FediSecfeeds

CVE	CVSS	EPSS	Posts	Repos	Nuclei	Updated	Description
CVE-2026-9011	7.5	0.03%	1	0		2026-05-22T09:16:33.327000	The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is
CVE-2026-9018	8.8	0.03%	1	1		2026-05-22T05:16:28.067000	The Easy Elements for Elementor – Addons & Website Templates plugin for WordPres
CVE-2026-4834	7.5	0.06%	1	0		2026-05-22T04:16:26.647000	The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'sear
CVE-2026-34908	10.0	0.01%	2	0		2026-05-22T03:30:33	A malicious actor with access to the network could exploit an Improper Access Co
CVE-2026-45250	7.8	0.01%	2	1		2026-05-22T03:30:26	The setcred(2) system call is only available to privileged users. However, befo
CVE-2026-9264	0	0.02%	1	0		2026-05-22T02:16:35.073000	A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components
CVE-2026-34911	7.7	0.01%	1	0		2026-05-22T02:16:34.667000	A malicious actor with access to the network and low privileges could exploit a
CVE-2026-34910	10.0	0.08%	2	0		2026-05-22T02:16:34.527000	A malicious actor with access to the network could exploit an Improper Input Val
CVE-2026-34909	10.0	0.02%	2	0		2026-05-22T02:16:34.390000	A malicious actor with access to the network could exploit a Path Traversal vuln
CVE-2026-33000	9.1	0.05%	2	0		2026-05-22T02:16:33.933000	A malicious actor with access to the network and high privileges could exploit a
CVE-2026-6960	9.8	0.15%	2	1		2026-05-21T22:16:48.643000	The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file upload
CVE-2026-46473	7.5	0.01%	2	0		2026-05-21T22:16:48.157000	Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secret
CVE-2026-47102	8.8	0.05%	1	1		2026-05-21T21:16:32.557000	LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /us
CVE-2026-47101	8.8	0.05%	1	1		2026-05-21T21:16:32.413000	LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API key
CVE-2026-47114	8.8	0.16%	1	0		2026-05-21T21:03:56.320000	IINA before 1.4.3 contains a user-assisted command execution vulnerability that
CVE-2026-34926	6.7	0.19%	5	1		2026-05-21T20:16:14.027000	A directory traversal vulnerability in the Apex One (on-premise) server could al
CVE-2025-34291	8.8	31.85%	2	2	template	2026-05-21T20:16:13.520000	Langflow versions up to and including 1.6.9 contain a chained vulnerability that
CVE-2026-24217	8.8	0.08%	1	0		2026-05-21T20:08:20.257000	NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause
CVE-2026-41035	7.4	0.03%	1	0		2026-05-21T19:23:51.373000	In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value
CVE-2026-48207	9.8	0.04%	2	0		2026-05-21T19:16:53.700000	Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializ
CVE-2026-9089	8.8	0.00%	1	0		2026-05-21T19:10:21.527000	The ConnectWise Automate™ Agent does not fully verify the authenticity of compon
CVE-2026-48241	8.1	0.05%	2	0		2026-05-21T19:10:12.323000	Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in
CVE-2026-48235	8.2	0.03%	1	0		2026-05-21T19:10:12.323000	Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/r
CVE-2026-48242	8.1	0.04%	1	0		2026-05-21T19:10:12.323000	Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection cre
CVE-2026-45251	7.8	0.01%	1	0		2026-05-21T19:01:22.710000	A file descriptor can be closed while a thread is blocked in a poll(2) or select
CVE-2026-45253	8.4	0.01%	1	0		2026-05-21T19:01:01.833000	ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) a
CVE-2026-45255	7.5	0.01%	1	0		2026-05-21T19:00:34.217000	When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, the
CVE-2026-8632	7.8	0.01%	1	0		2026-05-21T18:58:59.447000	A potential security vulnerability has been identified in the HP Linux Imaging a
CVE-2026-8631	9.8	0.02%	1	0		2026-05-21T18:58:41.297000	A potential security vulnerability has been identified in the HP Linux Imaging a
CVE-2026-43494	None	0.03%	2	3		2026-05-21T18:33:09	In the Linux kernel, the following vulnerability has been resolved: net/rds: re
CVE-2026-44925	8.8	0.00%	1	0		2026-05-21T16:57:27.350000	Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations
CVE-2026-47373	7.5	0.03%	1	0		2026-05-21T16:04:53.813000	Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attack
CVE-2026-47372	9.1	0.01%	1	0		2026-05-21T16:04:53.813000	Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values
CVE-2026-2740	8.4	1.25%	3	0		2026-05-21T15:26:35.653000	Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus
CVE-2026-24218	8.1	0.02%	1	0		2026-05-21T15:26:35.653000	NVIDIA DGX OS contains a vulnerability in the factory provisioning process, wher
CVE-2025-13479	7.5	0.03%	1	0		2026-05-21T15:24:41.890000	Authorization bypass through User-Controlled key vulnerability in PosCube Hardwa
CVE-2026-9082	6.5	12.57%	12	7	template	2026-05-21T15:24:25.330000	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-9102	0	0.48%	2	0		2026-05-21T15:24:25.330000	A path traversal vulnerability exists in the Altium Enterprise Server Comparison
CVE-2026-9157	8.4	0.02%	1	0		2026-05-21T15:24:25.330000	Improper input validation, Unrestricted upload of file with dangerous type vulne
CVE-2026-44052	7.5	0.03%	1	0		2026-05-21T15:20:19.040000	Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output
CVE-2026-44051	8.1	0.02%	1	0		2026-05-21T15:20:19.040000	An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows
CVE-2026-44050	9.9	0.14%	1	0		2026-05-21T15:20:19.040000	A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk
CVE-2026-44049	7.5	0.07%	1	0		2026-05-21T15:20:19.040000	An out-of-bounds write due to improper null termination in convert_charset() in
CVE-2026-44048	8.8	0.14%	1	0		2026-05-21T15:20:19.040000	A stack-based buffer overflow via UCS-2 type confusion in convert_charset() in N
CVE-2026-44062	7.5	0.19%	1	0		2026-05-21T15:20:19.040000	A missing output length bounds check in pull_charset_flags() in Netatalk 2.0.4 t
CVE-2026-44055	7.5	0.23%	1	0		2026-05-21T15:20:19.040000	A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 al
CVE-2026-5118	9.8	0.03%	1	4		2026-05-21T15:19:30.540000	The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation
CVE-2025-71217	7.8	0.01%	1	0		2026-05-21T15:16:22.223000	An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
CVE-2025-71216	7.8	0.01%	1	0		2026-05-21T15:16:22.037000	A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agen
CVE-2025-71214	7.8	0.01%	1	0		2026-05-21T15:16:21.100000	An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
CVE-2025-71211	9.8	0.43%	3	0		2026-05-21T15:05:28.023000	A vulnerability in the Trend Micro Apex One management console could allow a rem
CVE-2025-71213	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation error vulnerability in Trend Micro Apex One could allow a l
CVE-2025-71212	7.8	0.03%	1	0		2026-05-21T15:05:28.023000	A link following vulnerability in the Trend Micro Apex One scan engine could all
CVE-2025-71210	9.8	0.42%	2	0		2026-05-21T15:05:28.023000	A vulnerability in the Trend Micro Apex One management console could allow a rem
