootȨÏÞ £¬²¢ÒÔ×î¸ßȨÏÞÔËÐжñÒâ´úÂë¡£·ì϶ÓÉZellic°²È«Ö÷¹ÜWilliam Bowling·¢ÏÖ £¬Ëû»¹°ä²¼ÁËÒ»¿î¸ÅÏëÑéÖ¤ÀûÓ÷¨Ê½ £¬¸Ã·¨Ê½ÀûÓÃÄÚºËÖеÄÄÚ´æÐ´ÈëÔ­Óï·ÛËé/usr/bin/su¶þ½øÔìÎļþµÄÒ³Ãæ»º´æ £¬½ø¶ø»ñȡӵÓÐrootȨÏÞµÄshell¡£BowlingÖ¸³ö £¬FragnasiaÊôÓÚÉÏÖÜÅû¶µÄDirty Frag·ì϶Àà±ð £¬Ó°Ïì2026Äê5ÔÂ13ÈÕ֮ǰ°ä²¼µÄËùÓÐLinuxÄںˡ£ÓëÒÀÀµÁ½¸ö¶ÀÁ¢ÄÚºËȱµã£¨CVE-2026-43284ºÍCVE-2026-43500£©µÄDirty Frag·ÖÆç £¬FragnasiaÊÇÒ»¸ö¶ÀÁ¢µÄ·ì϶ £¬²»±ØÒªÈκξºÕùǰÌá¼´¿ÉʵÏÖ¶ÔÖ»¶ÁÎļþÒ³Ãæ»º´æµÄËÁÒâ×Ö½ÚдÈë¡£Á½ÕߵĻº½â´ëʩһÑù¡£½¨ÒéLinuxÓû§¾¡¿ìÀûÓÃÄں˸üС£¶ÔÓÚÎÞ·¨Á¢¼´½¨²¹µÄÉ豸 £¬¿Éͨ¹ýɾ³ýÒ×Êܹ¥»÷µÄÄÚºËÄ £¿é½øÐÐһʱ»º½â £¬µ«´Ë¾Ù»á·ÛËéAFSÉ¢²¼Ê½ÍøÂçÎļþϵͳºÍIPsec VPNÖ°ÄÜ¡£


https://www.bleepingcomputer.com/news/security/new-fragnesia-linux-flaw-lets-attackers-gain-root-privileges/


2. ºÚ¿ÍÍþвй¶Mistral AIÔ´´úÂë £¬Ë÷Òª2.5ÍòÃÀÔª


5ÔÂ14ÈÕ £¬½üÆÚ £¬ÃûΪTeamPCPµÄºÚ¿Í×éÖ¯Ðû³Æ³É¹¦ÈëÇÖÁË·¨¹úÈËΪÖÇÄܹ«Ë¾Mistral AIµÄ´úÂë¿âÖÎÀíϵͳ £¬²¢ÇÔÈ¡Á˽ü450¸ö´æ´¢¿â¡¢×ܼÆÔ¼5GBµÄÄÚ²¿Ô´´úÂë¼°ÓйØÊý¾Ý¡£¸Ã×éÖ¯ÔÚºÚ¿ÍÂÛ̳ÉϹ«¿ª½ÐÂôÕâЩÊý¾Ý £¬É趨ÁË2.5ÍòÃÀÔªµÄ¡°Á¢¼´²É°ì¼Û¡± £¬²¢Íþв³Æ £¬ÈôÊÇÒ»ÖÜÄÚÕÒ²»µ½Âò¼Ò £¬½«°ÑÈ«ÊýÎļþÃâ·Ñй¶µ½ÂÛ̳ÉÏ¡£Í¬Ê± £¬TeamPCP°µÊ¾Ô¸Òâ½»Éæ £¬Ç±ÔÚÂò¼ÒÄܹ»Ìá½»×ÔÒÔΪºÏÀíµÄ±¨¼Û £¬ÇÒÊý¾Ý½öÊÛÓèÒ»ÈË¡£Mistral AIÓÉǰ¹È¸èDeepMindºÍMeta×êÑÐÈËÔ±µÞÔì £¬×¨Ò»ÓÚ¿ªÔ´¼°×¨ÓеÄÊ¢¿ªÈ¨³Á´óÐÍ˵»°Ä£ÐÍ¡£¸Ã¹«Ë¾Ö¤Êµ £¬Õâ´ÎÊÂÎñÔ´ÓÚһ·ÃûΪ¡°Mini Shai-Hulud¡±µÄÈí¼þ¹©¸øÁ´¹¥»÷¡£¹¥»÷Õßͨ¹ýÇÔÈ¡CI/CDƾ֤ºÍºÏ·¨¹¤×÷Á÷³Ì £¬Ê×ÏÈÈëÇÖÁËTanStackºÍMistral AIµÄ¹Ù·½Èí¼þ°ü £¬Ëæºó½«Ó°ÏìÀ©É¢ÖÁnpmºÍPyPI×¢²á±íÉϵÄÊý°Ù¸öÆäËûÏîÄ¿ £¬Ô̺¬UiPath¡¢Guardrails AIºÍOpenSearchµÈ¡£Mistral AIÈÏ¿É £¬ºÚ¿ÍµÄÈ·¶ÌÔÝ´«È¾ÁËÆä²¿ÃÅSDKÈí¼þ°ü £¬µ«Ç¿µ÷·¨Ö¤µ÷²éÅú×¢ £¬ÊÜÓ°ÏìµÄÊý¾Ý²»ÊôÓÚÖ÷Ìâ´úÂë¿â £¬¹«Ë¾µÄÍйܷþÎñ¡¢ÖÎÀíÓû§Êý¾ÝÒÔ¼°ÈκÎ×êÑкͲâÊÔ»·¾³¾ùδÊܵ½ÇÖº¦¡£


