FediSecfeeds

CVE	CVSS	EPSS	Posts	Repos	Nuclei	Updated	Description
CVE-2026-9011	7.5	0.03%	1	0		2026-05-22T09:16:33.327000	The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is
CVE-2026-8679	7.5	0.13%	2	0		2026-05-22T09:16:32.887000	The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Re
CVE-2026-45250	7.8	0.01%	3	1		2026-05-22T08:16:14.847000	The setcred(2) system call is only available to privileged users. However, befo
CVE-2026-9018	8.8	0.03%	1	1		2026-05-22T05:16:28.067000	The Easy Elements for Elementor – Addons & Website Templates plugin for WordPres
CVE-2026-4834	7.5	0.06%	1	0		2026-05-22T04:16:26.647000	The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'sear
CVE-2026-9264	0	0.02%	1	0		2026-05-22T02:16:35.073000	A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components
CVE-2026-34911	7.7	0.01%	1	0		2026-05-22T02:16:34.667000	A malicious actor with access to the network and low privileges could exploit a
CVE-2026-34910	10.0	0.10%	2	0		2026-05-22T02:16:34.527000	A malicious actor with access to the network could exploit an Improper Input Val
CVE-2026-34909	10.0	0.02%	2	0		2026-05-22T02:16:34.390000	A malicious actor with access to the network could exploit a Path Traversal vuln
CVE-2026-34908	10.0	0.02%	2	0		2026-05-22T02:16:34.240000	A malicious actor with access to the network could exploit an Improper Access Co
CVE-2026-33000	9.1	0.06%	2	0		2026-05-22T02:16:33.933000	A malicious actor with access to the network and high privileges could exploit a
CVE-2026-6960	9.8	0.15%	2	1		2026-05-21T22:16:48.643000	The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file upload
CVE-2026-46473	7.5	0.01%	2	0		2026-05-21T22:16:48.157000	Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secret
CVE-2026-47102	8.8	0.05%	1	0		2026-05-21T21:16:32.557000	LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /us
CVE-2026-47101	8.8	0.05%	1	0		2026-05-21T21:16:32.413000	LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API key
CVE-2026-47114	8.8	0.16%	1	0		2026-05-21T21:03:56.320000	IINA before 1.4.3 contains a user-assisted command execution vulnerability that
CVE-2026-34926	6.7	0.25%	7	1		2026-05-21T20:16:14.027000	A directory traversal vulnerability in the Apex One (on-premise) server could al
CVE-2025-34291	8.8	33.55%	4	2	template	2026-05-21T20:16:13.520000	Langflow versions up to and including 1.6.9 contain a chained vulnerability that
CVE-2026-24217	8.8	0.08%	2	0		2026-05-21T20:08:20.257000	NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause
CVE-2026-4858	8.0	0.04%	1	0		2026-05-21T19:43:31.373000	Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.
CVE-2026-41035	7.4	0.03%	1	0		2026-05-21T19:23:51.373000	In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value
CVE-2026-48207	9.8	0.04%	2	0		2026-05-21T19:16:53.700000	Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializ
CVE-2026-42945	8.1	1.00%	1	30		2026-05-21T19:16:53.100000	NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_mo
CVE-2026-28764	7.8	0.01%	1	0		2026-05-21T19:16:52.123000	MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerabil
CVE-2026-39531	9.3	0.03%	1	0		2026-05-21T19:10:36.607000	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-9089	8.8	0.00%	1	0		2026-05-21T19:10:21.527000	The ConnectWise Automate™ Agent does not fully verify the authenticity of compon
CVE-2026-48241	8.1	0.05%	2	0		2026-05-21T19:10:12.323000	Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in
CVE-2026-48235	8.2	0.03%	1	0		2026-05-21T19:10:12.323000	Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/r
CVE-2026-48242	8.1	0.04%	1	0		2026-05-21T19:10:12.323000	Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection cre
CVE-2026-45251	7.8	0.01%	1	0		2026-05-21T19:01:22.710000	A file descriptor can be closed while a thread is blocked in a poll(2) or select
CVE-2026-45253	8.4	0.01%	1	0		2026-05-21T19:01:01.833000	ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) a
CVE-2026-45255	7.5	0.01%	1	0		2026-05-21T19:00:34.217000	When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, the
CVE-2026-8632	7.8	0.01%	2	0		2026-05-21T18:58:59.447000	A potential security vulnerability has been identified in the HP Linux Imaging a
CVE-2026-8631	9.8	0.02%	2	0		2026-05-21T18:58:41.297000	A potential security vulnerability has been identified in the HP Linux Imaging a
CVE-2026-48172	0	0.02%	5	2		2026-05-21T18:16:17.340000	LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possi
CVE-2026-44925	8.8	0.00%	2	0		2026-05-21T16:57:27.350000	Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations
CVE-2026-43494	0	0.03%	2	2		2026-05-21T16:16:23.157000	In the Linux kernel, the following vulnerability has been resolved: net/rds: re
CVE-2026-47373	7.5	0.03%	2	0		2026-05-21T16:04:53.813000	Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attack
CVE-2026-47372	9.1	0.01%	1	0		2026-05-21T16:04:53.813000	Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values
CVE-2026-23734	0	0.04%	1	0		2026-05-21T16:04:53.813000	XWiki Platform is a generic wiki platform. Versions prior to 18.1.0-rc-1, 17.10.
CVE-2026-33137	0	0.04%	1	0		2026-05-21T16:04:53.813000	XWiki Platform is a generic wiki platform offering runtime services for applicat
CVE-2026-0393	0	0.05%	1	0		2026-05-21T16:04:33.830000	The affected product may expose credentials remotely between low privileged visu
CVE-2026-42001	7.5	0.02%	1	0		2026-05-21T15:27:51.530000	Insufficient Validation of Autoprimary SOA Queries
CVE-2026-5433	9.1	0.26%	1	0		2026-05-21T15:26:35.653000	Honeywell Control Network Module (CNM) contains command injection vulnerability
CVE-2026-2740	8.4	1.25%	1	0		2026-05-21T15:26:35.653000	Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus
CVE-2025-13479	7.5	0.03%	1	0		2026-05-21T15:24:41.890000	Authorization bypass through User-Controlled key vulnerability in PosCube Hardwa
CVE-2026-9082	6.5	12.57%	25	7	template	2026-05-21T15:24:25.330000	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-9157	8.4	0.02%	1	0		2026-05-21T15:24:25.330000	Improper input validation, Unrestricted upload of file with dangerous type vulne
CVE-2026-44052	7.5	0.03%	1	0		2026-05-21T15:20:19.040000	Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output
CVE-2026-44051	8.1	0.02%	1	0		2026-05-21T15:20:19.040000	An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows
CVE-2026-44050	9.9	0.14%	1	0		2026-05-21T15:20:19.040000	A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk
CVE-2026-44049	7.5	0.07%	1	0		2026-05-21T15:20:19.040000	An out-of-bounds write due to improper null termination in convert_charset() in
CVE-2026-44048	8.8	0.14%	1	0		2026-05-21T15:20:19.040000	A stack-based buffer overflow via UCS-2 type confusion in convert_charset() in N
CVE-2026-44047	8.8	0.03%	1	0		2026-05-21T15:20:19.040000	An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 throu
CVE-2026-44062	7.5	0.19%	1	0		2026-05-21T15:20:19.040000	A missing output length bounds check in pull_charset_flags() in Netatalk 2.0.4 t
CVE-2026-44060	7.5	0.08%	1	0		2026-05-21T15:20:19.040000	An integer underflow in dsi_writeinit() in Netatalk 1.5.0 through 4.4.2 allows a
CVE-2026-44055	7.5	0.23%	1	0		2026-05-21T15:20:19.040000	A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 al
CVE-2026-44068	7.6	0.15%	1	0		2026-05-21T15:20:19.040000	Incomplete sanitization of extended attribute (EA) path components in Netatalk 2
CVE-2026-5118	9.8	0.03%	3	4		2026-05-21T15:19:30.540000	The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation
CVE-2025-71217	7.8	0.01%	1	0		2026-05-21T15:16:22.223000	An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
CVE-2025-71216	7.8	0.01%	1	0		2026-05-21T15:16:22.037000	A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agen
CVE-2025-71214	7.8	0.01%	1	0		2026-05-21T15:16:21.100000	An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
CVE-2025-71213	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation error vulnerability in Trend Micro Apex One could allow a l
CVE-2025-71212	7.8	0.03%	1	0		2026-05-21T15:05:28.023000	A link following vulnerability in the Trend Micro Apex One scan engine could all
CVE-2025-71211	9.8	0.43%	1	0		2026-05-21T15:05:28.023000	A vulnerability in the Trend Micro Apex One management console could allow a rem
CVE-2025-71210	9.8	0.42%	2	0		2026-05-21T15:05:28.023000	A vulnerability in the Trend Micro Apex One management console could allow a rem
CVE-2026-34930	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34927	7.8	0.01%	4	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34929	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34928	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45206	7.8	0.01%	2	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45207	7.8	0.01%	2	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45208	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow
CVE-2026-46333	7.1	0.01%	10	4		2026-05-21T14:16:48.910000	In the Linux kernel, the following vulnerability has been resolved: ptrace: sli
CVE-2026-42960	10.0	0.02%	2	0		2026-05-20T22:51:43.680000	NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning
CVE-2026-42959	7.5	0.04%	2	0		2026-05-20T22:51:00.717000	NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vu
CVE-2026-42944	7.5	0.04%	2	0		2026-05-20T22:50:49.877000	NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability
CVE-2026-41292	7.5	0.06%	2	0		2026-05-20T22:49:46.850000	NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degrada
CVE-2026-33278	9.8	0.24%	2	0		2026-05-20T22:49:23.313000	NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability
CVE-2026-24218	8.1	0.02%	2	0		2026-05-20T21:31:30	NVIDIA DGX OS contains a vulnerability in the factory provisioning process, wher
CVE-2026-44926	8.8	0.01%	2	0		2026-05-20T20:16:40.517000	InfoScale CmdServer before 7.4.2 mishandles access control.
CVE-2026-41091	7.8	5.22%	4	2		2026-05-20T19:06:36.850000	Improper link resolution before file access ('link following') in Microsoft Defe
CVE-2026-45498	4.0	3.72%	2	1		2026-05-20T19:05:46.837000	Microsoft Defender Denial of Service Vulnerability
CVE-2026-24207	9.8	0.10%	1	0		2026-05-20T17:30:43.320000	NVIDIA Triton Inference Server contains a vulnerability where an attacker could
CVE-2026-20223	10.0	0.06%	3	1		2026-05-20T17:30:40.450000	A vulnerability in the access validation of internal REST APIs of Cisco Sec
CVE-2026-45585	6.8	0.11%	3	3		2026-05-20T16:42:42.177000	Microsoft is aware of a security feature bypass vulnerability in Windows publicl
CVE-2026-6068	6.5	0.05%	1	0		2026-05-20T14:17:02.973000	NASM contains a heap use after free vulnerability in response file (-@) processi
CVE-2026-2031	0	0.43%	1	0		2026-05-18T19:32:38.777000	An Improper Access Control vulnerability in several internal API endpoints for G
CVE-2026-6473	8.8	0.07%	1	0		2026-05-18T14:59:59.747000	Integer wraparound in multiple PostgreSQL server features allows an unprivileged
CVE-2026-20182	10.0	77.32%	1	2	template	2026-05-15T12:45:53.990000	May 2026: This security advisory provides the details and fix information for a
CVE-2026-40369	7.8	0.02%	2	3		2026-05-14T17:52:50.143000	Untrusted pointer dereference in Windows Kernel allows an authorized attacker to
CVE-2026-0265	0	0.03%	1	2		2026-05-13T18:17:47.830000	An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software en
CVE-2026-28910	3.3	0.01%	2	0		2026-05-13T14:02:20.380000	This issue was addressed with improved permissions checking. This issue is fixed
CVE-2026-1502	0	0.02%	2	0		2026-05-10T21:16:28.247000	CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.
CVE-2026-34474	7.5	0.05%	3	1		2026-05-07T15:15:06.770000	Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A
CVE-2026-41940	9.8	84.37%	1	68	template	2026-05-04T18:09:42.300000	cPanel and WHM versions after 11.40 contain an authentication bypass vulnerabili
CVE-2026-5140	8.8	0.06%	2	0		2026-05-04T14:16:35.190000	Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TU
CVE-2026-4115	3.7	0.01%	2	0		2026-04-30T18:33:16.693000	A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verif
CVE-2026-3102	6.3	0.07%	2	2		2026-04-29T01:00:01.613000	A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affe
CVE-2013-0422	9.8	93.61%	1	0		2026-04-21T19:02:35.430000	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attacker
CVE-2025-58355	7.7	0.10%	2	0		2026-04-15T00:35:42.020000	Soft Serve is a self-hostable Git server for the command line. In versions 0.9.1
CVE-2025-23256	8.7	0.02%	2	0		2026-04-15T00:35:42.020000	NVIDIA BlueField contains a vulnerability in the management interface, where an
CVE-2024-12802	9.1	0.07%	2	0		2026-04-15T00:35:42.020000	SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the s
CVE-2026-24479	9.8	56.51%	1	0		2026-03-02T21:32:57.010000	HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC
CVE-2026-26980	9.4	63.49%	3	3	template	2026-02-20T19:22:53.637000	Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 all
CVE-2025-32711	9.3	8.76%	1	2		2026-02-20T17:25:10.630000	Ai command injection in M365 Copilot allows an unauthorized attacker to disclose
CVE-2019-15107	9.8	94.46%	2	44	template	2025-11-06T16:50:47.130000	An issue was discovered in Webmin <=1.920. The parameter old in password_change.
CVE-2018-0802	7.8	93.89%	2	7		2025-10-28T14:14:01.610000	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Offic
CVE-2024-9643	9.8	19.09%	1	0	template	2025-09-19T19:33:43.980000	The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authenticatio
CVE-2023-7102	9.8	82.49%	1	0		2024-11-21T08:45:16.750000	Use of a Third Party library produced a vulnerability in Barracuda Networks Inc.
CVE-2023-30626	8.8	0.76%	2	0		2024-11-21T08:00:32.410000	Jellyfin is a free-software media system. Versions starting with 10.8.0 and prio
CVE-2021-35036	6.5	0.15%	2	1		2024-11-21T06:11:43.343000	A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmw
CVE-2021-25740	3.1	0.51%	1	0		2024-11-21T05:55:19.590000	A security issue was discovered with Kubernetes that could enable users to send
CVE-2018-5999	9.8	90.79%	2	0		2024-11-21T04:09:51.257000	An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_reque
CVE-2026-48829	0	0.00%	2	0			N/A
CVE-2026-9346	0	0.00%	2	0			N/A
CVE-2026-9294	0	0.01%	2	0			N/A
CVE-2026-9295	0	0.01%	2	0			N/A
CVE-2026-40412	0	0.29%	2	0			N/A
CVE-2026-23652	0	0.07%	2	0			N/A
CVE-2025-70116	0	0.00%	2	0			N/A
CVE-2026-40411	0	0.09%	2	0			N/A
CVE-2026-41104	0	0.27%	6	0			N/A
CVE-2026-47280	0	0.07%	2	0			N/A
CVE-2026-41090	0	0.05%	4	0			N/A
CVE-2026-9256	0	0.15%	9	1			N/A
CVE-2026-33843	0	0.05%	4	0			N/A
CVE-2026-46300	0	0.05%	3	8			N/A
CVE-2026-42901	0	0.03%	4	0			N/A
CVE-2026-25262	0	0.00%	2	0			N/A
CVE-2026-46529	0	0.00%	3	1			N/A
CVE-2026-8992	0	0.12%	2	0			N/A
CVE-2026-25606	0	0.03%	1	0			N/A
CVE-2026-47243	0	0.00%	1	0			N/A
CVE-2026-0001	0	0.00%	1	2			N/A

