{"vulnerability": "CVE-2024-52046", "sightings": [{"uuid": "c5c51596-8bf1-413c-a0db-1d4635e63120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3le43qfwqvm24", "content": "", "creation_timestamp": "2024-12-25T04:11:33.865807Z"}, {"uuid": "36bfeb44-2716-4402-9619-a170bacabcbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113712909971845242", "content": "", "creation_timestamp": "2024-12-25T10:08:27.572220Z"}, {"uuid": "022ab2cf-c22b-45a2-b823-5d8f1f75065f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3le4q2z736w25", "content": "", "creation_timestamp": "2024-12-25T10:15:24.711696Z"}, {"uuid": "0bc33bbf-d53c-417b-872e-76a9da58875e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3le6y54uqek2h", "content": "", "creation_timestamp": "2024-12-26T07:45:10.653953Z"}, {"uuid": "6d74a4f6-4955-4c0e-9929-bb9bad8ca33f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3le76uutyre2q", "content": "", "creation_timestamp": "2024-12-26T09:45:44.496332Z"}, {"uuid": "ee19e97f-3778-4ad0-b4ef-765acd2e51e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-52046", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lebghca27k2f", "content": "", "creation_timestamp": "2024-12-27T07:06:37.945965Z"}, {"uuid": "405c0842-b4ad-4010-8ec9-696b2dfbc9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-52046", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3lebgivx7k32y", "content": "", "creation_timestamp": "2024-12-27T07:07:31.451156Z"}, {"uuid": "3d2e0ff2-b4d1-43e5-97ab-897e7ba8daac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lebgpafhky2s", "content": "", "creation_timestamp": "2024-12-27T07:11:04.050076Z"}, {"uuid": "938b33d6-46c2-401b-ab98-cbc0d1b2204b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-52046", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lebgpaizay2w", "content": "", "creation_timestamp": "2024-12-27T07:11:04.608472Z"}, {"uuid": "8c7537d0-5933-499c-a76a-6163ea2c5b99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lebgqpspv52m", "content": "", "creation_timestamp": "2024-12-27T07:11:54.355921Z"}, {"uuid": "86fd903a-5096-4793-9e14-6e9e5e6b6879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3lebgth6xhi23", "content": "", "creation_timestamp": "2024-12-27T07:13:25.708385Z"}, {"uuid": "bbb49233-51b1-4935-b7c6-679d6c9b6d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/techit.bsky.social/post/3lebhrai2fu2j", "content": "", "creation_timestamp": "2024-12-27T07:30:06.231767Z"}, {"uuid": "e0e1c060-421a-4fb8-acaa-df96deccda3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/dejayk.bsky.social/post/3lebjffyda222", "content": "", "creation_timestamp": "2024-12-27T07:59:17.620158Z"}, {"uuid": "30e815d4-d8ad-4f7f-8fd6-35700c1c1d48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/what-security.co.uk/post/3lebk24wckx2q", "content": "", "creation_timestamp": "2024-12-27T08:10:50.483008Z"}, {"uuid": "3354a4a9-1bfc-4fd2-b5ab-af79e38a9aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://thehackernews.com/2024/12/apache-mina-cve-2024-52046-cvss-100.html", "content": "", "creation_timestamp": "2024-12-27T05:46:00.000000Z"}, {"uuid": "40d2bae3-9883-4ee9-8f6a-b5e159ac0e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lebugpudzk2w", "content": "", "creation_timestamp": "2024-12-27T11:16:55.671067Z"}, {"uuid": "4c7b6bf3-486d-4a65-b382-0c5d319b0253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/jurassiquehack.bsky.social/post/3lec43hbp4k2r", "content": "", "creation_timestamp": "2024-12-27T13:33:45.121320Z"}, {"uuid": "7414270c-342f-4cc2-927b-e6570ab7c807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/axcheron.bsky.social/post/3lec43nr5s22y", "content": "", "creation_timestamp": "2024-12-27T13:33:50.645659Z"}, {"uuid": "24fe1089-c7fa-4812-b943-b917ba0ed08d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-52046", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113725122092351678", "content": "", "creation_timestamp": "2024-12-27T13:54:09.575804Z"}, {"uuid": "adec9e4c-c47e-43af-9439-dfb83ec1adfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/jussimetso.com/post/3lecjr6lvb22u", "content": "", "creation_timestamp": "2024-12-27T17:38:24.123678Z"}, {"uuid": "343d55a0-2d59-4a80-9e57-aa78087a4713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lecn7umfoc22", "content": "", "creation