https://www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/


3. WordPress²å¼þ·ì϶ÖÂ20ÍòÍøÕ¾Ãæ¶ÔÖÎÀíÔ±½Ù³Ö·çÏÕ


5ÔÂ14ÈÕ £¬½üÈÕ £¬Ò»¿îÃûΪBurst StatisticsµÄWordPress·ÖÎö²å¼þ±»ÆØ´æÔÚÑϳÁÉí·ÝÑéÖ¤ÈÆ¹ý·ì϶ £¬¹¥»÷Õ߿ɽè´ËÎÞÐèÃÜÂë¼´¿É»ñÈ¡ÍøÕ¾µÄÖÎÀíÔ±¼¶±ð½Ó¼ûȨÏÞ¡£¸Ã²å¼þÖ÷´òÒþÖÔ±£»¤ £¬×÷ΪGoogle AnalyticsµÄÇáÁ¿¼¶´úÌæÆ· £¬ÒÑÔÚ³¬¹ý20Íò¸öWordPressÍøÕ¾Éϲ¿Êð¡£·ì϶±àºÅΪCVE-2026-8181 £¬ÓÚ2026Äê4ÔÂ23ÈÕËæ²å¼þ3.4.0°æ±¾ÒýÈë £¬²¢ÔÚºóÐøµÄ3.4.1°æ±¾ÖÐÒÀÈ»´æÔÚ¡£¾Ý°²È«¹«Ë¾WordfenceÅû¶ £¬¸Ã·ì϶ÓÚ5ÔÂ8ÈÕ±»·¢ÏÖ £¬ÆäÖ÷ÌâÎÊÌâÔÚÓÚ²å¼þÃýÎ󵨴¦ÖÃÁË¡°wp_authenticate_application_password()¡±º¯ÊýµÄ·µ»ØÖµ £¬½«¡°WP_Error¡±¶ÔÏóÎóÅÐΪÉí·ÝÑéÖ¤³É¹¦ £¬Í¬Ê±ÔÚÌØ¶¨Ç°Ìá϶Էµ»Ø¡°null¡±µÄÇé¿öҲδÄÜÕýÈ·»Ø¾ø £¬´Ó¶øÔÊÐíδ¾­Éí·ÝÑéÖ¤µÄ¹¥»÷ÕßÔÚREST APIÒªÇóÆÚ¼ä¼ÙÒâÒÑÖªÖÎÀíÔ±Óû§¡£WordfenceÖÒ¸æ³Æ £¬¸Ã·ì϶Ԥ¼Æ½«³ÉΪ¹¥»÷ÕߵijÁµãÖ¸±ê £¬Æä¼ì²âϵͳÔÚ´Óǰ24Ó×ʱÄÚÒÑÀ¹½Ø³¬¹ý7400´ÎÕë¶Ô¸Ã·ì϶µÄ¹¥»÷ £¬Åú×¢¶ñÒâ»î¶¯ÒÑ´ó¹æÄ£·¢Õ¹¡£¶Ô´Ë £¬Burst StatisticsÒÑÓÚ2026Äê5ÔÂ12ÈÕ°ä²¼½¨¸´°æ±¾3.4.2 £¬Ç¿ÁÒ½¨ÒéÓû§Á¢¼´Éý¼¶»òÁÙʱ½ûÓøòå¼þ¡£