CVE-2026-34930	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34927	7.8	0.01%	4	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34929	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34928	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45207	7.8	0.01%	2	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45206	7.8	0.01%	2	0		2026-05-21T15:05:28.023000	An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45208	7.8	0.01%	1	0		2026-05-21T15:05:28.023000	A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow
CVE-2026-46333	7.1	0.01%	11	4		2026-05-21T14:16:48.910000	In the Linux kernel, the following vulnerability has been resolved: ptrace: sli
CVE-2026-5433	9.1	0.26%	1	0		2026-05-21T09:32:17	Honeywell Control Network Module (CNM) contains command injection vulnerability
CVE-2026-44068	7.6	0.15%	1	0		2026-05-21T09:32:16	Incomplete sanitization of extended attribute (EA) path components in Netatalk 2
CVE-2026-44060	7.5	0.08%	1	0		2026-05-21T09:32:10	An integer underflow in dsi_writeinit() in Netatalk 1.5.0 through 4.4.2 allows a
CVE-2026-44047	8.8	0.03%	1	0		2026-05-21T09:32:09	An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 throu
CVE-2026-48172	None	0.02%	2	2		2026-05-21T03:30:31	LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possi
CVE-2026-42960	10.0	0.02%	1	0		2026-05-20T22:51:43.680000	NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning
CVE-2026-42959	7.5	0.04%	1	0		2026-05-20T22:51:00.717000	NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vu
CVE-2026-42944	7.5	0.04%	1	0		2026-05-20T22:50:49.877000	NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability
CVE-2026-41292	7.5	0.06%	1	0		2026-05-20T22:49:46.850000	NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degrada
CVE-2026-33278	9.8	0.24%	1	0		2026-05-20T22:49:23.313000	NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability
CVE-2026-44926	8.8	0.01%	1	0		2026-05-20T20:16:40.517000	InfoScale CmdServer before 7.4.2 mishandles access control.
CVE-2026-41091	7.8	4.53%	4	2		2026-05-20T19:06:36.850000	Improper link resolution before file access ('link following') in Microsoft Defe
CVE-2026-45498	4.0	3.21%	3	1		2026-05-20T19:05:46.837000	Microsoft Defender Denial of Service Vulnerability
CVE-2026-20223	10.0	0.05%	1	1		2026-05-20T18:31:36	A vulnerability in the access validation of internal REST APIs of Cisco Sec
CVE-2026-45585	6.8	0.11%	2	4		2026-05-20T16:42:42.177000	Microsoft is aware of a security feature bypass vulnerability in Windows publicl
CVE-2026-36829	9.8	0.52%	2	0		2026-05-19T18:16:21.613000	An authentication bypass vulnerability exists in the embedded HTTP server of Pan
CVE-2026-26978	0	0.48%	2	0		2026-05-19T15:04:09.490000	FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the back
CVE-2026-8777	6.3	1.12%	2	0		2026-05-18T19:22:47.003000	A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the funct
CVE-2026-8774	6.3	1.12%	2	0		2026-05-18T19:22:47.003000	A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is
CVE-2026-42897	8.1	8.40%	1	1		2026-05-15T19:35:52.963000	Improper neutralization of input during web page generation ('cross-site scripti
CVE-2026-40369	7.8	0.01%	1	3		2026-05-14T17:52:50.143000	Untrusted pointer dereference in Windows Kernel allows an authorized attacker to
CVE-2026-0265	0	0.03%	2	2		2026-05-13T18:17:47.830000	An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software en
CVE-2026-28910	3.3	0.01%	3	0		2026-05-13T14:02:20.380000	This issue was addressed with improved permissions checking. This issue is fixed
CVE-2026-1502	0	0.02%	2	0		2026-05-10T21:16:28.247000	CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.
CVE-2026-34474	7.5	0.05%	1	1		2026-05-07T15:15:06.770000	Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A
CVE-2026-4115	3.7	0.01%	1	0		2026-04-30T18:33:16.693000	A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verif
CVE-2026-5140	8.8	0.05%	2	0		2026-04-29T15:30:39	Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TU
CVE-2026-3102	6.3	0.07%	1	2		2026-04-29T01:00:01.613000	A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affe
CVE-2026-26928	0	0.01%	4	0		2026-04-27T19:22:58.477000	SzafirHost downloads necessary files in the context of the initiating web page.
CVE-2013-0422	9.8	93.61%	1	0		2026-04-21T19:02:35.430000	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attacker
CVE-2026-5426	7.5	0.08%	1	0		2026-04-18T04:16:25.243000	Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver de
CVE-2025-41240	10.0	1.32%	1	0		2026-04-15T00:35:42.020000	Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/op
CVE-2025-58355	7.7	0.10%	1	0		2026-04-15T00:35:42.020000	Soft Serve is a self-hostable Git server for the command line. In versions 0.9.1
CVE-2024-12802	9.1	0.07%	2	0		2026-04-15T00:35:42.020000	SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the s
CVE-2026-26980	9.4	63.49%	10	3	template	2026-02-20T19:22:53.637000	Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 all
CVE-2019-15107	9.8	94.46%	1	44	template	2025-11-06T16:50:47.130000	An issue was discovered in Webmin <=1.920. The parameter old in password_change.
CVE-2018-0802	7.8	93.89%	1	7		2025-10-22T00:31:30	Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Offic
CVE-2025-23256	8.7	0.02%	1	0		2025-09-05T18:31:19	NVIDIA BlueField contains a vulnerability in the management interface, where an
CVE-2025-8853	9.8	0.41%	2	0		2025-08-11T09:30:44	Official Document Management System developed by 2100 Technology has an Authenti
CVE-2021-35036	6.5	0.15%	1	1		2024-11-21T06:11:43.343000	A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmw
CVE-2021-21735	6.5	0.15%	2	1		2024-11-21T05:48:54.387000	A ZTE product has an information leak vulnerability. Due to improper permission
CVE-2018-5999	9.8	90.79%	1	0		2024-11-21T04:09:51.257000	An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_reque
CVE-2023-30626	8.8	0.76%	1	0		2023-11-07T05:05:53	### Impact Frederic Linn (@FredericLinn) has reported a series of vulnerabilitie
CVE-2026-9058	0	0.00%	4	0			N/A
CVE-2026-9435	0	0.89%	2	0			N/A
CVE-2026-9436	0	0.94%	2	0			N/A
CVE-2026-9434	0	0.89%	2	0			N/A
CVE-2026-9404	0	0.89%	2	0			N/A
CVE-2026-9256	0	0.13%	6	1			N/A
CVE-2026-9405	0	0.89%	2	0			N/A
CVE-2026-9407	0	0.89%	2	0			N/A
CVE-2026-9408	0	0.89%	2	0			N/A
CVE-2026-9406	0	0.89%	2	0			N/A
CVE-2026-5223	0	0.04%	1	0			N/A
CVE-2026-46349	0	0.00%	1	0			N/A
CVE-2026-9345	0	0.04%	1	0			N/A
CVE-2026-9360	0	0.04%	1	0			N/A
CVE-2026-9348	0	0.04%	1	0			N/A
CVE-2026-3515	0	0.10%	1	0			N/A
CVE-2026-48829	0	0.04%	1	0			N/A
CVE-2026-9346	0	0.04%	1	0			N/A
CVE-2026-9294	0	0.01%	1	0			N/A
CVE-2026-9295	0	0.01%	1	0			N/A
CVE-2026-40412	0	0.29%	1	0			N/A
CVE-2026-23652	0	0.07%	1	0			N/A
CVE-2025-70116	0	0.00%	1	0			N/A
CVE-2026-40411	0	0.09%	1	0			N/A
CVE-2026-41104	0	0.27%	3	0			N/A
CVE-2026-47280	0	0.07%	1	0			N/A
CVE-2026-41090	0	0.05%	2	0			N/A
CVE-2026-33843	0	0.05%	2	0			N/A
CVE-2026-46300	0	0.05%	1	8			N/A
CVE-2026-42901	0	0.03%	2	0			N/A
CVE-2026-25262	0	0.00%	1	0			N/A
CVE-2026-46529	0	0.00%	1	1			N/A
CVE-2026-8992	0	0.12%	1	0			N/A
CVE-2026-25606	0	0.03%	1	0			N/A
CVE-2026-8679	0	24.53%	2	0	template		N/A
CVE-2026-47243	0	0.00%	1	0			N/A

