English
全部
搜索
图片
视频
地图
资讯
Copilot
更多
购物
航班
旅游
笔记本
Top stories
Sports
U.S.
Local
World
Science
Technology
Entertainment
Business
More
Politics
时间不限
过去 1 小时
过去 24 小时
过去 7 天
过去 30 天
最新
最佳匹配
腾讯网
4 个月
高危Markdown转PDF漏洞可通过Markdown前置元数据实现JS注入攻击(CVSS 10.0)
2025年11月24日,广受欢迎的npm包md-to-pdf(每周下载量超47,000次的命令行工具)曝出高危漏洞(CVE-2025-65108)。该漏洞获得CVSS满分10分评级,攻击者可通过恶意前置元数据解析执行任意JavaScript代码。任何使用该包处理不可信Markdown内容的应用程序、构建系统或云服务 ...
一些您可能无法访问的结果已被隐去。
显示无法访问的结果
今日热点
Had a stroke while filming
'Star Wars' actor dies
Suspends Israel defense deal
Discloses $100M+ in assets
Florida doctor indicted
Resigns from The Athletic
To close over 600 stores
Apologizes for outburst
Omaha Walmart shooting
'Baby Jessica' arrested
Sues Connecticut, New Haven
US wholesale prices surged
Sign defense deal
Amazon to acquire Globalstar
Officially resign from House
NAACP sues Musk's xAI
Ex-UCLA doctor pleads guilty
Retrial begins over death
Inter Miami coach resigns
IMF cuts growth outlook
Another US boat strike kills 4
USSF sporting director quits
Moore gets probation
LA schools avoid strike
Maine lawmakers pass ban
Extends deal with Broadcom
Sinlaku pounds US islands
Disney cutting 1,000 jobs
Hosts Israel-Lebanon talks
WH favors Erica Schwartz
Camp Mystic official testifies
反馈