CVE-2026-9011
(7.5 HIGH)

EPSS: 0.03%

updated 2026-05-22T09:16:33.327000

1 posts

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to retrieve the full item content of non-public Dittys — including drafts, pending, sched

thehackerwire@mastodon.social at 2026-05-22T09:59:51.000Z ##

🟠 CVE-2026-9011 - High (7.5)

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perfor...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9011/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8679
(7.5 HIGH)

EPSS: 0.13%

updated 2026-05-22T09:16:32.887000

2 posts

The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle_playlist_endpoint() function (hooked to template_redirect) accepting a user-controlled playlist ID via the audioigniter_playlist_id query var or the /audioigniter/playlist/{id}/ rewrite rule and returning playlist track data without performing a

thehackerwire@mastodon.social at 2026-05-22T10:00:01.000Z ##

🟠 CVE-2026-8679 - High (7.5)

The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle_playlist_endpoint() function (hooked to template_redirect) accepting a user-controlled playl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8679/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-05-22T09:00:41.000Z ##

🔈 CVE-2026-8679 (HIGH): AudioIgniter Music Player plugin ≤2.0.2 lets unauthenticated attackers access any playlist's metadata — including private & draft tracks — via insecure playlist ID handling. Restrict access & monitor for patches. https://radar.offseq.com/threat/cve-2026-8679-cwe-639-authorization-bypass-through-07a73ddb #OffSeq #WordPress #Vuln

##

CVE-2026-45250
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-22T08:16:14.847000

3 posts

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capacity of that buffer, a stack buffer overflow occurs. Because the bounds check on the supplementary g

1 repos

https://github.com/venglin/setcred

thehackerwire@mastodon.social at 2026-05-22T05:00:30.000Z ##

🟠 CVE-2026-45250 - High (7.8)

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validatin...

updated 2026-05-22T02:16:35.073000

1 posts

A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to execute arbitrary system commands and read local files without user interaction by exploiting an embedd

offseq@infosec.exchange at 2026-05-22T03:00:23.000Z ##

⚠️ CRITICAL: CVE-2026-9264 in Trimble SketchUp 2026 allows RCE & file exfiltration via malicious SKP files (Dynamic Components, IE11 browser). No patch yet. Avoid untrusted SKP files. More: https://radar.offseq.com/threat/cve-2026-9264-cwe-94-improper-control-of-generatio-9d9e29a0 #OffSeq #SketchUp #Vuln #InfoSec

##

CVE-2026-34911
(7.7 HIGH)

The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_func' function in all versions up to, and including, 5.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The vulne

1 repos

https://github.com/xxconi/CVE-2026-6960

thehackerwire@mastodon.social at 2026-05-21T23:00:05.000Z ##

🔴 CVE-2026-6960 - Critical (9.8)

The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_func' function in all versions up to, and including, 5.6. This makes it poss...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6960/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-05-21T22:30:12.000Z ##

🔴 CRITICAL: CVE-2026-6960 in BookingPress Appointment Booking Pro (≤5.6) allows unauthenticated file uploads — risk of RCE! Remove signature fields & monitor uploads. No patch yet — stay vigilant. https://radar.offseq.com/threat/cve-2026-6960-cwe-434-unrestricted-upload-of-file--eb314579 #OffSeq #WordPress #Vulnerability #CyberAlert

##

CVE-2026-46473
(7.5 HIGH)

EPSS: 0.01%

updated 2026-05-21T22:16:48.157000

2 posts

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

offseq@infosec.exchange at 2026-05-22T00:00:37.000Z ##

updated 2026-05-21T20:16:14.027000

7 posts

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained adminis

1 repos

https://github.com/HORKimhab/CVE-2026-34926

netsecio@mastodon.social at 2026-05-22T19:11:09.000Z ##

📰 CISA KEV Catalog Updated: Actively Exploited Langflow and Trend Micro Flaws Demand Urgent Patching

📢 CISA KEV UPDATE: Two new vulnerabilities affecting Langflow (CVE-2025-34291) & Trend Micro Apex One (CVE-2026-34926) are being actively exploited. Federal agencies mandated to patch. All orgs urged to patch NOW! #CyberSecurity #Vulnerability #Patc...

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/cisa-adds-langflow-and-trend-micro-bugs-to-kev-catal…

##

AAKL at 2026-05-22T14:58:11.669Z ##

CVE-2026-34926.

Security Week: TrendAI Patches Apex One Zero-Day Exploited in the Wild https://www.securityweek.com/trendai-patches-apex-one-zero-day-exploited-in-the-wild/ @SecurityWeek #infosec #vulnerability

##

AAKL@infosec.exchange at 2026-05-22T14:58:11.000Z ##

CVE-2026-34926.

Security Week: TrendAI Patches Apex One Zero-Day Exploited in the Wild https://www.securityweek.com/trendai-patches-apex-one-zero-day-exploited-in-the-wild/ @SecurityWeek #infosec #vulnerability

##

beyondmachines1@infosec.exchange at 2026-05-22T09:01:07.000Z ##

Trend Micro Patches Actively Exploited Directory Traversal in Apex One

Trend Micro patched eight vulnerabilities in Apex One and Vision One, including a directory traversal flaw (CVE-2026-34926) that is exploited in the wild to inject malicious code into security agents.

**If you're using Trend Micro Apex One (on-premise) or Vision One, you are under attack. Immediately update to the patched versions (SP1 CP Build 18012 / SP1 Build 17079 for on-premise, or agent build 14.0.20731+ for cloud) since one of its flaws is actively exploited to push malware through your own security tools. Even if the exploited flaw requires authentication, obviously that is not difficult to obtain for hackers.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/trend-micro-patches-actively-exploited-directory-traversal-in-apex-one-r-u-9-l-z/gD2P6Ple2L

##

secdb@infosec.exchange at 2026-05-21T22:00:19.000Z ##

🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0521)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-34291 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-34291)
- Name: Langflow Origin Validation Error Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/langflow-ai/langflow ; https://github.com/langflow-ai/langflow/releases/tag/v1.9.3; https://github.com/langflow-ai/langflow/issues/11465#event-25774545848 ; https://nvd.nist.gov/vuln/detail/CVE-2025-34291

⚠️ CVE-2026-34926 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34926)
- Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Trend Micro
- Product: Apex One
- Notes: https://success.trendmicro.com/en-US/solution/KA-0023430 ; https://nvd.nist.gov/vuln/detail/CVE-2026-34926

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

##

cisakevtracker@mastodon.social at 2026-05-21T20:01:09.000Z ##

CVE ID: CVE-2026-34926
Vendor: Trend Micro
Product: Apex One
Date Added: 2026-05-21
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-34926

##

cR0w@infosec.exchange at 2026-05-21T18:58:09.000Z ##

EITW ../ in Trend Micro Apex One. :brdAlert:

https://success.trendmicro.com/en-US/solution/KA-0023430

CVE-2026-34926

TrendAI has released updates to Apex One (on-premise), Apex One as a Service and Vision One - Standard Endpoint Protection (SEP) to resolve multiple vulnerabilities.

##

CVE-2025-34291
(8.8 HIGH)

EPSS: 33.55%

updated 2026-05-21T20:16:13.520000

4 posts

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the ref

Nuclei template

2 repos

https://github.com/amnnrth/CVE-2025-34291_cors_security_scanner

https://github.com/ridhinva/CVE-2025-34291-Langflow-Scanner

netsecio@mastodon.social at 2026-05-22T19:11:09.000Z ##

📰 CISA KEV Catalog Updated: Actively Exploited Langflow and Trend Micro Flaws Demand Urgent Patching

📢 CISA KEV UPDATE: Two new vulnerabilities affecting Langflow (CVE-2025-34291) & Trend Micro Apex One (CVE-2026-34926) are being actively exploited. Federal agencies mandated to patch. All orgs urged to patch NOW! #CyberSecurity #Vulnerability #Patc...

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/cisa-adds-langflow-and-trend-micro-bugs-to-kev-catal…

##

Matchbook3469@mastodon.social at 2026-05-22T17:52:32.000Z ##

🔵 THREAT INTELLIGENCE

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

Vulnerability | CRITICAL
CVEs: CVE-2025-34291

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to...

Full analysis:
https://www.yazoul.net/news/article/cisa-adds-exploited-langflow-and-trend-micro-apex-one-vulnerabilities-to-kev

#ThreatIntel #SecurityNews #CyberNews

##

secdb@infosec.exchange at 2026-05-21T22:00:19.000Z ##

🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0521)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-34291 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-34291)
- Name: Langflow Origin Validation Error Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/langflow-ai/langflow ; https://github.com/langflow-ai/langflow/releases/tag/v1.9.3; https://github.com/langflow-ai/langflow/issues/11465#event-25774545848 ; https://nvd.nist.gov/vuln/detail/CVE-2025-34291

⚠️ CVE-2026-34926 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34926)
- Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Trend Micro
- Product: Apex One
- Notes: https://success.trendmicro.com/en-US/solution/KA-0023430 ; https://nvd.nist.gov/vuln/detail/CVE-2026-34926

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

##

cisakevtracker@mastodon.social at 2026-05-21T20:00:52.000Z ##

CVE ID: CVE-2025-34291
Vendor: Langflow
Product: Langflow
Date Added: 2026-05-21
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-34291

##

CVE-2026-24217
(8.8 HIGH)

EPSS: 0.08%

updated 2026-05-21T20:08:20.257000

2 posts

NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.

thehackerwire@mastodon.social at 2026-05-23T02:00:03.000Z ##

🟠 CVE-2026-24217 - High (8.8)

NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24217/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T02:00:03.000Z ##

🟠 CVE-2026-24217 - High (8.8)

NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24217/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4858
(8.0 HIGH)

EPSS: 0.04%

updated 2026-05-21T19:43:31.373000

1 posts

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an arbitrary API via system admin Mattermost auth token using via path traversal in integration action URL.. Mattermost Advisory ID: MMSA-2026-00640

thehackerwire@mastodon.social at 2026-05-21T12:00:29.000Z ##

🟠 CVE-2026-4858 - High (8)

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an arbitrary API via system admin Matt...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4858/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41035
(7.4 HIGH)

EPSS: 0.03%

updated 2026-05-21T19:23:51.373000

1 posts

In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable.

linux@activitypub.awakari.com at 2026-05-23T08:39:39.000Z ## CVE-2026-41035 In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xa...

#CVE

Origin | Interest | Match ##

CVE-2026-48207
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-21T19:16:53.700000

2 posts

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory Python-native mode with strict mode disabled and relies on DeserializationPolicy to restrict unsafe classes,

offseq@infosec.exchange at 2026-05-21T21:00:11.000Z ##

🚨 CRITICAL: CVE-2026-48207 in Apache Fory <1.0.0 — Deserialization flaw in PyFory ReduceSerializer bypasses DeserializationPolicy, risking RCE if strict mode is off. Upgrade to 1.0.0+ ASAP! https://radar.offseq.com/threat/cve-2026-48207-cwe-502-deserialization-of-untruste-97a80f2c #OffSeq #CVE202648207 #Vulnerability #ApacheFory

##

thehackerwire@mastodon.social at 2026-05-21T20:00:29.000Z ##

🔴 CVE-2026-48207 - Critical (9.8)

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deseri...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48207/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42945
(8.1 HIGH)

EPSS: 1.00%

updated 2026-05-21T19:16:53.100000

1 posts

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond it

30 repos

https://github.com/soksofos/wazuh-nginx-cve-2026-42945-sca-lab

https://github.com/DepthFirstDisclosures/Nginx-Rift

https://github.com/byezero/nginx-cve-2026-42945-check

https://github.com/RedCrazyGhost/CVE-2026-42945

https://github.com/MateusVerass/nGixshell

https://github.com/realityone/cve-2026-42945-scan

https://github.com/F2u0a0d3/CVE-2026-42945-nginx-rift-poc

https://github.com/BarAppTeam/nginx-cve-fix

https://github.com/rheodev/CVE-2026-42945

https://github.com/imSre9/CVE-2026-42945

https://github.com/dinosn/cve-2026-42945-nginx32-lab

https://github.com/sibersan/web-server-audit_CVE-2026-42945

https://github.com/hnytgl/cve-2026-42945

https://github.com/tal7aouy/nginx-cve-2026-42945

https://github.com/forxiucn/nginx-cve-2026-42945-poc

https://github.com/gagaltotal/CVE-2026-42945-NGINX-Rift-Toolkit

https://github.com/chenqin231/CVE-2026-42945

https://github.com/jelasin/CVE-2026-42945

https://github.com/friparia/NGINX_RIFT_SCAN_CVE_2026_42945

https://github.com/p3Nt3st3r-sTAr/CVE-2026-42945-POC

https://github.com/cipherspy/CVE-2026-42945-POC

https://github.com/nanwinata/nginxrift-CVE-2026-42945

https://github.com/Renison-Gohel/CVE-2026-42945-NGINX-Rift

https://github.com/0xBlackash/CVE-2026-42945

https://github.com/fkj-src/fix_nginx_cve_2026_42945

https://github.com/ChamsBouzaiene/ai-vuln-rediscovery-nginx-cve-2026-42945

https://github.com/oseasfr/Scanner_CVE_2026-42945

https://github.com/yusufdalbudak/CVE-2026-42945

https://github.com/iammerrida-source/nginx-rift-detect

EPSS: 0.00%

updated 2026-05-21T19:10:21.527000

1 posts

The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5.