_timestamp": "2024-12-27T18:40:25.420386Z"}, {"uuid": "e5826565-d918-4bf3-81df-92a062dd7c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lecneni4tc22", "content": "", "creation_timestamp": "2024-12-27T18:43:04.636402Z"}, {"uuid": "190697f4-048b-4ff0-aa35-da6d17c0b979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113728101289343008", "content": "", "creation_timestamp": "2024-12-28T02:31:51.815857Z"}, {"uuid": "fdd395a4-7afe-4dfe-9a25-e2b20bcdc2bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3ledqjdfhra2w", "content": "", "creation_timestamp": "2024-12-28T05:12:02.972310Z"}, {"uuid": "4ac44c34-4dae-46a7-8fba-eea9ab8ffdcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-52046", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/113729203115572944", "content": "", "creation_timestamp": "2024-12-28T07:12:01.596761Z"}, {"uuid": "94941b1a-3869-4f5c-ba28-0d597000d152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3lee5xgeihz2j", "content": "", "creation_timestamp": "2024-12-28T09:12:34.197175Z"}, {"uuid": "1a2eaeab-398f-4aaa-b3f6-e66690e5030b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/elhackernet.extwitter.link/post/3leffrituks26", "content": "", "creation_timestamp": "2024-12-28T21:05:06.241825Z"}, {"uuid": "607abd2b-1225-41c8-b9be-350a4d79259f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3legtdv5u4s2r", "content": "", "creation_timestamp": "2024-12-29T10:40:44.110356Z"}, {"uuid": "836d2f9b-c913-4c4d-8496-9f7c37b25f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/lordman1982.bsky.social/post/3lemcrmoufu2q", "content": "", "creation_timestamp": "2024-12-31T15:00:07.849648Z"}, {"uuid": "6da93908-a4a5-4070-87c9-fa6221875d99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lemh4xv2vd2m", "content": "", "creation_timestamp": "2024-12-31T16:18:02.513522Z"}, {"uuid": "c6bbc903-d3dd-457b-96d0-ab79830bab10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113877916793081869", "content": "", "creation_timestamp": "2025-01-23T13:31:51.878196Z"}, {"uuid": "a0bed81a-f4d7-40b9-b581-33d09fceda7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/kasperskyb2b/1574", "content": "\u2b50\ufe0f \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411\n\n\ud83d\ude11 \u0423\u0433\u0440\u043e\u0437\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0410\u0421\u0423 \u0432 3 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430: \u043e\u0431\u0437\u043e\u0440 \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430. \u0422\u043e\u043f \u0441\u0438\u0441\u0442\u0435\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u0432\u043e\u0437\u0433\u043b\u0430\u0432\u0438\u043b\u0438 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \n\n\ud83d\uddff \u0420\u0430\u0437\u0431\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b Masque, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 2024 \u0433\u043e\u0434\u0443 \u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0439 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e\u0439 \u0432\u044b\u0433\u043e\u0434\u044b.  \u0417\u0430\u0445\u043e\u0434\u044f\u0442 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u0442\u0451\u043a\u0448\u0438\u0435 \u0431\u0438\u043b\u0434\u0435\u0440\u044b Lockbit \u0438 Babuk.\n\n\ud83d\ude80 \u0412 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430\u0445 Palo Alto, \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 CVE-2024-9474, \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 Littlelamb.Wooltea. \u041e\u0447\u0435\u043d\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u043e \u043d\u0451\u043c \u0445\u043e\u0440\u043e\u0448\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442, \u043a\u0430\u043a \u043e\u043f\u044b\u0442\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\ud83d\udfe3\u0421\u043f\u0438\u0441\u043e\u043a \u0438\u0437 2,5 \u0442\u044b\u0441\u044f\u0447 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 Astrill VPN, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0447\u0435\u043d\u044c \u043b\u044e\u0431\u044f\u0442 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0435 APT.