CVE-2026-9011
(7.5 HIGH)

EPSS: 0.03%

updated 2026-05-22T09:16:33.327000

1 posts

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to retrieve the full item content of non-public Dittys — including drafts, pending, sched

thehackerwire@mastodon.social at 2026-05-22T09:59:51.000Z ##

🟠 CVE-2026-9011 - High (7.5)

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perfor...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9011/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9018
(8.8 HIGH)

EPSS: 0.03%

updated 2026-05-22T05:16:28.067000

1 posts

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the `easyel_handle_register()` function. This is due to the `wp_ajax_nopriv_eel_register` AJAX handler iterating the attacker-controlled `custom_meta` POST array and writing every supplied key-value pair to the newly created user's

1 repos

https://github.com/xxconi/CVE-2026-9018

thehackerwire@mastodon.social at 2026-05-22T06:01:01.000Z ##

🟠 CVE-2026-9018 - High (8.8)

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the `easyel_handle_register()` function. This is due to the `wp_ajax_nopriv_e...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9018/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4834
(7.5 HIGH)

EPSS: 0.06%

updated 2026-05-22T04:16:26.647000

1 posts

The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter in all versions up to, and including, 1.5.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be

thehackerwire@mastodon.social at 2026-05-22T04:59:48.000Z ##

🟠 CVE-2026-4834 - High (7.5)

The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter in all versions up to, and including, 1.5.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4834/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34908
(10.0 CRITICAL)

EPSS: 0.01%

updated 2026-05-22T03:30:33

2 posts

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

offseq@infosec.exchange at 2026-05-22T06:00:27.000Z ##

🚨 CVE-2026-34908 (CVSS 10.0): Ubiquiti UniFi OS Server has a critical improper access control flaw, allowing unauthenticated remote compromise. No patch yet — restrict network access & monitor vendor updates. https://radar.offseq.com/threat/cve-2026-34908-cwe-284-improper-access-control-gen-70db5de1 #OffSeq #UniFi #Vuln #BlueTeam

##

thehackerwire@mastodon.social at 2026-05-22T03:00:10.000Z ##

🔴 CVE-2026-34908 - Critical (10)

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34908/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45250
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-22T03:30:26

2 posts

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capacity of that buffer, a stack buffer overflow occurs. Because the bounds check on the supplementary g

1 repos

https://github.com/venglin/setcred

campuscodi@mastodon.social at 2026-05-24T19:08:20.000Z ##

After a wave of Linux LPEs being disclosed over the past weeks, we now have one in FreeBSD, this one with a special name of "FatGid" or CVE-2026-45250

https://fatgid.io/

##

thehackerwire@mastodon.social at 2026-05-22T05:00:30.000Z ##

🟠 CVE-2026-45250 - High (7.8)

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validatin...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45250/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9264
(0 None)

EPSS: 0.02%

updated 2026-05-22T02:16:35.073000

1 posts

A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to execute arbitrary system commands and read local files without user interaction by exploiting an embedd

offseq@infosec.exchange at 2026-05-22T03:00:23.000Z ##

⚠️ CRITICAL: CVE-2026-9264 in Trimble SketchUp 2026 allows RCE & file exfiltration via malicious SKP files (Dynamic Components, IE11 browser). No patch yet. Avoid untrusted SKP files. More: https://radar.offseq.com/threat/cve-2026-9264-cwe-94-improper-control-of-generatio-9d9e29a0 #OffSeq #SketchUp #Vuln #InfoSec

##

CVE-2026-34911
(7.7 HIGH)

updated 2026-05-21T20:16:14.027000

5 posts

A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex One and a potential attacker must have access to the Apex One Server and already obtained adminis

1 repos

https://github.com/HORKimhab/CVE-2026-34926

AAKL@infosec.exchange at 2026-05-22T14:58:11.000Z ##

CVE-2026-34926.

Security Week: TrendAI Patches Apex One Zero-Day Exploited in the Wild https://www.securityweek.com/trendai-patches-apex-one-zero-day-exploited-in-the-wild/ @SecurityWeek #infosec #vulnerability

##

beyondmachines1@infosec.exchange at 2026-05-22T09:01:07.000Z ##

Trend Micro Patches Actively Exploited Directory Traversal in Apex One

Trend Micro patched eight vulnerabilities in Apex One and Vision One, including a directory traversal flaw (CVE-2026-34926) that is exploited in the wild to inject malicious code into security agents.

**If you're using Trend Micro Apex One (on-premise) or Vision One, you are under attack. Immediately update to the patched versions (SP1 CP Build 18012 / SP1 Build 17079 for on-premise, or agent build 14.0.20731+ for cloud) since one of its flaws is actively exploited to push malware through your own security tools. Even if the exploited flaw requires authentication, obviously that is not difficult to obtain for hackers.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/trend-micro-patches-actively-exploited-directory-traversal-in-apex-one-r-u-9-l-z/gD2P6Ple2L

##

secdb@infosec.exchange at 2026-05-21T22:00:19.000Z ##

🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0521)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-34291 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-34291)
- Name: Langflow Origin Validation Error Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/langflow-ai/langflow ; https://github.com/langflow-ai/langflow/releases/tag/v1.9.3; https://github.com/langflow-ai/langflow/issues/11465#event-25774545848 ; https://nvd.nist.gov/vuln/detail/CVE-2025-34291

⚠️ CVE-2026-34926 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34926)
- Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Trend Micro
- Product: Apex One
- Notes: https://success.trendmicro.com/en-US/solution/KA-0023430 ; https://nvd.nist.gov/vuln/detail/CVE-2026-34926

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

##

cisakevtracker@mastodon.social at 2026-05-21T20:01:09.000Z ##

CVE ID: CVE-2026-34926
Vendor: Trend Micro
Product: Apex One
Date Added: 2026-05-21
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-34926

##

cR0w@infosec.exchange at 2026-05-21T18:58:09.000Z ##

EITW ../ in Trend Micro Apex One. :brdAlert:

https://success.trendmicro.com/en-US/solution/KA-0023430

CVE-2026-34926

TrendAI has released updates to Apex One (on-premise), Apex One as a Service and Vision One - Standard Endpoint Protection (SEP) to resolve multiple vulnerabilities.

##

CVE-2025-34291
(8.8 HIGH)

EPSS: 31.85%

updated 2026-05-21T20:16:13.520000

2 posts

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the ref

Nuclei template

2 repos

https://github.com/ridhinva/CVE-2025-34291-Langflow-Scanner

https://github.com/amnnrth/CVE-2025-34291_cors_security_scanner

secdb@infosec.exchange at 2026-05-21T22:00:19.000Z ##

🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0521)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-34291 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-34291)
- Name: Langflow Origin Validation Error Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/langflow-ai/langflow ; https://github.com/langflow-ai/langflow/releases/tag/v1.9.3; https://github.com/langflow-ai/langflow/issues/11465#event-25774545848 ; https://nvd.nist.gov/vuln/detail/CVE-2025-34291

⚠️ CVE-2026-34926 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34926)
- Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Trend Micro
- Product: Apex One
- Notes: https://success.trendmicro.com/en-US/solution/KA-0023430 ; https://nvd.nist.gov/vuln/detail/CVE-2026-34926

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

##

cisakevtracker@mastodon.social at 2026-05-21T20:00:52.000Z ##

CVE ID: CVE-2025-34291
Vendor: Langflow
Product: Langflow
Date Added: 2026-05-21
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-34291

##

CVE-2026-24217
(8.8 HIGH)

EPSS: 0.08%

updated 2026-05-21T20:08:20.257000

1 posts

NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.

thehackerwire@mastodon.social at 2026-05-23T02:00:03.000Z ##

🟠 CVE-2026-24217 - High (8.8)

NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24217/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41035
(7.4 HIGH)

EPSS: 0.03%

updated 2026-05-21T19:23:51.373000

1 posts

In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable.

linux@activitypub.awakari.com at 2026-05-23T08:39:39.000Z ## CVE-2026-41035 In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xa...