thehackerwire@mastodon.social at 2026-05-21T17:00:20.000Z ##

🟠 CVE-2026-9089 - High (8.8)

The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9089/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48241
(8.1 HIGH)

EPSS: 0.05%

updated 2026-05-21T19:10:12.323000

2 posts

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are committed to the source repository. Any actor with access to the public source tree (or an unauthenticated attacker with read access to the file on a deployed installation) can read the username, password, and database name and use them to connect to the database

offseq@infosec.exchange at 2026-05-21T19:30:18.000Z ##

🚨 CRITICAL: Open ISES Tickets <3.44.2 has hardcoded MySQL creds in loader.php (CVE-2026-48241), exposing DBs to attack if reachable. Restrict file & DB access, rotate creds now. No official fix yet. https://radar.offseq.com/threat/cve-2026-48241-use-of-hard-coded-credentials-in-op-e794805b #OffSeq #Vulnerability #MySQL #AppSec

##

thehackerwire@mastodon.social at 2026-05-21T18:59:49.000Z ##

🟠 CVE-2026-48241 - High (8.1)

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are committed to the source repository. Any actor with access to the public source tree (or an unauthenticated atta...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48241/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48235
(8.2 HIGH)

EPSS: 0.03%

updated 2026-05-21T19:10:12.323000

1 posts

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses (InstaMapper and Google Latitude integration) are concatenated into UPDATE and INSERT statements without sanitization. An attacker able to compromise or impersonate the re

thehackerwire@mastodon.social at 2026-05-21T19:00:04.000Z ##

🟠 CVE-2026-48235 - High (8.2)

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses (InstaMapper and G...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48235/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48242
(8.1 HIGH)

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.

thehackerwire@mastodon.social at 2026-05-22T22:00:12.000Z ##

🟠 CVE-2026-8632 - High (7.8)

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8632/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-22T22:00:12.000Z ##

🟠 CVE-2026-8632 - High (7.8)

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8632/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8631
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-05-21T18:58:41.297000

2 posts

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data.

thehackerwire@mastodon.social at 2026-05-22T22:00:02.000Z ##

🔴 CVE-2026-8631 - Critical (9.8)

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8631/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-22T22:00:02.000Z ##

🔴 CVE-2026-8631 - Critical (9.8)

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8631/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48172
(0 None)

EPSS: 0.02%

updated 2026-05-21T18:16:17.340000

5 posts

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you

2 repos

https://github.com/HORKimhab/CVE-2026-48172

https://github.com/retmakarunia/CVE-2026-48172

undercodenews@mastodon.social at 2026-05-23T11:37:03.000Z ##

LiteSpeed cPanel Zero-Day Under Active Exploitation Lets Attackers Gain Root Access on Shared Hosting Servers + Video

Introduction A dangerous new cybersecurity crisis is unfolding across the web hosting ecosystem after researchers uncovered a critical privilege-escalation vulnerability affecting the LiteSpeed User-End cPanel plugin. The flaw, identified as CVE-2026-48172, carries the highest possible severity rating with a CVSS score of 10.0 and is already being…

https://undercodenews.com/litespeed-cpanel-zero-day-under-active-exploitation-lets-attackers-gain-root-access-on-shared-hosting-servers-video/?utm_source=mastodon&utm_medium=jetpack_social

##

hackerworkspace at 2026-05-23T09:34:41.611Z ##

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html

Read on HackerWorkspace: https://hackerworkspace.com/article/litespeed-cpanel-plugin-cve-2026-48172-exploited-to-run-scripts-as-root

#cybersecurity #vulnerability #exploit

##

undercodenews@mastodon.social at 2026-05-23T08:32:36.000Z ##

Critical LiteSpeed cPanel Plugin Vulnerability Actively Exploited as Attackers Gain Root Access + Video

A newly disclosed security flaw in the LiteSpeed User-End cPanel Plugin has triggered major concern across the hosting and cybersecurity industries after researchers confirmed that the vulnerability is already being exploited in real-world attacks. The issue, identified as CVE-2026-48172, carries a maximum CVSS severity score of 10.0, placing it among the most…

https://undercodenews.com/critical-litespeed-cpanel-plugin-vulnerability-actively-exploited-as-attackers-gain-root-access-video/?utm_source=mastodon&utm_medium=jetpack_social

##

Analyst207@mastodon.social at 2026-05-23T08:16:24.000Z ##

LiteSpeed Plugin Flaw Exploited to Run Scripts as Root

A critical flaw in the LiteSpeed plugin, CVE-2026-48172, is being actively exploited to give cPanel users unlimited power, allowing them to run scripts as root. This severe vulnerability, rated 10.0 on the CVSS scale, puts your online security at risk and demands immediate attention.

https://osintsights.com/litespeed-plugin-flaw-exploited-to-run-scripts-as-root?utm_source=mastodon&utm_medium=social

#Cve202648172 #Litespeed #PluginVulnerability #Cpanel #EmergingThreats

##

hackerworkspace@infosec.exchange at 2026-05-23T09:34:41.000Z ##

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html

Read on HackerWorkspace: https://hackerworkspace.com/article/litespeed-cpanel-plugin-cve-2026-48172-exploited-to-run-scripts-as-root

#cybersecurity #vulnerability #exploit

##

CVE-2026-44925
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-21T16:57:27.350000

2 posts

Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge.

thehackerwire@mastodon.social at 2026-05-23T02:00:26.000Z ##

🟠 CVE-2026-44925 - High (8.8)

Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web app...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44925/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T02:00:26.000Z ##

🟠 CVE-2026-44925 - High (8.8)

Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web app...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44925/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43494
(0 None)

EPSS: 0.03%

updated 2026-05-21T16:16:23.157000

2 posts

In the Linux kernel, the following vulnerability has been resolved: net/rds: reset op_nents when zerocopy page pin fails When iov_iter_get_pages2() fails in rds_message_zcopy_from_user(), the pinned pages are released with put_page(), and rm->data.op_mmp_znotifier is cleared. But we fail to properly clear rm->data.op_nents. Later when rds_message_purge() is called from rds_sendmsg() the cleanu

2 repos

https://github.com/0xBlackash/CVE-2026-43494

https://github.com/Koshmare-Blossom/PinTheft-go

linux@activitypub.awakari.com at 2026-05-20T14:27:32.000Z ## Daniel Baumann: Debian: Linux Vulnerability Mitigation (PinTheft) Following the series of various Linux exploits of the last three weeks, the bug of today is PinTheft [ CVE-2026-43494 ] which is lo...

Origin | Interest | Match ##

CVE-2026-47373
(7.5 HIGH)

EPSS: 0.03%

updated 2026-05-21T16:04:53.813000

2 posts

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.

thehackerwire@mastodon.social at 2026-05-22T22:00:24.000Z ##

🟠 CVE-2026-47373 - High (7.5)

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks.

These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47373/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-22T22:00:24.000Z ##

🟠 CVE-2026-47373 - High (7.5)

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks.

These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47373/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-47372
(9.1 CRITICAL)

EPSS: 0.01%

updated 2026-05-21T16:04:53.813000

1 posts

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography.

thehackerwire@mastodon.social at 2026-05-22T09:00:15.000Z ##

🔴 CVE-2026-47372 - Critical (9.1)

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts.

These versions use the built-in rand function, which is predictable and unsuitable for cryptography.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47372/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23734
(0 None)

EPSS: 0.04%

updated 2026-05-21T16:04:53.813000

1 posts

XWiki Platform is a generic wiki platform. Versions prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17 allow access to read configuration files by using URLs such as http://localhost:8080/bin/ssx/Main/WebHome?resource=/../../WEB-INF/xwiki.cfg&minify=false, leading to Path Traversal. The vulnerability is can be exploited via resources parameter the ssx and jsx endpoints by using leading slashes. T

offseq@infosec.exchange at 2026-05-21T10:30:28.000Z ##

⚠️ CRITICAL: CVE-2026-23734 in XWiki Platform (xwiki-commons) allows unauthenticated path traversal — attackers can read config files via crafted 'resource' parameters. Patch to 18.1.0-rc-1, 17.10.3, 17.4.9, or 16.10.17+ now! https://radar.offseq.com/threat/cve-2026-23734-cwe-23-relative-path-traversal-in-x-16518aab #OffSeq #xwiki #vuln

##

CVE-2026-33137
(0 None)

Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

thehackerwire@mastodon.social at 2026-05-22T01:00:07.000Z ##

🟠 CVE-2025-13479 - High (7.5)

Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers.

This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted earl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13479/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9082
(6.5 MEDIUM)

EPSS: 12.57%

updated 2026-05-21T15:24:25.330000

25 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Nuclei template

7 repos

https://github.com/N45HT/drupal-cve-2026-9082-checker

https://github.com/ywh-jfellus/CVE-2026-9082

https://github.com/0xBlackash/CVE-2026-9082

https://github.com/7h30th3r0n3/CVE-2026-9082-Drupal-PoC

https://github.com/lysophavin18/cve-2026-9082

https://github.com/ridhinva/CVE-2026-9082

https://github.com/HORKimhab/CVE-2026-9082

ChrisShort@hachyderm.io at 2026-05-23T20:25:33.000Z ##

CVE-2026-9082: Critical Drupal Core SQL Injection Vulnerability | Tenable® #devopsish https://www.tenable.com/blog/cve-2026-9082-highly-critical-sql-injection-vulnerability-in-drupal-core-sa-core-2026-004

##

netsecio@mastodon.social at 2026-05-23T18:28:25.000Z ##

📰 Critical Unauthenticated SQLi Flaw in Drupal Core Hits PostgreSQL Sites

🚨 CRITICAL vulnerability in Drupal Core (CVE-2026-9082)! Unauthenticated SQL injection affects sites using PostgreSQL, allowing for potential RCE. Patch immediately! #Drupal #CyberSecurity #SQLi #Vulnerability

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/critical-sql-injection-vulnerability-cve-2026-9082-in-drupal-core-for-postgresql/?utm_source=mastodon&utm_medium=social&utm_campaign=daily

##

undercodenews@mastodon.social at 2026-05-23T16:46:44.000Z ##

Drupal’s New SQL Injection Nightmare Sparks Global Attack Wave Within 48 Hours + Video

A Dangerous Drupal Flaw Has Turned Into a Worldwide Security Emergency Drupal administrators around the world are scrambling after the discovery of CVE-2026-9082, a highly critical SQL injection vulnerability that rapidly evolved from a technical advisory into an active global attack campaign. The flaw specifically impacts Drupal websites using PostgreSQL databases, and despite…

https://undercodenews.com/drupals-new-sql-injection-nightmare-sparks-global-attack-wave-within-48-hours-video/?utm_source=mastodon&utm_medium=jetpack_social

##

ghard@mastodon.social at 2026-05-23T11:16:08.000Z ##

@apz LOL very timely, just on that note, say hello to CVE-2026-9082
Not that I would trust Drupal or any other modern or ancient CMS any longer than I could throw it.

##

Matchbook3469@mastodon.social at 2026-05-23T11:12:36.000Z ##

🔵 THREAT INTELLIGENCE

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

Vulnerability | CRITICAL
CVEs: CVE-2026-9082

Drupal is warning that hackers are attempting to exploit a 'highly critical' SQL injection vulnerability announced earlier this week. [...]

Full analysis:
https://www.yazoul.net/news/article/drupal-core-sql-injection-bug-actively-exploited-added-to-cisa-kev

#InfoSec #ZeroDay #SecurityOps

##

undercodenews@mastodon.social at 2026-05-23T09:52:45.000Z ##

CISA Warns of Mass Exploitation as Critical Drupal SQL Injection Flaw Hits 65 Countries + Video

A newly disclosed vulnerability in Drupal Core has triggered global concern after the U.S. Cybersecurity and Infrastructure Security Agency, better known as Cybersecurity and Infrastructure Security Agency, officially added CVE-2026-9082 to its Known Exploited Vulnerabilities catalog. Security researchers and threat intelligence analysts are now warning that the flaw is…

https://undercodenews.com/cisa-warns-of-mass-exploitation-as-critical-drupal-sql-injection-flaw-hits-65-countries-video/?utm_source=mastodon&utm_medium=jetpack_social

##

Analyst207@mastodon.social at 2026-05-23T08:17:22.000Z ##

Drupal Core SQL Injection Flaw Actively Exploited

Drupal has confirmed that exploit attempts for a critical SQL injection flaw, CVE-2026-9082, are being actively detected in the wild, posing a significant risk of privilege escalation and remote code execution. This vulnerability affects all supported Drupal Core versions and can lead to full site compromise if not addressed promptly.

https://osintsights.com/drupal-core-sql-injection-flaw-actively-exploited?utm_source=mastodon&utm_medium=social

#DrupalCore #SqlInjection #Cve20269082 #WebApplicationSecurity #ExploitationInTheWild

##

undercodenews@mastodon.social at 2026-05-23T08:11:44.000Z ##

CISA Warns of Active Exploitation as Critical Drupal SQL Injection Flaw Hits Thousands of Sites + Video

A New Drupal Emergency Is Unfolding Across the Internet A newly disclosed vulnerability in Drupal Core is already being actively exploited just days after security patches became available, triggering urgent warnings from the U.S. Cybersecurity and Infrastructure Security Agency. The flaw, identified as CVE-2026-9082, has now been officially added to CISA’s Known…

https://undercodenews.com/cisa-warns-of-active-exploitation-as-critical-drupal-sql-injection-flaw-hits-thousands-of-sites-video/?utm_source=mastodon&utm_medium=jetpack_social

##

beyondmachines1 at 2026-05-23T08:01:07.815Z ##

Drupal Critical SQL Injection Flaw Actively Exploited

Drupal is urging immediate updates to patch CVE-2026-9082, an SQL injection vulnerability in the database abstraction API that is exploited in the wild. The flaw allows unauthenticated attackers to perform remote code execution and data theft on sites using PostgreSQL.