\n\n\u2764\ufe0f\u041e\u0431\u0437\u043e\u0440 \u0444\u0438\u0448\u0438\u043d\u0433-\u043a\u0438\u0442\u0430 WikiKit, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0433\u043e \u0441\u0432\u043e\u0451 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0437\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043f\u0435\u0440\u0435\u0430\u0434\u0440\u0435\u0441\u0443\u0435\u0442 \u043d\u0435\u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0412\u0438\u043a\u0438\u043f\u0435\u0434\u0438\u044e.\n\n\ud83d\ude35\u200d\ud83d\udcab \u041f\u044f\u0442\u044c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 Chrome, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u043e\u0442 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Cyberhaven, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432 \u043c\u0430\u0433\u0430\u0437\u0438\u043d Chrome. \u0415\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u043e\u0432\u043e\u0434 \u043f\u043e\u0434\u0447\u0438\u043d\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 \u0432 \u0425\u0440\u043e\u043c \u0441\u0442\u0440\u043e\u0433\u0438\u043c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c.\n\n\ud83d\udfe2\u041d\u043e\u0432\u044b\u0439 \u0434\u0435\u043d\u044c \u2014 \u043d\u043e\u0432\u043e\u0435 \u0412\u041f\u041e \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 open source. \u0422\u0435\u043f\u0435\u0440\u044c \u0447\u0435\u0440\u0435\u0437 PyPi \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0441\u0442\u0438\u043b\u0435\u0440\u044b Cometlogger \u0438 Zebo.\n\n\ud83d\udfe3\u0410 Lockbit \u0441\u043e\u0431\u0440\u0430\u043b\u0438\u0441\u044c \u043e\u0442\u043f\u0440\u0430\u0437\u0434\u043d\u043e\u0432\u0430\u0442\u044c \u0433\u043e\u0434\u043e\u0432\u0449\u0438\u043d\u0443 \u0440\u0430\u0437\u0433\u043e\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u044b \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c Lockbit 4.0.\n\n\ud83d\ude35 \u0426\u0435\u043b\u0430\u044f \u043f\u0430\u0447\u043a\u0430 \u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0418\u0422-\u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043e\u043c\u0440\u0430\u0447\u0438\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u044b\u0439 \u0441\u0435\u0437\u043e\u043d. \u041e\u0442\u043c\u0435\u0442\u0438\u043c CVE-2024-52046 \u0432 Apache MINA (CVSS 10), CVE-2024-45387 \u0432 Apache Traffic Ops (CVSS 9.9) \u0438 \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e CVE-2024-43441 \u0432 OpenGraph. \u0410 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0435\u0434\u0432\u0430 \u0432\u044b\u0434\u043e\u0445\u043d\u0443\u043b, \u0437\u0430\u043b\u0430\u0442\u0430\u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2024-50379 \u0432 Apache Tomcat, \u0442\u043e\u0436\u0435 \u0435\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u2014 \u0444\u0438\u043a\u0441 \u0431\u044b\u043b \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0439\u0442\u0435 CVE-2024-56337 \u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0439\u0442\u0435 \u0441\u043d\u0430\u0447\u0430\u043b\u0430. \u0414\u0430, \u0438 CVE-2024-53677 \u0432 Struts \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043d\u0435 \u0437\u0430\u0431\u0443\u0434\u044c\u0442\u0435.\n\u0421\u043d\u043e\u0432\u0430 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c \u0438 Palo Alto \u0441 DoS \u0432 PAN-OS (CVE-2024-3393, CVSS 8.7).\n\n\ud83d\udc4b \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435 \u0447\u0442\u0438\u0432\u043e \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435: \u043a\u0430\u043a \u043b\u044e\u0431\u0438\u043c\u0430\u044f \u0441\u0442\u0430\u0440\u0442\u0430\u043f\u0430\u043c\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0441\u0430\u0434\u0430 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-12-28T08:57:19.000000Z"}, {"uuid": "e231bc3c-8b38-426f-b6f3-248f09c93626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113878821493039242", "content": "", "creation_timestamp": "2025-01-23T17:21:56.707374Z"}, {"uuid": "8d7e99e8-aac4-4c0d-97c9-49e320f5d73c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "6bddf1a3-64b3-4e5d-9f69-c04e1e9344df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4063", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52046\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-12-25T10:15:05.437\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/4wxktgjpggdbto15d515wdctohb0qmv8\n2. http://www.openwall.com/lists/oss-security/2024/12/25/1\n3. https://security.netapp.com/advisory/ntap-20250103-0001/", "creation_timestamp": "2025-02-12T11:08:48.000000Z"}, {"uuid": "c756f15c-7b91-436d-aecf-370848b4f877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/cibsecurity/81824", "content": "\ud83d\udd8b\ufe0f Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization \ud83d\udd8b\ufe0f\n\nThe Apache Software Foundation ASF has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE202452046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X. \"The ObjectSerializationDecoder in Apache MINA uses Java's.