Feed aggregator

Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities

Cisco Security Advisories - Wed, 03/11/2026 - 11:00pm

Multiple vulnerabilities in Cisco IOS XR Software could allow an authenticated, local attacker to execute commands as root on an underlying operating system or gain full administrative control of an affected device.

For more information about these vulnerabilities, see the Details section of this advisory.

Cisco has released software updates that address these vulnerabilities. A workaround is available for one of the vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4W

This advisory is part of the March 2026 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication.

<br/>Security Impact Rating: High <br/>CVE: CVE-2026-20040,CVE-2026-20046
Categories: Cisco

Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability

Cisco Security Advisories - Wed, 03/11/2026 - 11:00pm

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly.

This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending crafted IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process to restart unexpectedly, resulting in a temporary loss of connectivity to advertised networks and a denial of service (DoS) condition.

Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency.  

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-dos-kDMxpSzK

This advisory is part of the March 2026 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication.

<br/>Security Impact Rating: High <br/>CVE: CVE-2026-20074
Categories: Cisco

Laminae – Multi-Agent Cognitive Pipeline

Hacker News - Wed, 03/11/2026 - 10:37pm

Article URL: https://github.com/Orellius/Laminae

Comments URL: https://news.ycombinator.com/item?id=47345689

Points: 1

# Comments: 0

Categories: Hacker News

Show HN: A public RSS feed aggregator for the indie web

Hacker News - Wed, 03/11/2026 - 10:28pm

Article URL: https://powrss.com/

Comments URL: https://news.ycombinator.com/item?id=47345606

Points: 2

# Comments: 0

Categories: Hacker News

OpenUI: Open Standard for Generative UI

Hacker News - Wed, 03/11/2026 - 10:28pm

Article URL: https://www.openui.com/

Comments URL: https://news.ycombinator.com/item?id=47345604

Points: 1

# Comments: 0

Categories: Hacker News

Proposal: Global Solar-Offset Fractional Time (G-Soft) Model

Hacker News - Wed, 03/11/2026 - 10:22pm

OBJECTIVE: To replace the disruptive biannual one-hour clock shifts with a system of four scheduled 15-minute fractional adjustments. The proposed G-SOFT protocol aligns human activity with the natural seasonal drift of the sun in both the Northern and Southern Hemispheres while maintaining global synchronization and returning to whole-hour UTC offsets for the majority of the year.

RATIONALE: - Biological Integrity: A single 60-minute jump causes significant circadian disruption. G-SOFT’s 15-minute increments are virtually imperceptible to human biology, mimicking the body's natural ability to adapt to minor daily light changes. - Operational Stability: Gradual changes eliminate the "Monday after" productivity slump and the documented spike in heart attacks and workplace accidents associated with traditional one-hour DST transitions. - Hemispheric Optimization: G-SOFT allows the Northern and Southern Hemispheres to move in opposite directions simultaneously. This ensures both regions follow the sun—gaining evening light in summer and morning light in winter—without breaking international coordination. - Global Standardization: By performing these shifts over four designated weekends, the system ensures that for ten months of the year, all nations maintain clean, whole-hour offsets from UTC. Nations near the equator may choose to remain on a Static UTC Offset, as their daylight variation is minimal.

IMPLEMENTATION: Transitions occur over the four Sundays of March and September at 2:00 AM local time.

MARCH TRANSITION (Sample 2026) Date | G-SOFT Phase | NY (UTC-5) | Sydney (UTC+11) | Diff ------- | ------------ | ---------- | --------------- | ---- Feb 22 | Base State | UTC-5:00 | UTC+11:00 | 16h Mar 1 | Step 1 | UTC-4:45 | UTC+10:45 | 15.5h Mar 8 | Step 2 | UTC-4:30 | UTC+10:30 | 15h Mar 15 | Step 3 | UTC-4:15 | UTC+10:15 | 14.5h Mar 22 | Peak State | UTC-4:00 | UTC+10:00 | 14h

SEPTEMBER TRANSITION (Sample 2026) Date | G-SOFT Phase | NY (UTC-4) | Sydney (Peak UTC+10) | Diff ------- | ------------ | ---------- | -------------------- | ---- Aug 30 | Peak State | UTC-4:00 | UTC+10:00 | 14h Sep 6 | Step 1 | UTC-4:15 | UTC+10:15 | 14.5h Sep 13 | Step 2 | UTC-4:30 | UTC+10:30 | 15h Sep 20 | Step 3 | UTC-4:45 | UTC+10:45 | 15.5h Sep 27 | Base State | UTC-5:00 | UTC+11:00 | 16h

TECHNICAL FEASIBILITY: Modern Network Time Protocol (NTP) and operating systems already support fractional offsets (e.g., India at UTC+5:30). G-SOFT leverages this infrastructure to automate transitions, making the change invisible to the end-user while providing a "soft landing" for aviation, logistics, and high-precision digital systems.

CONCLUSION: The G-SOFT Protocol resolves a century-old logistical problem with a health-conscious, technically precise solution. By "gliding" the clock instead of "snapping" it, we achieve better solar alignment and a safer global environment.

Comments URL: https://news.ycombinator.com/item?id=47345563

Points: 1

# Comments: 0

Categories: Hacker News

Physical Laser Art

Hacker News - Wed, 03/11/2026 - 10:18pm
Categories: Hacker News

Pages