**If you run Drupal, update to the latest version immediately because hackers are already using this flaw to take over websites. Even if you do not use PostgreSQL, the update fixes other hidden security holes in the software's building blocks like Symfony and Twig.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/drupal-critical-sql-injection-flaw-actively-exploited-y-u-f-p-q/gD2P6Ple2L

##

Matchbook3469@mastodon.social at 2026-05-22T23:43:28.000Z ##

🟡 New security advisory:

CVE-2026-9082 affects multiple systems.

• Impact: Security weakness that could be exploited
• Risk: Potential for targeted attacks
• Mitigation: Schedule patching in your next maintenance window

Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-9082-drupal-core-sqli-actively-exploited-poc

#Cybersecurity #PatchNow #InfoSecCommunity

##

bugxhunter at 2026-05-22T22:00:45.363Z ##

🔍 Drupal Core SQL Injection Vulnerability Added to KEV Catalog

📝 Drupal Core CVE-2026-9082 exploited, poses significant risk to federal networks.

https://www.cisa.gov/news-events/alerts/2026/05/22/cisa-adds-one-known-exploited-vulnerability-catalog

📰 Alerts

#CVE #ZeroDay

##

secdb at 2026-05-22T20:00:14.543Z ##

🚨 [CISA-2026:0522] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0522)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-9082 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-9082)
- Name: Drupal Core SQL Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Drupal
- Product: Core
- Notes: https://www.drupal.org/sa-core-2026-004 ; https://nvd.nist.gov/vuln/detail/CVE-2026-9082

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260522 #cisa20260522 #cve_2026_9082 #cve20269082

##

cisakevtracker@mastodon.social at 2026-05-22T19:00:55.000Z ##

CVE ID: CVE-2026-9082
Vendor: Drupal
Product: Core
Date Added: 2026-05-22
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-9082

##

ChrisShort@hachyderm.io at 2026-05-23T20:25:33.000Z ##

CVE-2026-9082: Critical Drupal Core SQL Injection Vulnerability | Tenable® #devopsish https://www.tenable.com/blog/cve-2026-9082-highly-critical-sql-injection-vulnerability-in-drupal-core-sa-core-2026-004

##

ghard@mastodon.social at 2026-05-23T11:16:08.000Z ##

@apz LOL very timely, just on that note, say hello to CVE-2026-9082
Not that I would trust Drupal or any other modern or ancient CMS any longer than I could throw it.

##

beyondmachines1@infosec.exchange at 2026-05-23T08:01:07.000Z ##

Drupal Critical SQL Injection Flaw Actively Exploited

Drupal is urging immediate updates to patch CVE-2026-9082, an SQL injection vulnerability in the database abstraction API that is exploited in the wild. The flaw allows unauthenticated attackers to perform remote code execution and data theft on sites using PostgreSQL.

**If you run Drupal, update to the latest version immediately because hackers are already using this flaw to take over websites. Even if you do not use PostgreSQL, the update fixes other hidden security holes in the software's building blocks like Symfony and Twig.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/drupal-critical-sql-injection-flaw-actively-exploited-y-u-f-p-q/gD2P6Ple2L

##

bugxhunter@infosec.exchange at 2026-05-22T22:00:45.000Z ##

🔍 Drupal Core SQL Injection Vulnerability Added to KEV Catalog

📝 Drupal Core CVE-2026-9082 exploited, poses significant risk to federal networks.

https://www.cisa.gov/news-events/alerts/2026/05/22/cisa-adds-one-known-exploited-vulnerability-catalog

📰 Alerts

#CVE #ZeroDay

##

secdb@infosec.exchange at 2026-05-22T20:00:14.000Z ##

🚨 [CISA-2026:0522] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0522)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-9082 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-9082)
- Name: Drupal Core SQL Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Drupal
- Product: Core
- Notes: https://www.drupal.org/sa-core-2026-004 ; https://nvd.nist.gov/vuln/detail/CVE-2026-9082

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260522 #cisa20260522 #cve_2026_9082 #cve20269082

##

cisakevtracker@mastodon.social at 2026-05-22T19:00:55.000Z ##

CVE ID: CVE-2026-9082
Vendor: Drupal
Product: Core
Date Added: 2026-05-22
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-9082

##

_r_netsec@infosec.exchange at 2026-05-22T14:28:05.000Z ##

Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082) https://slcyber.io/research-center/keys-to-the-kingdom-anonymous-sql-injection-in-drupal-core-cve-2026-9082/

##

Analyst207@mastodon.social at 2026-05-22T13:16:29.000Z ##

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

https://osintsights.com/drupal-sites-targeted-in-sql-injection-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #Drupal #Cve20269082 #EmergingThreats #ArbitraryCodeExecution

##

bearstech@mamot.fr at 2026-05-22T12:57:49.000Z ##

Faille Drupal critique : injection SQL via PostgreSQL (CVE-2026-9082)

👉 https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0629/

##

tomshw@mastodon.social at 2026-05-21T14:10:10.000Z ##

🛡️ Drupal corregge una falla SQL: aggiornare subito è la miglior difesa, perché gli exploit potrebbero arrivare a breve. #Drupal #CyberSecurity

🔗 https://www.tomshw.it/hardware/drupal-cve-2026-9082-sql-injection-postgresql

##

offseq@infosec.exchange at 2026-05-21T11:30:26.000Z ##

🚨 Drupal sites using PostgreSQL face a highly critical SQL injection vuln (CVE-2026-9082), risking RCE & data exposure. Patch versions 11.3, 11.2, 10.6, 10.5.x ASAP. Update Symfony & Twig too. No active exploitation yet. https://radar.offseq.com/threat/drupal-patches-highly-critical-vulnerability-expos-a1486e66 #OffSeq #Drupal #SQLInjection #Infosec

##

benzogaga33@mamot.fr at 2026-05-21T09:40:02.000Z ##

Drupal – CVE-2026-9082 : cette faille critique de type injection SQL menace les sites Web https://www.it-connect.fr/drupal-cve-2026-9082-cette-faille-critique-de-type-injection-sql-menace-les-sites-web/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Web

##

CVE-2026-9157
(8.4 HIGH)

EPSS: 0.02%

updated 2026-05-21T15:24:25.330000

updated 2026-05-21T15:19:30.540000

3 posts

The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to the plugin accepting a user-controlled 'role' parameter from POST data during user registration without validating it against the form's configured default_user_role setting. This makes it possible for unauthenticated attackers to create administrator accounts by

4 repos

https://github.com/puj790201-lab/CVE-2026-5118

https://github.com/zycoder0day/CVE-2026-5118

https://github.com/Jenderal92/CVE-2026-5118

https://github.com/Yucaerin/CVE-2026-5118

thehackerwire@mastodon.social at 2026-05-22T02:00:24.000Z ##

🔴 CVE-2026-5118 - Critical (9.8)

updated 2026-05-21T15:05:28.023000

1 posts

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a res

thehackerwire@mastodon.social at 2026-05-22T01:00:29.000Z ##

🔴 CVE-2025-71211 - Critical (9.8)

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71211/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71210
(9.8 CRITICAL)

EPSS: 0.42%

updated 2026-05-21T15:05:28.023000

2 posts

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mi

thehackerwire@mastodon.social at 2026-05-22T01:00:29.000Z ##

🔴 CVE-2025-71211 - Critical (9.8)

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71211/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-22T01:00:18.000Z ##

🔴 CVE-2025-71210 - Critical (9.8)

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.

Please note: although this vulnerability carries a technical critical CVSS rat...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71210/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34930
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

1 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T23:00:15.000Z ##

🟠 CVE-2026-34930 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism.

Please note: an ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34930/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34927
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

4 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T23:00:15.000Z ##

🟠 CVE-2026-34930 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism.

Please note: an ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34930/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T22:01:57.000Z ##

🟠 CVE-2026-34929 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different inter-process communication mechanism.

Please ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34929/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T22:01:47.000Z ##

🟠 CVE-2026-34928 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism.

Please not...

updated 2026-05-21T15:05:28.023000

2 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T20:00:48.000Z ##

🟠 CVE-2026-45206 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45206/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T17:00:30.000Z ##

🟠 CVE-2026-45207 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45207/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45207
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

2 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T20:00:48.000Z ##

🟠 CVE-2026-45206 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45206/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T17:00:30.000Z ##

🟠 CVE-2026-45207 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45207/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45208
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

1 posts

A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T20:00:39.000Z ##

🟠 CVE-2026-45208 - High (7.8)

A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45208/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46333
(7.1 HIGH)

EPSS: 0.01%

updated 2026-05-21T14:16:48.910000

10 posts

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointe

4 repos

https://github.com/studiogangster/CVE-2026-46333

https://github.com/0xBlackash/CVE-2026-46333

https://github.com/Aurillium/public-passwd

https://github.com/KaraZajac/CHARON

beyondexcess@deds.social at 2026-05-23T16:28:41.000Z ##

@ruario No, because Ubuntu doesn't have updates yet... https://ubuntu.com/security/CVE-2026-46333

##

ruario@vivaldi.net at 2026-05-23T16:02:58.000Z ##

Linux fans, please tell me you have updated your machine for "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path", right… right!?

##

ruario@vivaldi.net at 2026-05-23T16:02:58.000Z ##

Linux fans, please tell me you have updated your machine for "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path", right… right!?

##

linux@activitypub.awakari.com at 2026-05-23T14:18:42.000Z ## В Linux беше открита поредната сериозна уязвимост – тя съществува от цели 10 години В Linux беше открита поредна ...

#IT #Новини #CVE-2026-46333 #Linux #киберсигурност #операционна #система #уязвимост

Origin | Interest | Match ##

linux@activitypub.awakari.com at 2026-05-20T15:40:19.000Z ## CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...

#Vulnerabilities #and #Threat #Research #security #vulnerabilities

Origin | Interest | Match ##

rusty__shackleford@mastodon.social at 2026-05-22T12:57:53.000Z ##

I have no words.

---
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html?m=1

> CVE-2026-46333 is a nine-year Linux kernel improper privilege management flaw introduced in November 2016 with a CVSS score of 5.5.

##

linux@activitypub.awakari.com at 2026-05-20T15:40:19.000Z ## CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...

#Vulnerabilities #and #Threat #Research #security #vulnerabilities

Origin | Interest | Match ##

raptor@infosec.exchange at 2026-05-21T17:44:07.000Z ##

#Qualys #Security #Advisory

Logic bug in the #Linux kernel's __ptrace_may_access() function
(CVE-2026-46333)

https://cdn2.qualys.com/advisory/2026/05/20/cve-2026-46333-ptrace.txt

##

linux@activitypub.awakari.com at 2026-05-21T09:57:16.000Z ## Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, exposes a serious local privilege escalat...

#Cyber #Security #News #Linux #Vulnerability #News #cyber #security #cyber #security #news

Origin | Interest | Match ##

CVE-2026-42960
(10.0 CRITICAL)

EPSS: 0.02%

updated 2026-05-20T22:51:43.680000

2 posts

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such records in a reply (i.e., spoofed packet, fragmentation attack) he would be able to poison Unbound's cach

thehackerwire@mastodon.social at 2026-05-23T04:00:02.000Z ##

🔴 CVE-2026-42960 - Critical (10)

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42960/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T04:00:02.000Z ##

🔴 CVE-2026-42960 - Critical (10)

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42960/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42959
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-20T22:51:00.717000

2 posts

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets for ADDITIONAL section rrsets. DNAME duplication could increase the ANSWER section count and authority fi

thehackerwire@mastodon.social at 2026-05-23T10:00:09.000Z ##

🟠 CVE-2026-42959 - High (7.5)

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code us...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42959/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T10:00:09.000Z ##

🟠 CVE-2026-42959 - High (7.5)

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code us...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42959/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42944
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-20T22:50:49.877000

2 posts

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options ('nsid', 'answer-cookie', 'pad-responses' (default)) need to be enabled for the vulnerability to be exploited. An adversary who can query Unbound can exploit the vulner

thehackerwire@mastodon.social at 2026-05-23T09:59:59.000Z ##

🟠 CVE-2026-42944 - High (7.5)

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options ('nsid', 'answe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42944/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T09:59:59.000Z ##

🟠 CVE-2026-42944 - High (7.5)

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options ('nsid', 'answe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42944/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41292
(7.5 HIGH)

EPSS: 0.06%

updated 2026-05-20T22:49:46.850000

2 posts

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data structures for the options. Coordinated attacks can result in degradation and/or denial of service. Un

thehackerwire@mastodon.social at 2026-05-23T04:00:13.000Z ##

🟠 CVE-2026-41292 - High (7.5)

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41292/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T04:00:13.000Z ##

🟠 CVE-2026-41292 - High (7.5)

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41292/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33278
(9.8 CRITICAL)

EPSS: 0.24%

updated 2026-05-20T22:49:23.313000

2 posts

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the vulnerability by controlling a malicious signed zone and querying a vulnerable Unbound. When DS sub-quer

thehackerwire@mastodon.social at 2026-05-23T10:00:19.000Z ##

🔴 CVE-2026-33278 - Critical (9.8)

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33278/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T10:00:19.000Z ##

🔴 CVE-2026-33278 - Critical (9.8)

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33278/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24218
(8.1 HIGH)

EPSS: 0.02%

updated 2026-05-20T21:31:30

2 posts

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or attacker-in-the-middle attacks. A successful exploit of this vulnerability might lead to code execution, d

thehackerwire@mastodon.social at 2026-05-23T02:00:14.000Z ##

🟠 CVE-2026-24218 - High (8.1)

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly pro...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T02:00:14.000Z ##

🟠 CVE-2026-24218 - High (8.1)

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly pro...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44926
(8.8 HIGH)

EPSS: 0.01%

updated 2026-05-20T20:16:40.517000

2 posts

InfoScale CmdServer before 7.4.2 mishandles access control.

thehackerwire@mastodon.social at 2026-05-23T03:59:53.000Z ##

🟠 CVE-2026-44926 - High (8.8)

InfoScale CmdServer before 7.4.2 mishandles access control.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44926/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-23T03:59:53.000Z ##

🟠 CVE-2026-44926 - High (8.8)

InfoScale CmdServer before 7.4.2 mishandles access control.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44926/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41091
(7.8 HIGH)

EPSS: 5.22%

updated 2026-05-20T19:06:36.850000

4 posts

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

2 repos

https://github.com/ridhinva/defender-vulnerability-scanner

https://github.com/0xBlackash/CVE-2026-41091

tierrasapiens@mastodon.social at 2026-05-23T00:18:12.000Z ##

🖲️ #Noticia de #CiberSeguridad #CiberGuerra #CiberAtaque #CiberNoticia
⚫ Actualizaciones para Microsoft Defender y Trend Micro
🔗 http://blog.segu-info.com.ar/2026/05/actualizaciones-para-dos-zero-day-en.html

El miércoles, Microsoft comenzó a implementar parches de seguridad para dos
vulnerabilidades de Defender que han sido explotadas en ataques Zero-Day.