https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/


4. ³õʼ½Ó¼û´úÀíKongTukeתսTeams


5ÔÂ14ÈÕ £¬³õʼ½Ó¼û´úÀí£¨Initial Access Broker £¬IAB£©KongTuke½üÆÚŤתÁ˹¥»÷Õ½Êõ £¬½«Éç½»¹¤³Ì¹¥»÷µÄÖ÷Õ½³¡×ªÒÆÖÁMicrosoft Teams £¬Ðû³ÆÖ»ÐèÎå·ÖÖÓ¼´¿É»ñµÃ¶ÔÆóÒµÍøÂçµÄÓÆ¾Ã½Ó¼ûȨÏÞ¡£¸Ã×é֯ͨ³£½«ÈëÇÖËùµÃµÄ¹«Ë¾ÍøÂç½Ó¼ûȨÏúÊÛ¸øÀÕË÷Èí¼þÔËÓªÉÌ £¬ºóÕßËæºó²¿ÊðÎļþÇÔÈ¡ºÍÊý¾Ý¼ÓÃܶñÒâÈí¼þ¡£¾ÝReliaQuest×êÑÐÈËÔ±¹Û²ì £¬ÕâÊÇKongTuke³õ´ÎʹÓúÏ×÷ƽ̨½øÐгõʼ½Ó¼û £¬´Ëǰ¸Ã×éÖ¯½öÒÀÀµ»ùÓÚÍøÒ³µÄ¡°FileFix¡±ºÍ¡°CrashFix¡±µö¶ü¡£Õâ´ÎTeams»î¶¯ÊǶÔÔ­Óв½ÖèµÄ²¹³ä¶ø·Ç´úÌæ £¬ÇÒÖÁÉÙ´Ó2026Äê4ÔÂÆð±ãÒÑ»îÔ¾¡£KongTukeÂÖÁ÷ʹÓÃÎå¸öMicrosoft 365×â»§ÒÔ¶ã±Ü¹Ø±Õ £¬²¢ÀûÓÃUnicode¿Õ¸ñ¼¼ÇÉαÔìÏÔʾÃû³Æ £¬Ê¹¼Ù×°¸üÏÔ¿ÉÐÅ¡£¹¥»÷¹ý³ÌÖÐ £¬¶ñÒâPowerShellºÅÁî´ÓDropboxÏÂÔØÔ̺¬¿ÉÒÆÖ²WinPython»·¾³µÄZIP´æµµ £¬½ø¶øÆô¶¯ModeloRAT¡£¸Ã¶ñÒâÈí¼þ¾ß±¸ÏµÍ³ÐÅÏ¢ÍøÂç¡¢ÆÁÄ»½ØÍ¼²¶»ñ¼°ÎļþÇÔȡְÄÜ¡£ÖµµÃ¹Ø×¢µÄÊÇ £¬±¾´ÎʹÓõÄModeloRAT°æ±¾Ïà½ÏÒÔÍùÓÐÏÔÖø¸Ä½ø£ºÑ¡È¡¸ü¾ßµ¯ÐԵĺÅÁîÓë½ÚÔ죨C2£©¼Ü¹¹¡¢ÄÚÖöàÌõ¶ÀÁ¢½Ó¼ûõè¾¶¡¢À©´óÁËÓÆ¾ÃÐÔ»úÔì¡£


https://www.bleepingcomputer.com/news/security/kongtuke-hackers-now-use-microsoft-teams-for-corporate-breaches/