#CVE

Origin | Interest | Match ##

CVE-2026-48207
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-21T19:16:53.700000

2 posts

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory Python-native mode with strict mode disabled and relies on DeserializationPolicy to restrict unsafe classes,

offseq@infosec.exchange at 2026-05-21T21:00:11.000Z ##

🚨 CRITICAL: CVE-2026-48207 in Apache Fory <1.0.0 — Deserialization flaw in PyFory ReduceSerializer bypasses DeserializationPolicy, risking RCE if strict mode is off. Upgrade to 1.0.0+ ASAP! https://radar.offseq.com/threat/cve-2026-48207-cwe-502-deserialization-of-untruste-97a80f2c #OffSeq #CVE202648207 #Vulnerability #ApacheFory

##

thehackerwire@mastodon.social at 2026-05-21T20:00:29.000Z ##

🔴 CVE-2026-48207 - Critical (9.8)

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deseri...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48207/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9089
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-21T19:10:21.527000

1 posts

The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5.

thehackerwire@mastodon.social at 2026-05-21T17:00:20.000Z ##

🟠 CVE-2026-9089 - High (8.8)

The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9089/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48241
(8.1 HIGH)

EPSS: 0.05%

updated 2026-05-21T19:10:12.323000

2 posts

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are committed to the source repository. Any actor with access to the public source tree (or an unauthenticated attacker with read access to the file on a deployed installation) can read the username, password, and database name and use them to connect to the database

offseq@infosec.exchange at 2026-05-21T19:30:18.000Z ##

🚨 CRITICAL: Open ISES Tickets <3.44.2 has hardcoded MySQL creds in loader.php (CVE-2026-48241), exposing DBs to attack if reachable. Restrict file & DB access, rotate creds now. No official fix yet. https://radar.offseq.com/threat/cve-2026-48241-use-of-hard-coded-credentials-in-op-e794805b #OffSeq #Vulnerability #MySQL #AppSec

##

thehackerwire@mastodon.social at 2026-05-21T18:59:49.000Z ##

🟠 CVE-2026-48241 - High (8.1)

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are committed to the source repository. Any actor with access to the public source tree (or an unauthenticated atta...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48241/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48235
(8.2 HIGH)

EPSS: 0.03%

updated 2026-05-21T19:10:12.323000

1 posts

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses (InstaMapper and Google Latitude integration) are concatenated into UPDATE and INSERT statements without sanitization. An attacker able to compromise or impersonate the re

thehackerwire@mastodon.social at 2026-05-21T19:00:04.000Z ##

🟠 CVE-2026-48235 - High (8.2)

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses (InstaMapper and G...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48235/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48242
(8.1 HIGH)

In the Linux kernel, the following vulnerability has been resolved: net/rds: reset op_nents when zerocopy page pin fails When iov_iter_get_pages2() fails in rds_message_zcopy_from_user(), the pinned pages are released with put_page(), and rm->data.op_mmp_znotifier is cleared. But we fail to properly clear rm->data.op_nents. Later when rds_message_purge() is called from rds_sendmsg() the cleanu

3 repos

https://github.com/Koshmare-Blossom/PinTheft-go

https://github.com/jayhutajulu1/CVE-2026-43494-PinTheft-PoC

https://github.com/0xBlackash/CVE-2026-43494

linux@activitypub.awakari.com at 2026-05-20T14:27:32.000Z ## Daniel Baumann: Debian: Linux Vulnerability Mitigation (PinTheft) Following the series of various Linux exploits of the last three weeks, the bug of today is PinTheft [ CVE-2026-43494 ] which is lo...

Origin | Interest | Match ##

EPSS: 1.25%

updated 2026-05-21T15:26:35.653000

3 posts

Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency.

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

EPSS: 12.57%

updated 2026-05-21T15:24:25.330000

12 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Nuclei template

7 repos

https://github.com/7h30th3r0n3/CVE-2026-9082-Drupal-PoC

https://github.com/0xBlackash/CVE-2026-9082

https://github.com/N45HT/drupal-cve-2026-9082-checker

https://github.com/ywh-jfellus/CVE-2026-9082

https://github.com/HORKimhab/CVE-2026-9082

https://github.com/ridhinva/CVE-2026-9082

https://github.com/lysophavin18/cve-2026-9082

undercodenews@mastodon.social at 2026-05-25T08:04:12.000Z ##

Drupal Critical SQL Injection Vulnerability Under Active Exploitation as CISA Issues Urgent Warning + Video

Introduction A newly disclosed security flaw in Drupal Core has rapidly escalated into a major cybersecurity concern after active exploitation attempts were detected worldwide only days after disclosure. The vulnerability, tracked as CVE-2026-9082, has now been officially added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited…

https://undercodenews.com/drupal-critical-sql-injection-vulnerability-under-active-exploitation-as-cisa-issues-urgent-warning-video/?utm_source=mastodon&utm_medium=jetpack_social

##

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

ChrisShort@hachyderm.io at 2026-05-23T20:25:33.000Z ##

CVE-2026-9082: Critical Drupal Core SQL Injection Vulnerability | Tenable® #devopsish https://www.tenable.com/blog/cve-2026-9082-highly-critical-sql-injection-vulnerability-in-drupal-core-sa-core-2026-004

##

ghard@mastodon.social at 2026-05-23T11:16:08.000Z ##

@apz LOL very timely, just on that note, say hello to CVE-2026-9082
Not that I would trust Drupal or any other modern or ancient CMS any longer than I could throw it.

##

beyondmachines1@infosec.exchange at 2026-05-23T08:01:07.000Z ##

Drupal Critical SQL Injection Flaw Actively Exploited

Drupal is urging immediate updates to patch CVE-2026-9082, an SQL injection vulnerability in the database abstraction API that is exploited in the wild. The flaw allows unauthenticated attackers to perform remote code execution and data theft on sites using PostgreSQL.

**If you run Drupal, update to the latest version immediately because hackers are already using this flaw to take over websites. Even if you do not use PostgreSQL, the update fixes other hidden security holes in the software's building blocks like Symfony and Twig.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/drupal-critical-sql-injection-flaw-actively-exploited-y-u-f-p-q/gD2P6Ple2L

##

bugxhunter@infosec.exchange at 2026-05-22T22:00:45.000Z ##

🔍 Drupal Core SQL Injection Vulnerability Added to KEV Catalog

📝 Drupal Core CVE-2026-9082 exploited, poses significant risk to federal networks.

https://www.cisa.gov/news-events/alerts/2026/05/22/cisa-adds-one-known-exploited-vulnerability-catalog

📰 Alerts

#CVE #ZeroDay

##

secdb@infosec.exchange at 2026-05-22T20:00:14.000Z ##

🚨 [CISA-2026:0522] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0522)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-9082 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-9082)
- Name: Drupal Core SQL Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Drupal
- Product: Core
- Notes: https://www.drupal.org/sa-core-2026-004 ; https://nvd.nist.gov/vuln/detail/CVE-2026-9082

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260522 #cisa20260522 #cve_2026_9082 #cve20269082