La primera, identificada como
CVE-2026-41091, es una vulnerabilidad de escalamiento de privilegios que afecta a Microsoft

##

netsecio@mastodon.social at 2026-05-22T19:11:38.000Z ##

📰 Warning: Microsoft Defender Flaws Actively Exploited to Gain SYSTEM Privileges

⚠️ ACTIVE EXPLOITATION ALERT: Flaws in Microsoft Defender (CVE-2026-41091, CVE-2026-45498) are being used by attackers to gain SYSTEM privileges and disable AV. Patch the Malware Protection Engine immediately! #CyberSecurity #Vulnerability #PatchNow

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/microsoft-defender-vulnerabilities-actively-exploited-for-privilege-escalati…

##

oversecurity@mastodon.social at 2026-05-22T09:20:40.000Z ##

Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems

Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and...

🔗️ [Thecyberexpress] https://link.is.it/oRM68F

##

beyondmachines1@infosec.exchange at 2026-05-21T17:01:08.000Z ##

Microsoft Patches Actively Exploited Defender Vulnerabilities

Microsoft and CISA confirmed active exploitation of vulnerabilities in Microsoft Defender, including a privilege escalation flaw (CVE-2026-41091) and a denial-of-service bug (CVE-2026-45498).

**Check that your Microsoft Defender engine version is 1.1.26040.8 or higher to ensure you are protected against these active exploits. While updates are usually automatic, manual verification is necessary for critical systems to confirm the patches were applied.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/microsoft-patches-actively-exploited-defender-vulnerabilities-0-b-g-y-f/gD2P6Ple2L

##

CVE-2026-45498
(4.0 MEDIUM)

EPSS: 3.72%

updated 2026-05-20T19:05:46.837000

2 posts

Microsoft Defender Denial of Service Vulnerability

1 repos

https://github.com/ridhinva/defender-vulnerability-scanner

netsecio@mastodon.social at 2026-05-22T19:11:38.000Z ##

📰 Warning: Microsoft Defender Flaws Actively Exploited to Gain SYSTEM Privileges

⚠️ ACTIVE EXPLOITATION ALERT: Flaws in Microsoft Defender (CVE-2026-41091, CVE-2026-45498) are being used by attackers to gain SYSTEM privileges and disable AV. Patch the Malware Protection Engine immediately! #CyberSecurity #Vulnerability #PatchNow

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/microsoft-defender-vulnerabilities-actively-exploited-for-privilege-escalati…

##

beyondmachines1@infosec.exchange at 2026-05-21T17:01:08.000Z ##

Microsoft Patches Actively Exploited Defender Vulnerabilities

Microsoft and CISA confirmed active exploitation of vulnerabilities in Microsoft Defender, including a privilege escalation flaw (CVE-2026-41091) and a denial-of-service bug (CVE-2026-45498).

**Check that your Microsoft Defender engine version is 1.1.26040.8 or higher to ensure you are protected against these active exploits. While updates are usually automatic, manual verification is necessary for critical systems to confirm the patches were applied.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/microsoft-patches-actively-exploited-defender-vulnerabilities-0-b-g-y-f/gD2P6Ple2L

##

CVE-2026-24207
(9.8 CRITICAL)

YellowKey, tracked as CVE-2026-45585, is a public BitLocker bypass that abuses WinRE/recovery-path behavior to expose a protected volume without the Windows password, recovery key, or AES cracking.

At the time of this post, the author’s GitHub and original YellowKey repo appear to be down.

#BitLocker #YellowKey #CVE202645585 #CyberSecurity #InfoSec #WindowsSecurity #TPM #FullDiskEncryption #hack #exploit #news #hashpwn

##

cyclone@infosec.exchange at 2026-05-23T16:41:26.000Z ##

YellowKey: BitLocker Bypass or Backdoor

YellowKey, tracked as CVE-2026-45585, is a public BitLocker bypass that abuses WinRE/recovery-path behavior to expose a protected volume without the Windows password, recovery key, or AES cracking.

At the time of this post, the author’s GitHub and original YellowKey repo appear to be down.

#BitLocker #YellowKey #CVE202645585 #CyberSecurity #InfoSec #WindowsSecurity #TPM #FullDiskEncryption #hack #exploit #news #hashpwn

##

beyondmachines1@infosec.exchange at 2026-05-21T13:01:07.000Z ##

Microsoft Issues Emergency Mitigation for YellowKey BitLocker Bypass

Microsoft released emergency mitigations for a BitLocker bypass vulnerability (CVE-2026-45585) that allows attackers with physical access to access encrypted data via the Windows Recovery Environment.

**To protect against the YellowKey physical bypass attack switch your BitLocker configuration from TPM-only to TPM+PIN configuration. Relying on hardware-only secrets is no longer sufficient when the boot process itself can be manipulated. IT teams should also manually modify their WinRE images to remove the autofstx.exe entry from the registry until Microsoft releases an official, permanent patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-issues-emergency-mitigation-for-yellowkey-bitlocker-bypass-8-8-6-n-a/gD2P6Ple2L

##

CVE-2026-6068
(6.5 MEDIUM)

EPSS: 0.05%

updated 2026-05-20T14:17:02.973000

updated 2026-05-15T12:45:53.990000

1 posts

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show Control Connections guidance to help with system checks.  A vulnerability in the peering authenti

Nuclei template

2 repos

https://github.com/fangbarristerbar/CVE-2026-20182-POC

https://github.com/portbuster1337/CVE-2026-20182

CapTechGroup@mastodon.social at 2026-05-23T12:53:33.000Z ##

Metasploit's latest release includes working exploits for CVE-2023-7102 (Barracuda RCE), CVE-2026-20182 (Cisco SD-WAN auth bypass), CVE-2026-41940 (cPanel root escalation), and CVE-2026-24479 (HUSTOJ zip-slip)....

https://captechgroup.com/about-us/threat-intelligence-center/metasploit-exploits-five-critical-vulnerabilities-05b155?utm_source=mastodon&utm_medium=social&utm_campaign=threat_intel&utm_content=metasploit-exploits-five-critical-vulnerabilities-across-email-security-and-netw

##

CVE-2026-40369
(7.8 HIGH)

EPSS: 0.02%

updated 2026-05-14T17:52:50.143000

2 posts

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

3 repos

https://github.com/orinimron123/CVE-2026-40369-EXPLOIT

https://github.com/ercihan/CVE-2026-40369

https://github.com/piffd0s/ntoskrnl-metadata

updated 2026-05-10T21:16:28.247000

2 posts

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.

grahamperrin@bsd.cafe at 2026-05-22T00:06:34.000Z ##

RE: https://mastodon.social/@wollman/116615093350624840

@distrowatch @kaidenshi @brnrd

<https://vuxml.freebsd.org/freebsd/30bda1c3-369b-11f1-b51c-6dd25bec137b.html> for CVE-2026-1502, one of the five vulnerable ports is deprecated but not yet expired.

295200 – lang/python314: Update to 3.14.5 — <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295200>

285957 – lang/python312 as default python — <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285957>

Cc @dvl

##

wollman@mastodon.social at 2026-05-21T23:11:50.000Z ##

Really feels like @dvl and I are the only people who actually read our #FreeBSD package security alerts, given the apparent complete lack of urgency on the part of anyone else to fix the two-months-outstanding lang/python* CVEs like CVE-2026-1502.

##

CVE-2026-34474
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-07T15:15:06.770000

3 posts

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling authentication bypass and network compromise. Some firmware versions may expose only partial identifiers (e

1 repos

https://github.com/minanagehsalalma/cve-2026-34474-zte-h298a-h108n-sensitive-data-exposure

diker@mstdn.ca at 2026-05-23T20:59:54.000Z ##

CVE-2026-34474: Pre-auth #credential disclosure in #ZTE #H298A / #H108N via #ETHCheat...The short version: an ETHCheat branch returns credential-bearing #HTML before #authentication. The captured fields include the #admin #password, WLAN PSK, and ESSID, and a companion wizard #endpoint #exposes serial data.

#cybersecurity #cybersec #security #exploited

##

diker@mstdn.ca at 2026-05-23T20:59:54.000Z ##

CVE-2026-34474: Pre-auth #credential disclosure in #ZTE #H298A / #H108N via #ETHCheat...The short version: an ETHCheat branch returns credential-bearing #HTML before #authentication. The captured fields include the #admin #password, WLAN PSK, and ESSID, and a companion wizard #endpoint #exposes serial data.

#cybersecurity #cybersec #security #exploited

##

_r_netsec@infosec.exchange at 2026-05-21T15:58:05.000Z ##

CVE-2026-34474: Pre-auth credential disclosure in ZTE H298A / H108N via ETHCheat https://minanagehsalalma.github.io/cve-2026-34474-zte-h298a-h108n-sensitive-data-exposure/

##

CVE-2026-41940
(9.8 CRITICAL)

EPSS: 84.37%

updated 2026-05-04T18:09:42.300000

1 posts

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

Nuclei template

68 repos

https://github.com/mahfuzreham/cpanel-cve-2026-41940

https://github.com/itsismarcos/CVE-2026-41940

https://github.com/ynsmroztas/cPanelSniper

https://github.com/Unleasheddotc/cve-2026-41940-exploit

https://github.com/3tternp/CVE-2026-41940---cPanel-WHM-check

https://github.com/dennisec/CVE-2026-41940

https://github.com/shahidmallaofficial/cpanel-cve-2026-41940-fix

https://github.com/ngksiva/cpanel-forensics

https://github.com/SreejaPuthan/cpanel-control-plane-exposure-check

https://github.com/cy3erm/CVE-2026-41940-POC

https://github.com/0dev1337/cpanelscanner

https://github.com/Jenderal92/CVE-2026-41940

https://github.com/AmirrezaMarzban/portscan-CVE-2026-41940

https://github.com/realawaisakbar/CVE-2026-41940-Exploit-PoC

https://github.com/bughunt4me/cpanelCVE-2026-41940

https://github.com/Wesuiliye/CVE-2026-41940

https://github.com/thekawix/CVE-2026-41940

https://github.com/rdyprtmx/poc-cve-2026-41940

https://github.com/iSee857/cPanel-WHM-CVE-2026-41940-AuthBypass

https://github.com/sebinxavi/cve-checker-2026

https://github.com/habibkaratas/sorry-ransomware-analysis

https://github.com/Richflexpix/cpanel-pwn

https://github.com/acuciureanu/cpanel2shell-honeypot

https://github.com/senyx122/CVE-2026-41940

https://github.com/rfxn/cpanel-sessionscribe

https://github.com/Christian93111/CVE-2026-41940

https://github.com/tahaXafous/CVE_2026_41940_scan_exploit

https://github.com/0xabdoulaye/CPANEL-CVE-2026-41940

https://github.com/merdw/cPanel-CVE-2026-41940-Scanner

https://github.com/NULL200OK/cve-2026-41940-tool

https://github.com/Kagantua/cPanelWHM-AuthBypass

https://github.com/Lutfifakee-Project/CVE-2026-41940

https://github.com/debugactiveprocess/cPanel-WHM-AuthBypass-Session-Checker

https://github.com/imbas007/POC_CVE-2026-41940

https://github.com/unteikyou/CVE-2026-41940-AuthBypass-Detector

https://github.com/george1-adel/CVE-2026-41940_exploit

https://github.com/ilmndwntr/CVE-2026-41940-MASS-EXPLOIT

https://github.com/MrAriaNet/cPanel-Fix

https://github.com/vineet7800/cpanel-malware-cleaner-cve-2026

https://github.com/kmaruthisrikar/CVE-2026-41940-cPanel-Auth-Bypass-Exploit

https://github.com/OhmGun/whmxploit---CVE-2026-41940

https://github.com/XsanFlip/poc-cpanel-cve-2026-41940

https://github.com/devtint/CVE-2026-41940

https://github.com/nickpaulsec/2026-41940-poc

https://github.com/0xBlackash/CVE-2026-41940

https://github.com/anach-ai/CVE-2026-41940

https://github.com/Andrei-Dr/cpanel-cve-2026-41940-ioc

https://github.com/xxconi/CVE-2026-41940

https://github.com/tfawnies/CVE-2026-41940-next

https://github.com/zycoder0day/CVE-2026-41940

https://github.com/Sachinart/CVE-2026-41940-cpanel-0day

https://github.com/branixsolutions/Security-CVE-2026-41940-cPanel-WHM-WP2

https://github.com/linko-iheb/cve-2026-41940-scanner

https://github.com/Ap0dexMe0/CVE-2026-41940

https://github.com/tc4dy/CVE-2026-41940-POC-Exploit

https://github.com/zedxod/CVE-2026-41940-POC

https://github.com/sercanokur/CVE-2026-41940-cPanel-WHM-Verification-Tool

https://github.com/adriyansyah-mf/cve-2026-41940-poc

https://github.com/Unfold-Security/CVE-2026-41940-Detection

https://github.com/MrOplus/CVE-2026-41940

https://github.com/ZildanZ/CVE-2026-41940

https://github.com/Underh0st/CPanel-Audit-Remediation-Tool

https://github.com/YudaSamuel/cpanel-vuln-scanner

https://github.com/44pie/cpsniper

https://github.com/murrez/CVE-2026-41940

https://github.com/assetnote/cpanel2shell-scanner

https://github.com/Defacto-ridgepole254/CVE-2026-41940-Exploit-PoC

https://github.com/Ishanoshada/CVE-2026-41940-Exploit-PoC

CapTechGroup@mastodon.social at 2026-05-23T12:53:33.000Z ##

Metasploit's latest release includes working exploits for CVE-2023-7102 (Barracuda RCE), CVE-2026-20182 (Cisco SD-WAN auth bypass), CVE-2026-41940 (cPanel root escalation), and CVE-2026-24479 (HUSTOJ zip-slip)....

https://captechgroup.com/about-us/threat-intelligence-center/metasploit-exploits-five-critical-vulnerabilities-05b155?utm_source=mastodon&utm_medium=social&utm_campaign=threat_intel&utm_content=metasploit-exploits-five-critical-vulnerabilities-across-email-security-and-netw

##

CVE-2026-5140
(8.8 HIGH)

EPSS: 0.06%

updated 2026-05-04T14:16:35.190000

2 posts

Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4.

linux@activitypub.awakari.com at 2026-05-21T06:47:12.000Z ## Pardus Linux Vulnerability Chain Enables Complete System Takeover A critical local privilege escalation vulnerability chain tracked as CVE-2026–5140 has exposed serious security weaknesses in Par...