5. NGINXÆØ18Äê¸ßΣ·ì϶ £¬¿ÉÖ»ؾø·þÎñÓëÔ¶³Ì´úÂëÖ´ÐÐ


5ÔÂ14ÈÕ £¬×ÔÖ÷ɨÃèϵͳ·¢ÏÖ £¬¿í·ºÊ¹ÓõÄNGINX¿ªÔ´ÍøÂç·þÎñÆ÷ÖдæÔÚÒ»¸ö´æÔÚÔ¼18ÄêµÄ¸ßΣ·ì϶ £¬×·×Ù±àºÅΪCVE-2026-42945 £¬CVSSÆÀ·Ö¸ß´ï9.2¡£¸Ã·ì϶λÓÚngx_http_rewrite_moduleÄ £¿éÖÐ £¬ÊôÓÚ¶Ñ»º³åÇøÒç³öÎÊÌâ £¬Ó°ÏìNGINX°æ±¾0.6.27ÖÁ1.30.0¡£NGINXΪȫÇòÔ¼Èý·ÖÖ®Ò»µÄÍ·²¿ÍøÕ¾Ìṩ֧³Ö £¬±»ÔÆ·þÎñÉÌ¡¢ÒøÐÓ×¢µçÉÌÆ½Ì¨¼°Kubernetes¼¯Èº¿í·ºÑ¡È¡¡£¾ÝÈËΪÖÇÄܰ²È«¹«Ë¾DepthFirst AIµÄ×êÑÐÈËÔ±Ú¹ÊÍ £¬µ±NGINXÅäÖÃͬʱʹÓá°rewrite¡±ºÍ¡°set¡±Ö¸Áîʱ¿ÉÄÜ´¥·¢¸Ã·ì϶¡£×êÑÐÈËÔ±ÑÝʾÁËͨ¹ý¾«ÐÄ»ú¹ØµÄHTTPÒªÇóʵÏÖδ¾­Éí·ÝÑéÖ¤µÄ´úÂëÖ´ÐÐ £¬·ÛËéÏàÁÚÄÚ´æ³Ø½á¹¹²¢¸²¸ÇËãÕÊ´¦Ö÷¨Ê½Ö¸Õë £¬×îÖÕÇ¿ÔìNGINXÖ´ÐÓ×°system()¡±ºÅÁî¡£ÖµÍ×ÌùÐĵÄÊÇ £¬¼´±ãÔÚµØÖ·¿Õ¼ä²¼¾ÖËæ»ú»¯£¨ASLR£©ÄÚ´æ·À»¤Ö°ÄÜ¿ªÆôµÄÇé¿öÏ £¬·ì϶ÀûÓÃÈÔÓµÓпÉÐÐÐÔ¡£´Ë±í £¬NGINXµÄ¶à¹ý³Ì¼Ü¹¹·´¶ø½µµÍÁËÀûÓÃÄѶȣº¹¤×÷¹ý³Ì±ÀÀ£ºó £¬Ö÷¹ý³Ì»áÌìÉúÒ»¸öÄÚ´æ²¼¾ÖÆëȫһÑùµÄйý³Ì £¬¹¥»÷ÕßÄܹ»·´¸´³¢ÊÔÖ±ÖÁ³É¹¦ £¬ÉõÖÁͨ¹ýÖð×Ö½Ú¸²¸ÇÖ¸ÕëÀ´Ð¹Â¶ASLRÐÅÏ¢¡£


https://www.bleepingcomputer.com/news/security/18-year-old-nginx-vulnerability-allows-dos-potential-rce/


6. CISA½«Catalyst SD-WANµÄÒ»¸ö·ì϶²ÎÓëKEVĿ¼


5ÔÂ14ÈÕ £¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©½üÈÕ½«Ë¼¿ÆCatalyst SD-WANÖеÄÒ»¸öÑϳÁ·ì϶£¨±àºÅCVE-2026-20182£©ÄÉÈëÆäÒÑÖªÀûÓ÷ì϶£¨KEV£©Ä¿Â¼¡£¸Ã·ì϶µÄCVSSÆÀ·ÖΪÂú·Ö10.0 £¬Ó°ÏìCatalyst SD-WAN½ÚÔìÆ÷£¨vSmart£©ºÍÖÎÀíÆ÷£¨vManage£©ÖеÄSD-WAN½ÚÔìÏνÓÎÕÊÖ¼°¶ÔµÈÉí·ÝÑéÖ¤»úÔì¡£ÓÉÓÚÊÜÓ°ÏìϵͳÖеĶԵÈÉí·ÝÑéÖ¤»úÔìÎÞ·¨Õý³£¹¤×÷ £¬Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õ߿ɷ¢Ë;«ÐÄ»ú¹ØµÄÒªÇó £¬ÀûÓÃÑé֤ʧ°ÜÈÆ¹ýÉí·ÝÑéÖ¤ £¬´Ó¶ø»ñµÃÖÎÀíȨÏÞ¡£³É¹¦ÀûÓúó £¬¹¥»÷Õß¿ÉÄÜÒÔÄÚ²¿¸ßȨÏÞ·ÇrootÓû§ÕË»§µÇ¼½ÚÔìÆ÷ £¬½ø¶ø½Ó¼ûNETCONF²¢°Ñ³ÖÕû¸öSD-WANÍøÂç¼Ü¹¹µÄÅäÖá£Ë¼¿ÆPSIRTÓÚ2026Äê5Ô¼ì²âµ½¸Ã·ì϶Òѱ»ÓÐÏÞÀûÓà £¬²¢´¹Î£¶½´Ù¿Í»§Éý¼¶ÖÁÒѽ¨¸´µÄÈí¼þ°æ±¾¡£CISAÒѺÅÁîÁª¹ú»ú¹¹ÔÚ2026Äê5ÔÂ17ÈÕ֮ǰʵÏÖ½¨¸´¡£


https://securityaffairs.com/192157/hacking/u-s-cisa-adds-a-flaw-in-cisco-catalyst-sd-wan-to-its-known-exploited-vulnerabilities-catalog.html