##

cisakevtracker@mastodon.social at 2026-05-22T19:00:55.000Z ##

CVE ID: CVE-2026-9082
Vendor: Drupal
Product: Core
Date Added: 2026-05-22
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-9082

##

_r_netsec@infosec.exchange at 2026-05-22T14:28:05.000Z ##

Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082) https://slcyber.io/research-center/keys-to-the-kingdom-anonymous-sql-injection-in-drupal-core-cve-2026-9082/

##

Analyst207@mastodon.social at 2026-05-22T13:16:29.000Z ##

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

https://osintsights.com/drupal-sites-targeted-in-sql-injection-attacks?utm_source=mastodon&utm_medium=social

#SqlInjection #Drupal #Cve20269082 #EmergingThreats #ArbitraryCodeExecution

##

bearstech@mamot.fr at 2026-05-22T12:57:49.000Z ##

Faille Drupal critique : injection SQL via PostgreSQL (CVE-2026-9082)

👉 https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0629/

##

CVE-2026-9102
(0 None)

EPSS: 0.48%

updated 2026-05-21T15:24:25.330000

2 posts

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended temporary upload directory and write arbitrary files to any location on the server filesystem. Because

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

CVE-2026-9157
(8.4 HIGH)

EPSS: 0.02%

updated 2026-05-21T15:24:25.330000

updated 2026-05-21T15:19:30.540000

1 posts

The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to the plugin accepting a user-controlled 'role' parameter from POST data during user registration without validating it against the form's configured default_user_role setting. This makes it possible for unauthenticated attackers to create administrator accounts by

4 repos

updated 2026-05-21T15:05:28.023000

3 posts

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a res

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

updated 2026-05-21T15:05:28.023000

2 posts

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mi

thehackerwire@mastodon.social at 2026-05-22T01:00:29.000Z ##

🔴 CVE-2025-71211 - Critical (9.8)

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71211/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-22T01:00:18.000Z ##

🔴 CVE-2025-71210 - Critical (9.8)

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.

Please note: although this vulnerability carries a technical critical CVSS rat...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71210/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34930
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

1 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T23:00:15.000Z ##

🟠 CVE-2026-34930 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism.

Please note: an ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34930/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34927
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

4 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T23:00:15.000Z ##

🟠 CVE-2026-34930 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism.

Please note: an ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34930/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T22:01:57.000Z ##

🟠 CVE-2026-34929 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different inter-process communication mechanism.

Please ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34929/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T22:01:47.000Z ##

🟠 CVE-2026-34928 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism.

Please not...

updated 2026-05-21T15:05:28.023000

2 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T20:00:48.000Z ##

🟠 CVE-2026-45206 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45206/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T17:00:30.000Z ##

🟠 CVE-2026-45207 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45207/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45206
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

2 posts

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T20:00:48.000Z ##

🟠 CVE-2026-45206 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45206/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-21T17:00:30.000Z ##

🟠 CVE-2026-45207 - High (7.8)

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism.

Pl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45207/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45208
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-21T15:05:28.023000

1 posts

A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

thehackerwire@mastodon.social at 2026-05-21T20:00:39.000Z ##

🟠 CVE-2026-45208 - High (7.8)

A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45208/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46333
(7.1 HIGH)

EPSS: 0.01%

updated 2026-05-21T14:16:48.910000

11 posts

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointe

4 repos

https://github.com/studiogangster/CVE-2026-46333

https://github.com/Aurillium/public-passwd

https://github.com/0xBlackash/CVE-2026-46333

https://github.com/KaraZajac/CHARON

linux@activitypub.awakari.com at 2026-05-23T20:42:46.000Z ## Linux Kernel Flaw CVE-2026-46333 Exposes Systems to Local Root Attacks via ptrace Race CVE-2026-46333 exposes a nine-year-old race in the Linux kernel's ptrace exit path. Unprivileged users can...

#CybersecurityUpdate #CVE-2026-46333 #Linux #kernel #vulnerability #local #root #escalation #ptrace #race #condition

Origin | Interest | Match ##

benzogaga33@mamot.fr at 2026-05-24T10:10:04.000Z ##

Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path

##

knoppix95@mastodon.social at 2026-05-24T07:35:51.000Z ##

Researchers disclosed CVE-2026-46333, a Linux kernel flaw present since 2016 that enables local users to access sensitive files and execute commands as root. 🐧
Qualys said Debian, Fedora and Ubuntu default installs are affected, while admins are urged to patch kernels and rotate exposed SSH keys. 🔑

🔗 https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html

#TechNews #Linux #Kernel #CVE202646333 #CVE #Cybersecurity #Qualys #Ubuntu #Debian #Fedora #OpenSource #FOSS #Security #Exploit #Infosec #SysAdmin #Privacy #SSH #Admin

##

linux@activitypub.awakari.com at 2026-05-22T00:24:25.000Z ## Oracle Linux 9 Kernel Important ptrace Issue ELSA-2026-50280 CVE-2026-46333 The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

#Oracle #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

ruario@vivaldi.net at 2026-05-23T16:02:58.000Z ##

Linux fans, please tell me you have updated your machine for "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path", right… right!?

##

linux@activitypub.awakari.com at 2026-05-23T14:18:42.000Z ## В Linux беше открита поредната сериозна уязвимост – тя съществува от цели 10 години В Linux беше открита поредна ...

#IT #Новини #CVE-2026-46333 #Linux #киберсигурност #операционна #система #уязвимост

Origin | Interest | Match ##

linux@activitypub.awakari.com at 2026-05-20T15:40:19.000Z ## CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...

#Vulnerabilities #and #Threat #Research #security #vulnerabilities

Origin | Interest | Match ##

rusty__shackleford@mastodon.social at 2026-05-22T12:57:53.000Z ##

I have no words.

---
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

updated 2026-05-21T03:30:31

2 posts

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. LiteSpeed WHM Plugin (the parent plugin) is unaffected. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of

2 repos

https://github.com/retmakarunia/CVE-2026-48172

https://github.com/HORKimhab/CVE-2026-48172

beyondmachines1@infosec.exchange at 2026-05-24T14:01:08.000Z ##

LiteSpeed cPanel Plugin Zero-Day Exploited for Root Access

updated 2026-05-20T19:06:36.850000

4 posts

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

2 repos

https://github.com/ridhinva/defender-vulnerability-scanner

https://github.com/0xBlackash/CVE-2026-41091

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

oversecurity@mastodon.social at 2026-05-22T09:20:40.000Z ##

Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems

Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and...

🔗️ [Thecyberexpress] https://link.is.it/oRM68F

##

beyondmachines1@infosec.exchange at 2026-05-21T17:01:08.000Z ##

Microsoft Patches Actively Exploited Defender Vulnerabilities

Microsoft and CISA confirmed active exploitation of vulnerabilities in Microsoft Defender, including a privilege escalation flaw (CVE-2026-41091) and a denial-of-service bug (CVE-2026-45498).

**Check that your Microsoft Defender engine version is 1.1.26040.8 or higher to ensure you are protected against these active exploits. While updates are usually automatic, manual verification is necessary for critical systems to confirm the patches were applied.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/microsoft-patches-actively-exploited-defender-vulnerabilities-0-b-g-y-f/gD2P6Ple2L

##

CVE-2026-45498
(4.0 MEDIUM)

EPSS: 3.21%

updated 2026-05-20T19:05:46.837000

3 posts

Microsoft Defender Denial of Service Vulnerability

1 repos

https://github.com/ridhinva/defender-vulnerability-scanner

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

beyondmachines1@infosec.exchange at 2026-05-21T17:01:08.000Z ##

Microsoft Patches Actively Exploited Defender Vulnerabilities

Microsoft and CISA confirmed active exploitation of vulnerabilities in Microsoft Defender, including a privilege escalation flaw (CVE-2026-41091) and a denial-of-service bug (CVE-2026-45498).