#Firewall #Daily #Cyber #News #Vulnerabilities #Vulnerability #News #CRLF #injection #flaw #CVE-2026–5140

Origin | Interest | Match ##

CVE-2026-4115
(3.7 LOW)

EPSS: 0.01%

updated 2026-04-30T18:33:16.693000

2 posts

A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verify of the file crypto/ecc-ssh.c of the component Ed25519 Signature Handler. The manipulation results in improper verification of cryptographic signature. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit is now public and may

lunarloony@dosgame.club at 2026-05-22T20:02:07.000Z ##

@simontatham Oh, excellent! Now the patch management system I have at work will stop moaning about CVE-2026-4115.

##

lunarloony@dosgame.club at 2026-05-22T20:02:07.000Z ##

@simontatham Oh, excellent! Now the patch management system I have at work will stop moaning about CVE-2026-4115.

##

CVE-2026-3102
(6.3 MEDIUM)

EPSS: 0.07%

updated 2026-04-29T01:00:01.613000

2 posts

A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 13.

2 repos

https://github.com/ErikDervishi03/CVE-2026-31024

https://github.com/HORKimhab/CVE-2026-3102

obivan@infosec.exchange at 2026-05-21T20:54:31.000Z ##

How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102) https://securelist.com/exiftool-compromise-mac/119866/

##

threatcodex@infosec.exchange at 2026-05-21T15:30:46.000Z ##

How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
#CVE_2026_3102
https://securelist.com/exiftool-compromise-mac/119866/

##

CVE-2013-0422
(9.8 CRITICAL)

jbhall56@infosec.exchange at 2026-05-22T11:23:52.000Z ##

SonicWall warned in a security advisory for CVE-2024-12802 that installing the firmware update alone on Gen6 devices does not fully mitigate the vulnerability, and a manual reconfiguration of the LDAP server is required. https://www.bleepingcomputer.com/news/security/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/

##

blog@insicurezzadigitale.com at 2026-05-22T09:52:16.000Z ##

“Patchato” non significa protetto: attaccanti bypassano l’MFA sui VPN SonicWall Gen6 e raggiungono i file server in 30 minuti

CVE-2024-12802 sulle appliance SonicWall Gen6 SSL-VPN viene sfruttata attivamente nonostante la patch disponibile. Il motivo: il fix firmware non basta — richiede sei passaggi manuali aggiuntivi che la maggior parte degli amministratori non esegue. Il risultato: attori del ransomware ecosystem bypassano l'MFA, entrano nelle reti e raggiungono i file server in meno di trenta minuti.

https://insicurezzadigitale.com/patchato-non-significa-protetto-attaccanti-bypassano-lmfa-sui-vpn-sonicwall-gen6-e-raggiungono-i-file-server-in-30-minuti/

##

CVE-2026-24479
(9.8 CRITICAL)

EPSS: 56.51%

updated 2026-03-02T21:32:57.010000

1 posts

HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problem_import_qduoj.php and problem_import_hoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file containing files with path traversal sequences (e.g., ../../shell.php). When extracted by the server, t

CapTechGroup@mastodon.social at 2026-05-23T12:53:33.000Z ##

Metasploit's latest release includes working exploits for CVE-2023-7102 (Barracuda RCE), CVE-2026-20182 (Cisco SD-WAN auth bypass), CVE-2026-41940 (cPanel root escalation), and CVE-2026-24479 (HUSTOJ zip-slip)....

https://captechgroup.com/about-us/threat-intelligence-center/metasploit-exploits-five-critical-vulnerabilities-05b155?utm_source=mastodon&utm_medium=social&utm_campaign=threat_intel&utm_content=metasploit-exploits-five-critical-vulnerabilities-across-email-security-and-netw

##

CVE-2026-26980
(9.4 CRITICAL)

EPSS: 63.49%

updated 2026-02-20T19:22:53.637000

3 posts

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Nuclei template

3 repos

https://github.com/Kulik-Labs-Development/Ghost-CMS-Code-Injection-Audit-CVE-2026-26980

https://github.com/dinosn/ghost-cve-2026-26980

https://github.com/vognik/CVE-2026-26980

VirusBulletin@infosec.exchange at 2026-05-22T09:08:47.000Z ##

XLab researchers show how threat actors exploited CVE-2026-26980 to compromise Ghost CMS, causing numerous websites to become accomplices in ClickFix attacks. https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980/

##

thenexusofprivacy@infosec.exchange at 2026-05-21T18:54:23.000Z ##

Thanks again! Yeah the read access from the SQL injection allowed exfiltration of admin API keys at which point game over. I don't see any malicious themes or changes to the theme file ... instead it seems like it was the vulnerability descried in https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/ (which I don't think had been published yet when I was doing the cleanup, or at least I didn't find it in my searching). Basically the hack edited every posts to put in a script in the "codeinjection_footer" field that brings the payload in from a malware site.

There aren't any obvious signs of LPE exploitation but who knows ... another good argument for spinning up a new instance.

@mildsunrise @JadedBlueEyes @thenexusofprivacy@gotosocial.thenexus.today

##

campuscodi@mastodon.social at 2026-05-21T18:06:48.000Z ##

A hacking campaign is planting FakeCaptcha pages and malware on websites built with the Ghost CMS.

The attacks began this month and are exploiting a vulnerability disclosed in February

https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/

##

CVE-2025-32711
(9.3 CRITICAL)

EPSS: 8.76%

updated 2026-02-20T17:25:10.630000

1 posts

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

2 repos

https://github.com/daryllundy/cve-2025-32711

https://github.com/TreRB/markdown-exfil-tester

sayzard@mastodon.sayzard.org at 2026-05-22T19:38:21.000Z ##

Reading the Prompt You Did Not Send: Detection at the Inference Boundary

이 글은 AI 에이전트 추론 경계에서 발생하는 간접 프롬프트 인젝션 공격과 이를 탐지하는 기술을 다룹니다. Microsoft 365 Copilot에서 발견된 CVE-2025-32711 사례를 중심으로, LLM이 자신의 컨텍스트 내 민감 정보를 악용해 외부로 유출하는 문제를 설명합니다. 현재 여러 탐지기 조합(ensemble) 기법이 80~90%대 정확도로 운영 중이나, 완전한 해결책은 아니며, 2026년까지 이어지는 관련 CVE 사례들이...

https://medium.com/system-weakness/reading-the-prompt-you-did-not-send-detection-at-the-inference-boundary-28092075061f

##

CVE-2019-15107
(9.8 CRITICAL)

EPSS: 94.46%

updated 2025-11-06T16:50:47.130000

2 posts

An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.

Nuclei template

44 repos

https://github.com/g1vi/CVE-2019-15107

https://github.com/MuirlandOracle/CVE-2019-15107

https://github.com/K3ysTr0K3R/CVE-2019-15107-EXPLOIT

https://github.com/AdministratorGithub/CVE-2019-15107

https://github.com/n0obit4/Webmin_1.890-POC

https://github.com/aamfrk/Webmin-CVE-2019-15107

https://github.com/ianxtianxt/CVE-2019-15107

https://github.com/ruthvikvegunta/CVE-2019-15107

https://github.com/TheAlpha19/MiniExploit

https://github.com/D4rkScare/CVE-2019-15107

https://github.com/psw01/CVE-2019-15107_webminRCE

https://github.com/NasrallahBaadi/CVE-2019-15107

https://github.com/ArtemCyberLab/Project-Exploitation-of-Webmin-Authentication-Vulnerability

https://github.com/whokilleddb/CVE-2019-15107

https://github.com/0x4r2/Webmin-CVE-2019-15107

https://github.com/darrenmartyn/CVE-2019-15107

https://github.com/adampawelczyk/cve-2019-15107

https://github.com/HACHp1/webmin_docker_and_exp

https://github.com/CyberTuz/CVE-2019-15107_detection

https://github.com/gozn/detect-CVE-2019-15107-by-pyshark

https://github.com/g0db0x/CVE_2019_15107

https://github.com/ch4ko/webmin_CVE-2019-15107

https://github.com/hannob/webminex

https://github.com/cdedmondson/Modified-CVE-2019-15107

https://github.com/bayazid-bit/CVE-2019-15107

https://github.com/f0rkr/CVE-2019-15107

https://github.com/AleWong/WebminRCE-EXP-CVE-2019-15107-

https://github.com/wenruoya/CVE-2019-15107

https://github.com/merlin-ke/CVE_2019_15107

https://github.com/diegojuan/CVE-2019-15107

https://github.com/Mattb709/CVE-2019-15107-Webmin-RCE-PoC

https://github.com/squid22/Webmin_CVE-2019-15107

https://github.com/h4ck0rman/CVE-2019-15107

https://github.com/olingo99/CVE-2019-15107

https://github.com/Rayferrufino/Make-and-Break

https://github.com/hadrian3689/webmin_1.920

https://github.com/viglia/cve-2019-15107

https://github.com/hacknotes/CVE-2019-15107-Exploit

https://github.com/Mattb709/CVE-2019-15107-Scanner

https://github.com/kh4sh3i/Webmin-CVE

https://github.com/EdouardosStav/CVE-2019-15107-RCE-WebMin

https://github.com/ketlerd/CVE-2019-15107

https://github.com/jas502n/CVE-2019-15107

https://github.com/MasterCode112/CVE-2019-15107

kev_Stalker at 2026-05-22T20:53:16.619Z ##

CVE-2019-15107 - Changed to Known Ransomware Status

Webmin Command Injection VulnerabilityVendor: WebminProduct: WebminAn issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.Status changed from Unknown to Known for ransomware campaign usage.Flip detected on: May 22, 2026 at 19:00:35 UTCDate Added to KEV: 2022-03-25View CVE Details

https://nvd.nist.gov/vuln/detail/CVE-2019-15107

#Ransomware #Webmin

##

kev_Stalker@infosec.exchange at 2026-05-22T20:53:16.000Z ##

CVE-2019-15107 - Changed to Known Ransomware Status

Webmin Command Injection VulnerabilityVendor: WebminProduct: WebminAn issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.Status changed from Unknown to Known for ransomware campaign usage.Flip detected on: May 22, 2026 at 19:00:35 UTCDate Added to KEV: 2022-03-25View CVE Details

https://nvd.nist.gov/vuln/detail/CVE-2019-15107

#Ransomware #Webmin

##

CVE-2018-0802
(7.8 HIGH)

EPSS: 93.89%

updated 2025-10-28T14:14:01.610000

2 posts

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

7 repos

https://github.com/zldww2011/CVE-2018-0802_POC

https://github.com/roninAPT/CVE-2018-0802

https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882

https://github.com/Ridter/RTF_11882_0802

https://github.com/Abdibimantara/Maldoc-Analysis

https://github.com/rxwx/CVE-2018-0802

https://github.com/Palvinder-Singh/PS_CVE2018-0802

technadu at 2026-05-22T15:19:51.001Z ##

Cloud Atlas APT campaigns targeting Russia & Belarus are leveraging phishing, CVE-2018-0802, SSH tunnels, and a new “PowerCloud” tool that exfiltrates data into Google Sheets.

updated 2024-11-21T08:00:32.410000

2 posts

Jellyfin is a free-software media system. Versions starting with 10.8.0 and prior to 10.8.10 and prior have a directory traversal vulnerability inside the `ClientLogController`, specifically `/ClientLog/Document`. When combined with a cross-site scripting vulnerability (CVE-2023-30627), this can result in file write and arbitrary code execution. Version 10.8.10 has a patch for this issue. There ar

FrederikNJS@piefed.zip at 2026-05-23T23:09:04.663Z ##

Sure… If someone managed to stream some of my media… They probably earned it… But then they exploit a vulnerability to perform arbitrary code execution, and leverage that to hack everything else on my network…

https://app.opencve.io/cve/CVE-2023-30626

##

FrederikNJS@piefed.zip at 2026-05-23T23:09:04.663Z ##

Sure… If someone managed to stream some of my media… They probably earned it… But then they exploit a vulnerability to perform arbitrary code execution, and leverage that to hack everything else on my network…

https://app.opencve.io/cve/CVE-2023-30626

##

CVE-2021-35036
(6.5 MEDIUM)

EPSS: 0.15%

updated 2024-11-21T06:11:43.343000

2 posts

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.

1 repos

https://github.com/minanagehsalalma/zyxel-cve-2021-35036-super-admin-password-leak

_r_netsec at 2026-05-22T14:43:05.856Z ##

Zyxel low-priv account leaked super-admin, FTPS, and TR-069 secrets across router fleets https://minanagehsalalma.github.io/zyxel-cve-2021-35036-super-admin-password-leak/

##

_r_netsec@infosec.exchange at 2026-05-22T14:43:05.000Z ##

Zyxel low-priv account leaked super-admin, FTPS, and TR-069 secrets across router fleets https://minanagehsalalma.github.io/zyxel-cve-2021-35036-super-admin-password-leak/

##

CVE-2021-25740
(3.1 LOW)

EPSS: 0.51%

updated 2024-11-21T05:55:19.590000

1 posts

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.

raesene@infosec.exchange at 2026-05-21T10:35:07.000Z ##

Here's the last one in our series of blogs on the unpatchable vulnerabilities of #Kubernetes, with CVE-2021-25740

https://securitylabs.datadoghq.com/articles/unpatchable-kubernetes-vulnerabilities-cve-2021-25740/

##

CVE-2018-5999
(9.8 CRITICAL)

EPSS: 90.79%

updated 2024-11-21T04:09:51.257000

2 posts

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.

beyondmachines1 at 2026-05-23T18:01:07.153Z ##

RondoDox Botnet Hijacks Over One Million ASUS Routers via 2018 Vulnerability

2 posts

N/A

sigdevel at 2026-05-23T15:20:17.788Z ##

Security Advisory: CVE-2025-70116 - NULL Pointer Dereference in GPAC MP4Box

A NULL pointer dereference vulnerability was identified in GPAC MP4Box when processing certain malformed or truncated MP4 files.