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-12-27T09:45:48.000000Z"}, {"uuid": "a775135e-3366-403d-ab34-f8d56a6efaf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/cvedetector/13622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52046 - Apache MINA Java Deserialization Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52046 \nPublished : Dec. 25, 2024, 10:15 a.m. | 36\u00a0minutes ago \nDescription : The ObjectSerializationDecoder in Apache MINA uses Java\u2019s native deserialization protocol to process  \nincoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows  \nattackers to exploit the deserialization process by sending specially crafted malicious serialized data,  \npotentially leading to remote code execution (RCE) attacks.  \n  \n  \n  \n       \n  \n  \n      \n  \n  \n     \n  \n  \n    \n  \n  \n   \nThis issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4.  \n  \n  \n  \n  \n  \nIt's also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the ObjectSerializationCodecFactory class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library.  \n  \n  \n  \n  \nUpgrading will\u00a0 not be enough: you also need to explicitly allow the classes the decoder will accept in the ObjectSerializationDecoder instance, using one of the three new methods:  \n  \n  \n  \n  \n    /**  \n  \n\u00a0 \u00a0\u00a0 * Accept class names where the supplied ClassNameMatcher matches for  \n  \n     * deserialization, unless they are otherwise rejected.  \n  \n     *  \n  \n     * @param classNameMatcher the matcher to use  \n  \n     */  \n  \n    public void accept(ClassNameMatcher classNameMatcher)  \n  \n  \n  \n  \n    /**  \n  \n     * Accept class names that match the supplied pattern for  \n  \n     * deserialization, unless they are otherwise rejected.  \n  \n     *  \n  \n     * @param pattern standard Java regexp  \n  \n     */  \n  \n    public void accept(Pattern pattern)   \n  \n  \n  \n  \n  \n    /**  \n  \n     * Accept the wildcard specified classes for deserialization,  \n  \n     * unless they are otherwise rejected.  \n  \n     *  \n  \n     * @param patterns Wildcard file name patterns as defined by  \n  \n     *                  {@link org.apache.commons.io.FilenameUtils#wildcardMatch(String, String) FilenameUtils.wildcardMatch}  \n  \n     */  \n  \n    public void accept(String... patterns)  \n  \n  \n  \n  \n  \n  \n  \nBy default, the decoder will reject *all* classes that will be present in the incoming data.  \n  \n  \n  \n  \n  \n  \n  \nNote: The FtpServer, SSHd and Vysper sub-project are not affected by this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-25T12:08:32.000000Z"}, {"uuid": "196a6074-2e12-4b6c-b34d-f35b124e5dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "Telegram/tNWErpi-icg-KzcgkPQnrHMRJ9uvizk76h264VHHMYL9sETb", "content": "", "creation_timestamp": "2025-02-14T10:04:57.000000Z"}, {"uuid": "afbc2859-48e7-4ebe-842f-5d1230683f99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/6767", "content": "Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization \u2013 thehackernews.com\n\nFri, 27 Dec 2024 14:46:00", "creation_timestamp": "2024-12-27T09:03:13.000000Z"}, {"uuid": "d425203e-5f9f-40bf-8001-1322f04cbe6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/nusantaraMYID/1901", "content": "Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization \u2013 thehackernews.com\n\nFri, 27 Dec 2024 14:46:00", "creation_timestamp": "2024-12-27T09:03:10.000000Z"}, {"uuid": "04a68854-8ba5-4ab4-9f2c-e902eda4f057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/1059", "content": "Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization \u2013 thehackernews.com\n\nFri, 27 Dec 2024 14:46:00", "creation_timestamp": "2024-12-27T09:03:13.000000Z"}, {"uuid": "ca3ce6f4-fd78-45be-8326-4fcc7d7e9bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/true_secator/6590", "content": "\u041d\u0430\u043c \u043d\u0430 \u041d\u043e\u0432\u044b\u0439 \u0413\u043e\u0434 \u043f\u043e\u0434\u0430\u0440\u0438\u043b\u0438 \u043a\u043d\u0438\u0433\u0443 \u0410.