**Check that your Microsoft Defender engine version is 1.1.26040.8 or higher to ensure you are protected against these active exploits. While updates are usually automatic, manual verification is necessary for critical systems to confirm the patches were applied.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/microsoft-patches-actively-exploited-defender-vulnerabilities-0-b-g-y-f/gD2P6Ple2L

##

CVE-2026-20223
(10.0 CRITICAL)

EPSS: 0.05%

updated 2026-05-20T18:31:36

1 posts

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a craft

1 repos

https://github.com/HORKimhab/CVE-2026-20223

oversecurity@mastodon.social at 2026-05-22T07:51:39.000Z ##

Cisco Secure Workload Flaw CVE-2026-20223 Gets Maximum CVSS 10 Rating

Cisco has released security updates to fix a critical vulnerability, tracked as CVE-2026-20223, affecting its Cisco Secure Workload platform. The

🔗️ [Thecyberexpress] https://link.is.it/oVchv5

##

CVE-2026-45585
(6.8 MEDIUM)

EPSS: 0.11%

updated 2026-05-20T16:42:42.177000

2 posts

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available.

4 repos

https://github.com/andrei-majer/bitlocker-hardening

https://github.com/bjbakker1984/Yellowkey-mitigation

https://github.com/Mclisterjoeh2o/yellowkey-bitlocker

https://github.com/everest90909/YellowKey-WinRE-Remediation

generalx@freeradical.zone at 2026-05-24T17:25:59.000Z ##

New Nightmare Eclipse account is at https://gitlab.com/nightmare-eclipse

"You defame me in public with your CVE-2026-45585 advisory even though you literally deleted the Microsoft account I used to report bugs to you with and I got zero pennies from doing so and I still happily did like an idiot.

Now you take the courtesy to flag my github account and wipe it out of the public, just like that ?

Mark this date July 14th, I will make sure your bones are shattered that day."
#threatintel

##

cyclone@infosec.exchange at 2026-05-23T16:41:26.000Z ##

YellowKey: BitLocker Bypass or Backdoor

YellowKey, tracked as CVE-2026-45585, is a public BitLocker bypass that abuses WinRE/recovery-path behavior to expose a protected volume without the Windows password, recovery key, or AES cracking.

At the time of this post, the author’s GitHub and original YellowKey repo appear to be down.

#BitLocker #YellowKey #CVE202645585 #CyberSecurity #InfoSec #WindowsSecurity #TPM #FullDiskEncryption #hack #exploit #news #hashpwn

##

CVE-2026-36829
(9.8 CRITICAL)

EPSS: 0.52%

updated 2026-05-19T18:16:21.613000

2 posts

An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value without proper sanitization, allowing directory traversal and bypass of authentication.

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

CVE-2026-26978
(0 None)

EPSS: 0.48%

updated 2026-05-19T15:04:09.490000

2 posts

FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX extracts selected files from a user-supplied tar archive. If a malicious file exists in the archive, it is read and pass

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

CVE-2026-8777
(6.3 MEDIUM)

EPSS: 1.12%

updated 2026-05-18T19:22:47.003000

2 posts

A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrv_ssid results in command injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosur

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

CVE-2026-8774
(6.3 MEDIUM)

EPSS: 1.12%

updated 2026-05-18T19:22:47.003000

2 posts

A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

secdb at 2026-05-25T00:01:16.940Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

secdb@infosec.exchange at 2026-05-25T00:01:16.000Z ##

📈 CVE Published in last 7 days (2026-05-18 - 2026-05-25)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 962

Severity:
- Critical: 85
- High: 252
- Medium: 316
- Low: 63
- None: 246

Status:
- : 213
- Analyzed: 170
- Awaiting Analysis: 62
- Deferred: 309
- Modified: 24
- Received: 103
- Rejected: 5
- Undergoing Analysis: 76

Top CNAs:
- N/A: 213
- VulnCheck: 86
- Wordfence: 71
- GitHub, Inc.: 59
- ConcreteCMS: 41
- MITRE: 37
- securin: 33
- Mozilla Corporation: 32
- Mattermost, Inc.: 24
- Apache Software Foundation: 22

Top Affected Products:
- UNKNOWN: 746
- Mozilla Firefox: 32
- Mozilla Thunderbird: 29
- Mattermost Server: 17
- Apache Ofbiz: 17
- Google Chrome: 16
- Nlnetlabs Unbound: 10
- Nvidia Triton Inference Server: 8
- Freebsd: 7
- Samba Rsync: 6

##

CVE-2026-42897
(8.1 HIGH)

EPSS: 8.40%

updated 2026-05-15T19:35:52.963000

1 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

1 repos

https://github.com/atiilla/CVE-2026-42897

PC_Fluesterer@social.tchncs.de at 2026-05-25T11:27:50.000Z ##

Microsoft Exchange-Server Zero-Day Angriffe

Der Exchange-Server von Microsoft (MS) ist die zentrale Schaltstelle für sämtliche organisatorischen Aufgaben im MS-Biotop: E-Mails, Kalender, Kontakte. Im Normalfall wird mit Outlook auf den Exchange-Server zugegrriffen. Outlook hat eine besonders "komfortable" Erweiterung namens Outlook Web Access (OWA). Die ermöglicht es einem Angreifer, durch eine präparierte E-Mail die Sicherheitslücke CVE-2026-42897 im Exchange-Server auszunutzen. Das Opfer muss die Mail nur in OWA öffnen. Die Lücke wird bereits für Angriffe ausgenutzt. Bisher gibt es keinen Flicken gegen diese Sicherheitslücke. Was

https://www.pc-fluesterer.info/wordpress/2026/05/25/microsoft-exchange-server-zero-day-angriffe/

#Empfehlung #Hintergrund #Warnung #0day #cybercrime #Microsoft #office #outlook #sicherheit #unplugMicrosoft #UnplugTrump #windows

##

CVE-2026-40369
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-14T17:52:50.143000

1 posts

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

3 repos

https://github.com/orinimron123/CVE-2026-40369-EXPLOIT

https://github.com/piffd0s/ntoskrnl-metadata

https://github.com/ercihan/CVE-2026-40369

hackerworkspace@infosec.exchange at 2026-05-21T18:33:55.000Z ##

CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox - VoidSec

https://voidsec.com/cve-2026-40369-browser-sandbox-escape/

Read on HackerWorkspace: https://hackerworkspace.com/article/cve-2026-40369-twelve-bytes-to-escape-the-browser-sandbox-voidsec

#cybersecurity #vulnerability #exploit

##

CVE-2026-0265
(0 None)

EPSS: 0.03%

updated 2026-05-13T18:17:47.830000

2 posts

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure acc

2 repos

https://github.com/BishopFox/CVE-2026-0265-check

https://github.com/tstephens1080/palo-alto-cve-2026-0265-checker

hrbrmstr@mastodon.social at 2026-05-25T15:08:44.000Z ##

I thought Palo was part of the Mythos seekrit cabal platform and also had their own advanced AI BS that protected enterprises from everything.

Given that, how does CVE-2026-0265 — an at-scale PAN-OS CAS Authentication Bypass — happen now?

Seems like Mythos isn't all its cracked up to be?

##

hrbrmstr@mastodon.social at 2026-05-25T15:08:44.000Z ##

I thought Palo was part of the Mythos seekrit cabal platform and also had their own advanced AI BS that protected enterprises from everything.

Given that, how does CVE-2026-0265 — an at-scale PAN-OS CAS Authentication Bypass — happen now?

Seems like Mythos isn't all its cracked up to be?