Summary:
When MP4Box parses a specially crafted damaged MP4 file, an invalid or incomplete stsd entry may result in missing descriptor data. In the affected code path, gf_media_map_esd() in src/media_tools/isom_tools.c may dereference a NULL pointer, leading to a crash.

Affected component:
src/media_tools/isom_tools.c
Function: gf_media_map_esd()

Affected product:
GPAC MP4Box

Affected version:
The issue was reproduced on GPAC version 2.5-DEV-rev1815-g261ffdd13-master / MP4Box commit 261ffdd135eee8f646eb9326a43438b32a7ad3a1.

Attack conditions:
Exploitation requires local access or another way to make the vulnerable MP4Box instance process a malformed or truncated MP4 file. The issue is triggered during local processing of the crafted media file.

Impact:
Successful exploitation causes a segmentation fault and terminates the MP4Box process, resulting in a local denial of service (DoS). No evidence of code execution has been identified.

CWE:
CWE-476 - NULL Pointer Dereference

Fixed version:
The issue has been fixed in GPAC commit 56d21ea812fd5ba83e6c01777273de4903786fe4. Users are advised to update to a GPAC build that includes this commit or apply the patch manually.

References:
Issue: https://github.com/gpac/gpac/issues/3345
PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/68/68_gf_media_map_esd_media_tools_isom_tools_c_1364
Fix: https://github.com/gpac/gpac/commit/56d21ea812fd5ba83e6c01777273de4903786fe4

Credits:
@sigdevel

##

sigdevel@infosec.exchange at 2026-05-23T15:20:17.000Z ##

Security Advisory: CVE-2025-70116 - NULL Pointer Dereference in GPAC MP4Box

A NULL pointer dereference vulnerability was identified in GPAC MP4Box when processing certain malformed or truncated MP4 files.

Summary:
When MP4Box parses a specially crafted damaged MP4 file, an invalid or incomplete stsd entry may result in missing descriptor data. In the affected code path, gf_media_map_esd() in src/media_tools/isom_tools.c may dereference a NULL pointer, leading to a crash.

Affected component:
src/media_tools/isom_tools.c
Function: gf_media_map_esd()

Affected product:
GPAC MP4Box

Affected version:
The issue was reproduced on GPAC version 2.5-DEV-rev1815-g261ffdd13-master / MP4Box commit 261ffdd135eee8f646eb9326a43438b32a7ad3a1.

Attack conditions:
Exploitation requires local access or another way to make the vulnerable MP4Box instance process a malformed or truncated MP4 file. The issue is triggered during local processing of the crafted media file.

Impact:
Successful exploitation causes a segmentation fault and terminates the MP4Box process, resulting in a local denial of service (DoS). No evidence of code execution has been identified.

CWE:
CWE-476 - NULL Pointer Dereference

Fixed version:
The issue has been fixed in GPAC commit 56d21ea812fd5ba83e6c01777273de4903786fe4. Users are advised to update to a GPAC build that includes this commit or apply the patch manually.

References:
Issue: https://github.com/gpac/gpac/issues/3345
PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/68/68_gf_media_map_esd_media_tools_isom_tools_c_1364
Fix: https://github.com/gpac/gpac/commit/56d21ea812fd5ba83e6c01777273de4903786fe4

Credits:
@sigdevel

##

CVE-2026-40411
(0 None)

EPSS: 0.09%

2 posts

N/A

offseq at 2026-05-23T14:00:23.381Z ##

🚨 CRITICAL: CVE-2026-40411 in Azure Virtual Network Gateway enables authorized attackers to execute remote code, impacting confidentiality, integrity, and availability. Microsoft has patched — ensure your service is updated. Details: https://radar.offseq.com/threat/cve-2026-40411-cwe-20-improper-input-validation-in-6e31192f #OffSeq #Azure #CloudSecurity

##

offseq@infosec.exchange at 2026-05-23T14:00:23.000Z ##

🚨 CRITICAL: CVE-2026-40411 in Azure Virtual Network Gateway enables authorized attackers to execute remote code, impacting confidentiality, integrity, and availability. Microsoft has patched — ensure your service is updated. Details: https://radar.offseq.com/threat/cve-2026-40411-cwe-20-improper-input-validation-in-6e31192f #OffSeq #Azure #CloudSecurity

##

CVE-2026-41104
(0 None)

EPSS: 0.27%

6 posts

N/A

nyanbinary at 2026-05-23T13:05:14.511Z ##

@cR0w fr tho, I am somewhat torn on *aaS CVEs in general. Like, where is the line between CVE-2026-41104 in Microsoft Planetary Computer Pro and our local Kebab Shops website having an XSS? I can tell you the latter is rather critical infrastructure for our Security Department, I am sure someone out there also relies on the former :neobot_giggle: .

Like, there is a line, but I cant put my thumb on it

##

offseq at 2026-05-23T08:00:25.201Z ##

🚨 CRITICAL: CVE-2026-41104 in Microsoft Planetary Computer Pro (GeoCatalog) enables remote info disclosure — no auth or interaction needed. Patch now! Details: https://radar.offseq.com/threat/cve-2026-41104-cwe-502-deserialization-of-untruste-e4c1701e #OffSeq #Microsoft #CVE #Vuln

##

offseq at 2026-05-23T01:30:25.624Z ##

🛡️ CRITICAL: CVE-2026-41104 in Microsoft Planetary Computer Pro (GeoCatalog) enables remote, unauthenticated info disclosure via insecure deserialization. Patch now — official fix available. Details: https://radar.offseq.com/threat/cve-2026-41104-cwe-502-deserialization-of-untruste-e4c1701e #OffSeq #Vulnerability #InfoSec #Microsoft

##

nyanbinary@infosec.exchange at 2026-05-23T13:05:14.000Z ##

@cR0w fr tho, I am somewhat torn on *aaS CVEs in general. Like, where is the line between CVE-2026-41104 in Microsoft Planetary Computer Pro and our local Kebab Shops website having an XSS? I can tell you the latter is rather critical infrastructure for our Security Department, I am sure someone out there also relies on the former :neobot_giggle: .

Like, there is a line, but I cant put my thumb on it

##

offseq@infosec.exchange at 2026-05-23T08:00:25.000Z ##

🚨 CRITICAL: CVE-2026-41104 in Microsoft Planetary Computer Pro (GeoCatalog) enables remote info disclosure — no auth or interaction needed. Patch now! Details: https://radar.offseq.com/threat/cve-2026-41104-cwe-502-deserialization-of-untruste-e4c1701e #OffSeq #Microsoft #CVE #Vuln

##

offseq@infosec.exchange at 2026-05-23T01:30:25.000Z ##

🛡️ CRITICAL: CVE-2026-41104 in Microsoft Planetary Computer Pro (GeoCatalog) enables remote, unauthenticated info disclosure via insecure deserialization. Patch now — official fix available. Details: https://radar.offseq.com/threat/cve-2026-41104-cwe-502-deserialization-of-untruste-e4c1701e #OffSeq #Vulnerability #InfoSec #Microsoft

##

CVE-2026-47280
(0 None)

EPSS: 0.07%

2 posts

N/A

offseq at 2026-05-23T12:30:27.596Z ##

🚩 CVE-2026-47280: CRITICAL improper authentication flaw in Microsoft Azure Resource Manager (CVSS 10). Enables remote privilege escalation. Microsoft has issued a fix — confirm your ARM is protected. Details: https://radar.offseq.com/threat/cve-2026-47280-cwe-287-improper-authentication-in--e698f484 #OffSeq #Azure #Security #CVE

##

offseq@infosec.exchange at 2026-05-23T12:30:27.000Z ##

🚩 CVE-2026-47280: CRITICAL improper authentication flaw in Microsoft Azure Resource Manager (CVSS 10). Enables remote privilege escalation. Microsoft has issued a fix — confirm your ARM is protected. Details: https://radar.offseq.com/threat/cve-2026-47280-cwe-287-improper-authentication-in--e698f484 #OffSeq #Azure #Security #CVE

##

CVE-2026-41090
(0 None)

EPSS: 0.05%

4 posts

N/A

offseq at 2026-05-23T11:00:25.266Z ##

🚨 CRITICAL: CVE-2026-41090 in Microsoft 365 Copilot for iOS enables remote command injection (CVSS 9.3). Microsoft has patched server-side — verify your service is up to date. More info: https://radar.offseq.com/threat/cve-2026-41090-cwe-77-improper-neutralization-of-s-c8e983a4 #OffSeq #Microsoft #Vuln #InfoSec

##

offseq at 2026-05-23T04:30:25.121Z ##

🚨 CRITICAL: CVE-2026-41090 in Microsoft 365 Copilot for iOS allows remote command injection (CVSS 9.3). Affects cloud service; fix is live server-side. Ensure your org is covered — see https://radar.offseq.com/threat/cve-2026-41090-cwe-77-improper-neutralization-of-s-c8e983a4 #OffSeq #Microsoft #CVE202641090 #infosec

##

offseq@infosec.exchange at 2026-05-23T11:00:25.000Z ##

🚨 CRITICAL: CVE-2026-41090 in Microsoft 365 Copilot for iOS enables remote command injection (CVSS 9.3). Microsoft has patched server-side — verify your service is up to date. More info: https://radar.offseq.com/threat/cve-2026-41090-cwe-77-improper-neutralization-of-s-c8e983a4 #OffSeq #Microsoft #Vuln #InfoSec

##

offseq@infosec.exchange at 2026-05-23T04:30:25.000Z ##

🚨 CRITICAL: CVE-2026-41090 in Microsoft 365 Copilot for iOS allows remote command injection (CVSS 9.3). Affects cloud service; fix is live server-side. Ensure your org is covered — see https://radar.offseq.com/threat/cve-2026-41090-cwe-77-improper-neutralization-of-s-c8e983a4 #OffSeq #Microsoft #CVE202641090 #infosec

##

CVE-2026-9256
(0 None)

EPSS: 0.15%

9 posts

N/A

1 repos

https://github.com/suominen/CVE-2026-9256

sayzard@mastodon.sayzard.org at 2026-05-23T09:38:29.000Z ##

CVE-2026-9256: Nginx 1.31.1 and 1.30.1

Nginx 1.31.1 및 1.30.1 버전에서 ngx_http_rewrite_module 모듈의 정규식 재작성 지시문 처리 과정에서 힙 버퍼 오버플로우 취약점(CVE-2026-9256)이 발견되었습니다. 이 취약점은 인증되지 않은 공격자가 특수하게 조작된 HTTP 요청을 통해 Nginx 워커 프로세스 재시작을 유발하거나, ASLR이 비활성화된 환경에서 임의 코드 실행이 가능합니다. 해당 문제는 보안상 매우 심각하며, 최신 버전으로의 신속한 업데이트가 권고됩니다.

https://www.cve.org/CVERecord?id=CVE-2026-9256

#nginx #security #cve #heapoverflow #webserver

##

e_nomem@hachyderm.io at 2026-05-23T05:46:08.000Z ##

@jerry Looks like there was a new release of nginx earlier today to address the unpatched RCE (CVE-2026-9256)

##

jschauma@mstdn.social at 2026-05-22T23:36:22.000Z ##

The previous announced sibling vulnerability to "nginx rift" has been fixed by F5 and has been assigned CVE-2026-9256):

https://my.f5.com/manage/s/article/K000161377

This was previously called "nginx-poolslip" (https://nitter.net/nebusecurity/status/2057071579876753643) and is a DoS with possible RCE ("if the attacker can bypass ASLR" - not sure how?), using a similar regex capture vector.

Wouldn't be surprised if this is the new norm: one vuln lands, everybody points their AI at that attack vector and discovers sibling vulns.

##

cR0w at 2026-05-22T20:00:38.583Z ##

Another vuln in NGINX rewriting. Looks pretty similar to the last one. Requires ASLR bypass or disabled for RCE.

https://my.f5.com/manage/s/article/K000161377

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression (PCRE) captures (for example, ^/((.*))$) and a replacement string that references multiple such captures (for example, $1$2) in a redirect or arguments context. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. (CVE-2026-9256)

##

_r_netsec at 2026-05-22T19:58:05.625Z ##

CVE-2026-9256 - "nginx-poolslip", another new vulnerability in the rewrite module https://my.f5.com/manage/s/article/K000161377

##

e_nomem@hachyderm.io at 2026-05-23T05:46:08.000Z ##

@jerry Looks like there was a new release of nginx earlier today to address the unpatched RCE (CVE-2026-9256)

##

jschauma@mstdn.social at 2026-05-22T23:36:22.000Z ##

The previous announced sibling vulnerability to "nginx rift" has been fixed by F5 and has been assigned CVE-2026-9256):

https://my.f5.com/manage/s/article/K000161377

This was previously called "nginx-poolslip" (https://nitter.net/nebusecurity/status/2057071579876753643) and is a DoS with possible RCE ("if the attacker can bypass ASLR" - not sure how?), using a similar regex capture vector.

Wouldn't be surprised if this is the new norm: one vuln lands, everybody points their AI at that attack vector and discovers sibling vulns.