\u041d. \u0417\u0430\u0442\u0443\u043f\u043a\u043e \"\u041a\u0430\u043b\u0430\u043c\u0431\u0443\u0440\u044c \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043d\u0430\u043c\u0438!\", \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u044b \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0441\u043f\u0435\u0448\u0438\u043c \u043f\u043e\u0440\u0430\u0434\u043e\u0432\u0430\u0442\u044c \u0432\u0430\u0441 \u043d\u0430\u0448\u0438\u043c\u0438 \u043d\u043e\u0432\u044b\u043c\u0438 \u043d\u0430\u0440\u0430\u0431\u043e\u0442\u043a\u0430\u043c\u0438 \u0432 \u044d\u0442\u043e\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438!\n\n\u0415\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 MINA, \u0442\u043e \u043f\u043e\u0434 \u0432\u0430\u043c\u0438 \u0437\u0430\u043b\u043e\u0436\u0435\u043d\u0430 \u043f\u0440\u043e\u0441\u0442\u043e \u043d\u0435\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430\u044f \u043c\u0438\u043d\u0430!\n\nApache Software Foundation \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 MINA \u0438 HugeGraph-Server. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u041f\u041e, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 23 \u043f\u043e 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-52046 \u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 MINA 2.0 \u043f\u043e 2.0.26, 2.1 \u043f\u043e 2.1.9 \u0438 2.2 \u043f\u043e 2.2.3. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 10 \u0438\u0437 10 \u043e\u0442 Apache Software Foundation\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 ObjectSerializationDecoder \u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 Java, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\nApache \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430, \u0435\u0441\u043b\u0438 \u043c\u0435\u0442\u043e\u0434 IoBuffer#getObject() \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043a\u043b\u0430\u0441\u0441\u0430\u043c\u0438.\n\nApache \u0440\u0435\u0448\u0438\u043b\u0430 \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.0.27, 2.1.10 \u0438 2.2.4, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0431\u044b\u043b \u0443\u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u043e\u0432\u0430\u043d \u0437\u0430 \u0441\u0447\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0440\u043e\u0433\u0438\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e \u044d\u0442\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0442\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043a\u043b\u0430\u0441\u0441\u043e\u0432, \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u044f\u0432\u043d\u043e \u043d\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043e\u0434\u0438\u043d \u0438\u0437 \u0442\u0440\u0435\u0445 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f Apache HugeGraph-Server \u0432\u0435\u0440\u0441\u0438\u0439 1.0\u20131.3, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2024-43441. \u041e\u043d\u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043b\u043e\u0433\u0438\u043a\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0430\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.5.0, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u043e\u0439 \u043a \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 HugeGraph-Server.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u0435 \u043c\u0435\u0440\u044b, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0441 \u0443\u0447\u0435\u0442\u043e\u043c \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0438\u0442\u0430\u044e\u0442 \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0438\u043c\u0435\u043d\u043d\u043e \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u043a\u043e\u0432, \u043a\u043e\u0433\u0434\u0430 \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u0442\u0435\u043c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442\u0441\u044f.", "creation_timestamp": "2024-12-27T12:40:02.000000Z"}, {"uuid": "a98ad775-2736-4dc6-90e7-cd6496106a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "Telegram/6co7dt_dUtqfQzohCDMPxSlY_95oVwA2GVcELl0qKvG1AME", "content": "", "creation_timestamp": "2024-12-27T09:03:10.000000Z"}, {"uuid": "e1c02fe8-0741-469a-be45-3fe42a062493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_ru/361", "content": "Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization\n\nThe Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application\u2026\n\nhttps://osintcorp.net/apache-mina-cve-2024-52046-cvss-10-0-flaw-enables-rce-via-unsafe-serialization/", "creation_timestamp": "2024-12-27T08:59:41.000000Z"}, {"uuid": "31f1d9eb-b7a3-4a8d-8051-62afa809f26b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "published-proof-of-concept", "source": "Telegram/6W6EICXURW28KI-vj1cnJQWFZR69dcmIZlejssdoh8c_rw", "content": "", "creation_timestamp": "2024-12-27T09:11:53.000000Z"}, {"uuid": "16e72173-cbe1-4580-9fa9-bb6b0b241951", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "published-proof-of-concept", "source": "Telegram/YVIGtVzPxhUQg1NIFYHdzl3hwygMjED47WVeSNRQ77_dy1c", "content": "", "creation_timestamp": "2024-12-27T08:54:55.000000Z"}, {"uuid": "9601543c-9844-4af3-ae51-5d0ffafe1674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/jj_8tl/167", "content": "Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization\nhttps://thehackernews.com/2024/12/apache-mina-cve-2024-52046-cvss-100.html\n\nThe Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions.\nTracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X.\n\"The ObjectSerializationDecoder in Apache MINA uses Java's", "creation_timestamp": "2024-12-29T18:48:35.000000Z"}, {"uuid": "e629e7a8-44bd-4ab2-a658-36ff97c4e3bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/ctinow/228630", "content": "Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization\nhttps://ift.tt/lKhjeW7", "creation_timestamp": "2024-12-27T08:10:03.000000Z"}, {"uuid": "08a3afe3-27be-4b8a-b23c-68b02647c505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mknvm7v3uf2w", "content": "\ud83d\udccc CVE-2026-41409 - The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized w... https://www.cyberhub.blog/cves/CVE-2026-41409", "creation_timestamp": "2026-04-29T20:07:07.702122Z"}, {"uuid": "3460a74b-89ee-4abc-a92c-4786d77a5cdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "Telegram/0_HRy55XY1gHFnZjznakOF7ZoOcpEYzc0dvtDC6c94sHEnY", "content": "", "creation_timestamp": "2026-05-04T15:00:07.000000Z"}, {"uuid": "ef14161d-faae-44ae-99e6-436493675196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkqxxdbwbc2e", "content": "\u300cApache MINA\u300d\u306b\u6df1\u523b\u306a\u8106\u5f31\u60272\u4ef6 - \u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\n\nJava\u5411\u3051\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30d5\u30ec\u30fc\u30e0\u30ef\u30fc\u30af\u300cApache MINA\u300d\u306b\u6df1\u523b\u306a\u8106\u5f31\u60272\u4ef6\u304c\u660e\u3089\u304b\u306b\u306a\u3063\u305f\u3002\n\nApache Software Foundation\u306f\u73fe\u5730\u6642\u95932026\u5e744\u670827\u65e5\u3001\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u3092\u30c7\u30b7\u30ea\u30a2\u30e9\u30a4\u30ba\u3059\u308b\u8106\u5f31\u6027\u300cCVE-2026-41409\u300d\u300cCVE-2026-41635\u300d\u306b\u95a2\u3059\u308b\u60c5\u5831\u3092\u516c\u958b\u3057\u305f\u3002\u60aa\u7528\u3055\u308c\u308b\u3068\u30ea\u30e2\u30fc\u30c8\u3088\u308a\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3055\u308c\u308b\u304a\u305d\u308c\u304c\u3042\u308b\u3002\n\n\u300cCVE-2026-41409\u300d\u306f\u30012024\u5e74\u306b\u516c\u8868\u3055\u308c\u305f\u300cCVE-2024-52046\u300d\u306e\u4fee\u6b63\u304c\u4e0d\u5b8c\u5168\u3060\u3063\u305f\u3053\u3068\u306b\u8d77\u56e0\u3002\u8a31\u53ef\u30ea\u30b9...", "creation_timestamp": "2026-05-01T01:27:08.104746Z"}, {"uuid": "241bf0d8-e2e6-4dfd-abbf-aaaac25708f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/thehackernews/6090", "content": "\ud83d\udea8 A critical CVE-2024-52046 vulnerability in Apache MINA, scoring a perfect CVSS 10.0, could enable remote code execution. \n \nThe flaw lies in Java\u2019s deserialization protocol, leaving systems wide open to attack if improperly secured. \n \nRead now: https://thehackernews.com/2024/12/apache-mina-cve-2024-52046-cvss-100.html", "creation_timestamp": "2024-12-27T07:48:41.000000Z"}, {"uuid": "5f544bd0-cd8a-4c86-8baf-0a55fc2c3ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52046", "type": "seen", "source": "https://t.me/true_secator/8179", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f:\n\n1. \u0412 Android \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2026-0073, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u041e\u0421 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0431\u0435\u0437 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\u00a0\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 adbd (Android Debug Bridge daemon), \u0444\u043e\u043d\u043e\u0432\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u0441\u0432\u044f\u0437\u044c\u044e \u043c\u0435\u0436\u0434\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u043e\u0442\u043b\u0430\u0434\u043a\u0443 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435.\n\n\u041f\u043e\u043a\u0430 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-0073 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0435\u0442, \u043d\u043e \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n2. Apache \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 HTTP Server \u0438 MINA, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE.\n\n\u0412 Apache HTTP Server 2.4.67 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0434\u043b\u044f 11 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 10 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-23918, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2. \u0418\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044f \u043f\u0440\u0435\u0436\u0434\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0441\u0431\u0440\u043e\u0441, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, CVE-2026-28780, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 AJP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f, \u0432\u044b\u0437\u044b\u0432\u0430\u044f DoS \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043a\u043e\u0434.\n\n\u0422\u0440\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, CVE-2026-29168, CVE-2026-29169 \u0438 CVE-2026-33007, \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a DoS, \u0430 \u0435\u0449\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 (CVE-2026-24072, CVE-2026-33857, CVE-2026-34032 \u0438 CVE-2026-34059) - \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 CRLF (CVE-2026-33523), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c HTTP-\u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438, \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u043e\u0431\u043e\u0447\u043d\u044b\u0445 \u043a\u0430\u043d\u0430\u043b\u043e\u0432 \u043f\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (CVE-2026-33006), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Digest.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Apache\u00a0\u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 MINA 2.2.7 \u0438 MINA 2.1.12, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - CVE-2026-42778 \u0438 CVE-2026-42779. \n\n\u041f\u0435\u0440\u0432\u0430\u044f - \u044d\u0442\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41409, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u044f CVE-2024-52046, \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f RCE.\n\n\u0412\u0442\u043e\u0440\u0430\u044f - \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41635, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u0441\u043e\u0431\u043e\u0439 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0441\u043f\u0438\u0441\u043a\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n3. VulnCheck \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2026-29014\u00a0(CVSS: 9,8) \u0432 CMS \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c MetInfo.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 MetInfo CMS 7.9, 8.0 \u0438 8.1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0441\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c PHP-\u043a\u043e\u0434\u043e\u043c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0443\u044e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043b\u044f RCE \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.", "creation_timestamp": "2026-05-06T18:50:06.000000Z"}]}