##

CVE-2026-28910
(3.3 LOW)

EPSS: 0.01%

updated 2026-05-13T14:02:20.380000

3 posts

This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files.

psylo at 2026-05-25T08:35:35.448Z ##

@menos @wabetainfo @mysk

This macOS bug made it easy to exfiltrate WhatsApp chats. If it was encrypted , you'd need more tricks to decrypt the data:

https://mysk.blog/2026/05/19/cve-2026-28910/

##

psylo@infosec.exchange at 2026-05-25T08:35:35.000Z ##

@menos @wabetainfo @mysk

This macOS bug made it easy to exfiltrate WhatsApp chats. If it was encrypted , you'd need more tricks to decrypt the data:

https://mysk.blog/2026/05/19/cve-2026-28910/

##

obivan@infosec.exchange at 2026-05-22T18:29:17.000Z ##

CVE-2026-28910: Breaking macOS App Sandbox Data Containers, TCC, and Hijacking Apps Using Archive Utility https://mysk.blog/2026/05/19/cve-2026-28910/

##

CVE-2026-1502
(0 None)

EPSS: 0.02%

updated 2026-05-10T21:16:28.247000

2 posts

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.

grahamperrin@bsd.cafe at 2026-05-22T00:06:34.000Z ##

RE: https://mastodon.social/@wollman/116615093350624840

@distrowatch @kaidenshi @brnrd

<https://vuxml.freebsd.org/freebsd/30bda1c3-369b-11f1-b51c-6dd25bec137b.html> for CVE-2026-1502, one of the five vulnerable ports is deprecated but not yet expired.

295200 – lang/python314: Update to 3.14.5 — <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295200>

285957 – lang/python312 as default python — <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285957>

Cc @dvl

##

wollman@mastodon.social at 2026-05-21T23:11:50.000Z ##

Really feels like @dvl and I are the only people who actually read our #FreeBSD package security alerts, given the apparent complete lack of urgency on the part of anyone else to fix the two-months-outstanding lang/python* CVEs like CVE-2026-1502.

##

CVE-2026-34474
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-07T15:15:06.770000

1 posts

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling authentication bypass and network compromise. Some firmware versions may expose only partial identifiers (e

1 repos

https://github.com/minanagehsalalma/cve-2026-34474-zte-h298a-h108n-sensitive-data-exposure

diker@mstdn.ca at 2026-05-23T20:59:54.000Z ##

CVE-2026-34474: Pre-auth #credential disclosure in #ZTE #H298A / #H108N via #ETHCheat...The short version: an ETHCheat branch returns credential-bearing #HTML before #authentication. The captured fields include the #admin #password, WLAN PSK, and ESSID, and a companion wizard #endpoint #exposes serial data.

#cybersecurity #cybersec #security #exploited

##

CVE-2026-4115
(3.7 LOW)

EPSS: 0.01%

updated 2026-04-30T18:33:16.693000

1 posts

A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verify of the file crypto/ecc-ssh.c of the component Ed25519 Signature Handler. The manipulation results in improper verification of cryptographic signature. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is told to be difficult. The exploit is now public and may

lunarloony@dosgame.club at 2026-05-22T20:02:07.000Z ##

@simontatham Oh, excellent! Now the patch management system I have at work will stop moaning about CVE-2026-4115.

##

CVE-2026-5140
(8.8 HIGH)

EPSS: 0.05%

updated 2026-04-29T15:30:39

2 posts

Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus allows Authentication Bypass. This issue affects Pardus: from <=0.6.4 before 0.8.0.

linux@activitypub.awakari.com at 2026-05-21T06:47:12.000Z ## Pardus Linux Vulnerability Chain Enables Complete System Takeover A critical local privilege escalation vulnerability chain tracked as CVE-2026–5140 has exposed serious security weaknesses in Par...

#Firewall #Daily #Cyber #News #Vulnerabilities #Vulnerability #News #CRLF #injection #flaw #CVE-2026–5140

Origin | Interest | Match ##

CVE-2026-3102
(6.3 MEDIUM)

EPSS: 0.07%

updated 2026-04-29T01:00:01.613000

1 posts

A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 13.

2 repos

https://github.com/HORKimhab/CVE-2026-3102

https://github.com/ErikDervishi03/CVE-2026-31024

obivan@infosec.exchange at 2026-05-21T20:54:31.000Z ##

How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102) https://securelist.com/exiftool-compromise-mac/119866/

##

CVE-2026-26928
(0 None)

EPSS: 0.01%

updated 2026-04-27T19:22:58.477000

4 posts

SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed by the vendor. The application doesn't verify hash or vendor's digital signature of uploaded DLL, SO, JN

avolha at 2026-05-25T13:53:46.789Z ##

Na CONFidence 2026 Michał kończy właśnie opowieść o krytycznych lukach, które umożliwiały zalogowanie się na konto dowolnego obywatela w wielu kluczowych systemach administracji publicznej, a @zaufanatrzeciastrona opublikowała przed chwilą cykl artykułów jego autorstwa, dokładnie wyjaśniający problem. Zdecydowanie polecam (zarwałam noc, żeby je na czas skorygować ;-))

👉 Zdalne wykonanie kodu w SzafirHost – [CVE-2026-26928] [Badanie e-podpisów, cz. 1] – https://zaufanatrzeciastrona.pl/post/zdalne-wykonanie-kodu-w-szafirhost-cve-2026-26928-badanie-e-podpisow-cz-1/
👉 Hakowanie e-Sądu YubiKeyem – [Badanie e-podpisów, cz. 2] – https://zaufanatrzeciastrona.pl/post/hakowanie-e-sadu-yubikeyem-badanie-e-podpisow-cz-2/
👉 Ominięcie uwierzytelniania w ZUS-ie i systemach e-Zdrowia, czyli o krok od cyberchaosu – [CVE-2026-9058] [Badanie e-podpisów, cz. 3] – https://zaufanatrzeciastrona.pl/post/ominiecie-uwierzytelniania-w-zus-ie-i-systemach-e-zdrowia-czyli-o-krok-od-cyberchaosu-cve-2026-9058-badanie-e-podpisow-cz-3/
👉 Podsumowanie: Krytyczna podatność umożliwiająca całkowite ominięcie logowania w ZUS-ie, e-Sądzie i systemach e-Zdrowia – https://zaufanatrzeciastrona.pl/post/podsumowanie-krytyczna-podatnosc-umozliwiajaca-calkowite-ominiecie-logowania-w-zus-ie-e-sadzie-i-systemach-e-zdrowia/

#cyberbezpieczenstwo #cybersecurity #confidence

##

zaufanatrzeciastrona at 2026-05-25T13:34:30.194Z ##

Michał odkrył sposób na logowanie jako dowolny użytkownik do eZUS-u, E-Sądu, eZdrowia i innych rządowych systemów. Poczytajcie, bo to najgrubsze odkrycie tego roku w PL
1. https://zaufanatrzeciastrona.pl/post/zdalne-wykonanie-kodu-w-szafirhost-cve-2026-26928-badanie-e-podpisow-cz-1/
2. https://zaufanatrzeciastrona.pl/post/hakowanie-e-sadu-yubikeyem-badanie-e-podpisow-cz-2/
3. https://zaufanatrzeciastrona.pl/post/ominiecie-uwierzytelniania-w-zus-ie-i-systemach-e-zdrowia-czyli-o-krok-od-cyberchaosu-cve-2026-9058-badanie-e-podpisow-cz-3/
4. https://zaufanatrzeciastrona.pl/post/podsumowanie-krytyczna-podatnosc-umozliwiajaca-calkowite-ominiecie-logowania-w-zus-ie-e-sadzie-i-systemach-e-zdrowia/