##

cR0w@infosec.exchange at 2026-05-22T20:00:38.000Z ##

Another vuln in NGINX rewriting. Looks pretty similar to the last one. Requires ASLR bypass or disabled for RCE.

https://my.f5.com/manage/s/article/K000161377

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression (PCRE) captures (for example, ^/((.*))$) and a replacement string that references multiple such captures (for example, $1$2) in a redirect or arguments context. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. (CVE-2026-9256)

##

_r_netsec@infosec.exchange at 2026-05-22T19:58:05.000Z ##

CVE-2026-9256 - "nginx-poolslip", another new vulnerability in the rewrite module https://my.f5.com/manage/s/article/K000161377

##

CVE-2026-33843
(0 None)

EPSS: 0.05%

4 posts

N/A

offseq at 2026-05-23T09:30:25.944Z ##

⚠️ CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) enables remote authentication bypass & privilege escalation. Patch released by Microsoft — confirm your cloud environment is updated. Details: https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #Security #CVE202633843

##

offseq at 2026-05-23T03:00:24.415Z ##

🚨 CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) allows remote auth bypass (CVSS 9.1). Patch released — Microsoft manages remediation. No known exploits. Check advisory & verify your cloud config. https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #CloudSecurity #CVE202633843

##

offseq@infosec.exchange at 2026-05-23T09:30:25.000Z ##

⚠️ CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) enables remote authentication bypass & privilege escalation. Patch released by Microsoft — confirm your cloud environment is updated. Details: https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #Security #CVE202633843

##

offseq@infosec.exchange at 2026-05-23T03:00:24.000Z ##

🚨 CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) allows remote auth bypass (CVSS 9.1). Patch released — Microsoft manages remediation. No known exploits. Check advisory & verify your cloud config. https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #CloudSecurity #CVE202633843

##

CVE-2026-46300
(0 None)

EPSS: 0.05%

3 posts

N/A

8 repos

https://github.com/0xBlackash/CVE-2026-46300

https://github.com/First-John/cve_2026_frag_family_fix

https://github.com/Sentebale/CVE-2026-46300

https://github.com/Koshmare-Blossom/Fragnesia-go

https://github.com/ExploitEoom/CVE-2026-46300

https://github.com/HORKimhab/CVE-2026-46300

https://github.com/infiniroot/ansible-mitigate-copyfail-dirtyfrag

https://github.com/Maxime288/Fragnesia-CVE-2026-46300

funz@systemli.social at 2026-05-23T08:43:35.000Z ##

Has anybody an explanation why this time it takes longer to patch the kernel for fragnesia esp. for bookworm and trixie in debian?
I get that sid is patched first because it's unstable

https://security-tracker.debian.org/tracker/CVE-2026-46300

It's NOT a complaint but getting to know the processes.
Thanks!
e: and a huge thanks to the people maintaining debian and the other distributions ❤️

#linux #debian #bookworm #trixie #fragnesia

##

funz@systemli.social at 2026-05-23T08:43:35.000Z ##

Has anybody an explanation why this time it takes longer to patch the kernel for fragnesia esp. for bookworm and trixie in debian?
I get that sid is patched first because it's unstable

https://security-tracker.debian.org/tracker/CVE-2026-46300

It's NOT a complaint but getting to know the processes.
Thanks!
e: and a huge thanks to the people maintaining debian and the other distributions ❤️

#linux #debian #bookworm #trixie #fragnesia

##

AAKL@infosec.exchange at 2026-05-21T16:17:04.000Z ##

New.

Picus: Fragnesia CVE-2026-46300: Linux Kernel LPE Vulnerability Explained https://www.picussecurity.com/resource/blog/fragnesia-cve-2026-46300-linux-kernel-lpe-vulnerability-explained #threatresearch #Linux #infosec #vulnerability

##

CVE-2026-42901
(0 None)

EPSS: 0.03%

4 posts

N/A

offseq at 2026-05-23T06:30:25.742Z ##

🚨 CRITICAL: CVE-2026-42901 in Microsoft Entra (CWE-346) enables remote privilege escalation via origin validation error. Immediate patching is essential — official fix available: https://radar.offseq.com/threat/cve-2026-42901-cwe-346-origin-validation-error-in--0744f928 #OffSeq #Microsoft #Vuln #CVSS10 #Security

##

offseq at 2026-05-23T00:00:35.653Z ##

⚠️ CRITICAL: CVE-2026-42901 in Microsoft Entra (CVSS 10) enables remote privilege escalation via origin validation error. Patch now to prevent full system compromise! Fix: https://radar.offseq.com/threat/cve-2026-42901-cwe-346-origin-validation-error-in--0744f928 #OffSeq #MicrosoftEntra #Vulnerability #Cybersecurity

##

offseq@infosec.exchange at 2026-05-23T06:30:25.000Z ##

🚨 CRITICAL: CVE-2026-42901 in Microsoft Entra (CWE-346) enables remote privilege escalation via origin validation error. Immediate patching is essential — official fix available: https://radar.offseq.com/threat/cve-2026-42901-cwe-346-origin-validation-error-in--0744f928 #OffSeq #Microsoft #Vuln #CVSS10 #Security

##

offseq@infosec.exchange at 2026-05-23T00:00:35.000Z ##

⚠️ CRITICAL: CVE-2026-42901 in Microsoft Entra (CVSS 10) enables remote privilege escalation via origin validation error. Patch now to prevent full system compromise! Fix: https://radar.offseq.com/threat/cve-2026-42901-cwe-346-origin-validation-error-in--0744f928 #OffSeq #MicrosoftEntra #Vulnerability #Cybersecurity

##

CVE-2026-25262
(0 None)

EPSS: 0.00%

2 posts

N/A

GrantJoseph@mastodon.social at 2026-05-23T05:05:14.000Z ##

@GrapheneOS are any supported Pixel devices vulnerable to the new Qualcomm boot ROM vulnerability? I've found confusing information on the use of Qualcomm components. https://www.kaspersky.com/blog/qualcomm-cve-2026-25262/55811/

##

GrantJoseph@mastodon.social at 2026-05-23T05:05:14.000Z ##

@GrapheneOS are any supported Pixel devices vulnerable to the new Qualcomm boot ROM vulnerability? I've found confusing information on the use of Qualcomm components. https://www.kaspersky.com/blog/qualcomm-cve-2026-25262/55811/

##

CVE-2026-46529
(0 None)

EPSS: 0.00%

3 posts

N/A

1 repos

https://github.com/N1et/CVE-2026-46529

lobsters@mastodon.social at 2026-05-22T22:20:12.000Z ##

[oss-security] Evince/Atril/Xreader command injection CVE-2026-46529 https://lobste.rs/s/rlpzut #linux #security
https://lwn.net/ml/all/ce81312b-99e1-4305-a816-e74b2bd1ffd5@app.fastmail.com/

##

sayzard@mastodon.sayzard.org at 2026-05-22T14:40:06.000Z ##

POC for CVE-2026-46529 – RCE via PDF argv injection

CVE-2026-46529는 Linux용 PDF 뷰어인 Evince, Atril, Xreader에서 발견된 원격 코드 실행(RCE) 취약점으로, 악성 PDF 파일 내에 특수하게 조작된 argv 인젝션을 통해 공격자가 임의 코드를 실행할 수 있다. 공격자는 PDF 내에 ELF 공유 라이브러리와 PDF를 겸하는 폴리글롯 파일을 삽입하고, %f 치환자를 이용해 런타임 경로를 동적으로 해결하여 피해자의 시스템에서 쉘을 획득한다. GTK4 기반 최신 Evince에서는 일부 공격 경로가 차단되었으나 GTK3 기반 배포판은 여전히 취약하며, 근본적 해결책은 명령어 인자를 안전하게 처리하는 것이다.

https://github.com/N1et/CVE-2026-46529

#security #rce #pdf #linux #gtk

##

lobsters@mastodon.social at 2026-05-22T22:20:12.000Z ##

[oss-security] Evince/Atril/Xreader command injection CVE-2026-46529 https://lobste.rs/s/rlpzut #linux #security
https://lwn.net/ml/all/ce81312b-99e1-4305-a816-e74b2bd1ffd5@app.fastmail.com/

##

CVE-2026-8992
(0 None)

EPSS: 0.12%

2 posts

N/A

nyanbinary at 2026-05-22T15:29:20.058Z ##

https://www.cve.org/CVERecord?id=CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

OwO

Signed my separation agreement today, here is hoping the next shop doesnt have me deal with Ivanti..

##

nyanbinary@infosec.exchange at 2026-05-22T15:29:20.000Z ##

https://www.cve.org/CVERecord?id=CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

2 repos

https://github.com/HORKimhab/CVE-2026-0001

https://github.com/ninjazan420/CVE-2025-52691-PoC-SmarterMail-authentication-bypass-exploit-WT-2026-0001

nyanbinary@infosec.exchange at 2026-05-21T14:52:13.000Z ##

... they also managed to call dibs on CVE-2026-0001 :party_porg2:

##

CVE-2026-9011(7.5 HIGH)

EPSS: 0.03%

CVE-2026-8679(7.5 HIGH)

EPSS: 0.13%

CVE-2026-45250(7.8 HIGH)

EPSS: 0.01%

CVE-2026-9018(8.8 HIGH)

EPSS: 0.03%

CVE-2026-4834(7.5 HIGH)

EPSS: 0.06%

CVE-2026-9264(0 None)

EPSS: 0.02%

CVE-2026-34911(7.7 HIGH)

EPSS: 0.01%

CVE-2026-34910(10.0 CRITICAL)

EPSS: 0.10%

CVE-2026-34909(10.0 CRITICAL)

EPSS: 0.02%

CVE-2026-34908(10.0 CRITICAL)

EPSS: 0.02%

CVE-2026-33000(9.1 CRITICAL)

EPSS: 0.06%

CVE-2026-6960(9.8 CRITICAL)

EPSS: 0.15%

CVE-2026-46473(7.5 HIGH)

EPSS: 0.01%

CVE-2026-47102(8.8 HIGH)

EPSS: 0.05%

CVE-2026-47101(8.8 HIGH)

EPSS: 0.05%

CVE-2026-47114(8.8 HIGH)

EPSS: 0.16%

CVE-2026-34926(6.7 MEDIUM)

EPSS: 0.25%

CVE-2025-34291(8.8 HIGH)

EPSS: 33.55%

CVE-2026-24217(8.8 HIGH)

EPSS: 0.08%

CVE-2026-4858(8.0 HIGH)

EPSS: 0.04%

CVE-2026-41035(7.4 HIGH)

EPSS: 0.03%

CVE-2026-48207(9.8 CRITICAL)

EPSS: 0.04%

CVE-2026-42945(8.1 HIGH)

EPSS: 1.00%

CVE-2026-28764(7.8 HIGH)

EPSS: 0.01%

CVE-2026-39531(9.3 CRITICAL)

EPSS: 0.03%

CVE-2026-9089(8.8 HIGH)

EPSS: 0.00%

CVE-2026-48241(8.1 HIGH)

EPSS: 0.05%

CVE-2026-48235(8.2 HIGH)

EPSS: 0.03%

CVE-2026-48242(8.1 HIGH)

EPSS: 0.04%

CVE-2026-45251(7.8 HIGH)

EPSS: 0.01%

CVE-2026-45253(8.4 HIGH)

EPSS: 0.01%

CVE-2026-45255(7.5 HIGH)

EPSS: 0.01%

CVE-2026-8632(7.8 HIGH)

EPSS: 0.01%

CVE-2026-8631(9.8 CRITICAL)

EPSS: 0.02%

CVE-2026-48172(0 None)

EPSS: 0.02%

CVE-2026-44925(8.8 HIGH)

EPSS: 0.00%

CVE-2026-43494(0 None)

EPSS: 0.03%

CVE-2026-47373(7.5 HIGH)

EPSS: 0.03%

CVE-2026-47372(9.1 CRITICAL)

EPSS: 0.01%

CVE-2026-23734(0 None)

EPSS: 0.04%

CVE-2026-9011
(7.5 HIGH)

CVE-2026-8679
(7.5 HIGH)

CVE-2026-45250
(7.8 HIGH)

CVE-2026-9018
(8.8 HIGH)

CVE-2026-4834
(7.5 HIGH)

CVE-2026-9264
(0 None)

CVE-2026-34911
(7.7 HIGH)

CVE-2026-34910
(10.0 CRITICAL)

CVE-2026-34909
(10.0 CRITICAL)

CVE-2026-34908
(10.0 CRITICAL)

CVE-2026-33000
(9.1 CRITICAL)

CVE-2026-6960
(9.8 CRITICAL)

CVE-2026-46473
(7.5 HIGH)

CVE-2026-47102
(8.8 HIGH)

CVE-2026-47101
(8.8 HIGH)

CVE-2026-47114
(8.8 HIGH)

CVE-2026-34926
(6.7 MEDIUM)

CVE-2025-34291
(8.8 HIGH)

CVE-2026-24217
(8.8 HIGH)

CVE-2026-4858
(8.0 HIGH)

CVE-2026-41035
(7.4 HIGH)

CVE-2026-48207
(9.8 CRITICAL)

CVE-2026-42945
(8.1 HIGH)

CVE-2026-28764
(7.8 HIGH)

CVE-2026-39531
(9.3 CRITICAL)

CVE-2026-9089
(8.8 HIGH)

CVE-2026-48241
(8.1 HIGH)

CVE-2026-48235
(8.2 HIGH)

CVE-2026-48242
(8.1 HIGH)

CVE-2026-45251
(7.8 HIGH)

CVE-2026-45253
(8.4 HIGH)

CVE-2026-45255
(7.5 HIGH)

CVE-2026-8632
(7.8 HIGH)

CVE-2026-8631
(9.8 CRITICAL)

CVE-2026-48172
(0 None)

CVE-2026-44925
(8.8 HIGH)

CVE-2026-43494
(0 None)

CVE-2026-47373
(7.5 HIGH)

CVE-2026-47372
(9.1 CRITICAL)

CVE-2026-23734
(0 None)

CVE-2026-33137
(0 None)

CVE-2026-0393
(0 None)

CVE-2026-42001
(7.5 HIGH)

CVE-2026-5433
(9.1 CRITICAL)

CVE-2026-2740
(8.4 HIGH)

CVE-2025-13479
(7.5 HIGH)

CVE-2026-9082
(6.5 MEDIUM)

CVE-2026-9157
(8.4 HIGH)

CVE-2026-44052
(7.5 HIGH)

CVE-2026-44051
(8.1 HIGH)

CVE-2026-44050
(9.9 CRITICAL)

CVE-2026-44049
(7.5 HIGH)

CVE-2026-44048
(8.8 HIGH)

CVE-2026-44047
(8.8 HIGH)

CVE-2026-44062
(7.5 HIGH)

CVE-2026-44060
(7.5 HIGH)

CVE-2026-44055
(7.5 HIGH)

CVE-2026-44068
(7.6 HIGH)

CVE-2026-5118
(9.8 CRITICAL)

CVE-2025-71217
(7.8 HIGH)

CVE-2025-71216
(7.8 HIGH)

CVE-2025-71214
(7.8 HIGH)

CVE-2025-71213
(7.8 HIGH)

CVE-2025-71212
(7.8 HIGH)

CVE-2025-71211
(9.8 CRITICAL)

CVE-2025-71210
(9.8 CRITICAL)

CVE-2026-34930
(7.8 HIGH)

CVE-2026-34927
(7.8 HIGH)

CVE-2026-34929
(7.8 HIGH)

CVE-2026-34928
(7.8 HIGH)

CVE-2026-45206
(7.8 HIGH)

CVE-2026-45207
(7.8 HIGH)

CVE-2026-45208
(7.8 HIGH)

CVE-2026-46333
(7.1 HIGH)

CVE-2026-42960
(10.0 CRITICAL)