##

avolha@infosec.exchange at 2026-05-25T13:53:46.000Z ##

Na CONFidence 2026 Michał kończy właśnie opowieść o krytycznych lukach, które umożliwiały zalogowanie się na konto dowolnego obywatela w wielu kluczowych systemach administracji publicznej, a @zaufanatrzeciastrona opublikowała przed chwilą cykl artykułów jego autorstwa, dokładnie wyjaśniający problem. Zdecydowanie polecam (zarwałam noc, żeby je na czas skorygować ;-))

👉 Zdalne wykonanie kodu w SzafirHost – [CVE-2026-26928] [Badanie e-podpisów, cz. 1] – https://zaufanatrzeciastrona.pl/post/zdalne-wykonanie-kodu-w-szafirhost-cve-2026-26928-badanie-e-podpisow-cz-1/
👉 Hakowanie e-Sądu YubiKeyem – [Badanie e-podpisów, cz. 2] – https://zaufanatrzeciastrona.pl/post/hakowanie-e-sadu-yubikeyem-badanie-e-podpisow-cz-2/
👉 Ominięcie uwierzytelniania w ZUS-ie i systemach e-Zdrowia, czyli o krok od cyberchaosu – [CVE-2026-9058] [Badanie e-podpisów, cz. 3] – https://zaufanatrzeciastrona.pl/post/ominiecie-uwierzytelniania-w-zus-ie-i-systemach-e-zdrowia-czyli-o-krok-od-cyberchaosu-cve-2026-9058-badanie-e-podpisow-cz-3/
👉 Podsumowanie: Krytyczna podatność umożliwiająca całkowite ominięcie logowania w ZUS-ie, e-Sądzie i systemach e-Zdrowia – https://zaufanatrzeciastrona.pl/post/podsumowanie-krytyczna-podatnosc-umozliwiajaca-calkowite-ominiecie-logowania-w-zus-ie-e-sadzie-i-systemach-e-zdrowia/

#cyberbezpieczenstwo #cybersecurity #confidence

##

zaufanatrzeciastrona@infosec.exchange at 2026-05-25T13:34:30.000Z ##

Michał odkrył sposób na logowanie jako dowolny użytkownik do eZUS-u, E-Sądu, eZdrowia i innych rządowych systemów. Poczytajcie, bo to najgrubsze odkrycie tego roku w PL
1. https://zaufanatrzeciastrona.pl/post/zdalne-wykonanie-kodu-w-szafirhost-cve-2026-26928-badanie-e-podpisow-cz-1/
2. https://zaufanatrzeciastrona.pl/post/hakowanie-e-sadu-yubikeyem-badanie-e-podpisow-cz-2/
3. https://zaufanatrzeciastrona.pl/post/ominiecie-uwierzytelniania-w-zus-ie-i-systemach-e-zdrowia-czyli-o-krok-od-cyberchaosu-cve-2026-9058-badanie-e-podpisow-cz-3/
4. https://zaufanatrzeciastrona.pl/post/podsumowanie-krytyczna-podatnosc-umozliwiajaca-calkowite-ominiecie-logowania-w-zus-ie-e-sadzie-i-systemach-e-zdrowia/

##

CVE-2013-0422
(9.8 CRITICAL)

EPSS: 93.61%

updated 2026-04-21T19:02:35.430000

1 posts

Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a securit

kev_Stalker@infosec.exchange at 2026-05-21T19:33:19.000Z ##

CVE-2013-0422 - Changed to Known Ransomware Status

Oracle JRE Remote Code Execution VulnerabilityVendor: OracleProduct: Java Runtime Environment (JRE)A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands on a vulnerable system.Status changed from Unknown to Known for ransomware campaign usage.Flip detected on: May 21, 2026 at 18:00:35 UTCDate Added to KEV: 2022-05-25View CVE https://nvd.nist.gov/vuln/detail/CVE-2013-0422

##

CVE-2026-5426
(7.5 HIGH)

EPSS: 0.08%

updated 2026-04-18T04:16:25.243000

1 posts

https://insicurezzadigitale.com/patchato-non-significa-protetto-attaccanti-bypassano-lmfa-sui-vpn-sonicwall-gen6-e-raggiungono-i-file-server-in-30-minuti/

##

CVE-2026-26980
(9.4 CRITICAL)

EPSS: 63.49%

updated 2026-02-20T19:22:53.637000

10 posts

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Nuclei template

3 repos

https://github.com/Kulik-Labs-Development/Ghost-CMS-Code-Injection-Audit-CVE-2026-26980

https://github.com/vognik/CVE-2026-26980

https://github.com/dinosn/ghost-cve-2026-26980

Analyst207@mastodon.social at 2026-05-25T12:20:12.000Z ##

Ghost CMS Flaw Exploited to Hijack Over 700 Sites in ClickFix Attacks

Over 700 websites were hijacked in a massive campaign that exploited a critical Ghost CMS vulnerability, turning legitimate pages into gateways for Windows malware. This alarming attack was made possible by CVE-2026-26980, an SQL injection flaw with a near-perfect CVSS score of 9.4.

https://osintsights.com/ghost-cms-flaw-exploited-to-hijack-over-700-sites-in-clickfix-attacks?utm_source=mastodon&utm_medium=social

#GhostCms #Cve202626980 #SqlInjection #Clickfix #WindowsMalware

##

beyondmachines1 at 2026-05-25T11:01:07.545Z ##

Ghost CMS SQL Injection Flaw Exploited in Global ClickFix Malware Campaign

A critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) is being exploited to steal administrative keys and inject malicious 'ClickFix' scripts into over 700 websites. The campaign targets high-profile domains to deliver malware by tricking visitors into running malicious commands in their system terminal.

**If you run a Ghost CMS site, this is urgent. Check your version and update to version 6.19.1 or later. Then rotate all API keys and staff passwords since any credentials from before the patch may already be compromised. Also review your published articles for unauthorized scripts and check API logs for signs of suspicious activity.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ghost-cms-sql-injection-flaw-exploited-in-global-clickfix-malware-campaign-d-m-c-f-3/gD2P6Ple2L

##

sayzard@mastodon.sayzard.org at 2026-05-25T06:42:59.000Z ##

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

Ghost CMS의 CVE-2026-26980 SQL 인젝션 취약점이 대규모 ClickFix 캠페인에서 악용되어, 공격자가 관리자 API 키를 탈취하고 악성 자바스크립트를 삽입해 방문자를 속이는 공격이 발생했다. 주요 대학과 AI/SaaS 기업 등 700개 이상의 도메인이 영향을 받았으며, 취약점은 6.19.1 버전에서 패치되었으나 많은 사이트가 업데이트하지 않아 피해가 확산되었다. 관리자들은 즉시 최신 버전으로 업그레이드하고 키를 교체하며...

https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/

##

teezeh@ieji.de at 2026-05-25T06:23:57.000Z ##

"A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.

The campaign was discovered by XLab threat intelligence researchers at Chinese cybersecurity company Qianxin, who confirmed impact on more than 700 domains, including university portals, AI/SaaS companies, media outlets, fintech firms, security sites, and personal blogs.

According to the researchers, threat actors planted malicious code on the websites of Harvard University, Oxford University, Auburn University, and DuckDuckGo."

https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/

##

beyondmachines1@infosec.exchange at 2026-05-25T11:01:07.000Z ##

Ghost CMS SQL Injection Flaw Exploited in Global ClickFix Malware Campaign

A critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) is being exploited to steal administrative keys and inject malicious 'ClickFix' scripts into over 700 websites. The campaign targets high-profile domains to deliver malware by tricking visitors into running malicious commands in their system terminal.

**If you run a Ghost CMS site, this is urgent. Check your version and update to version 6.19.1 or later. Then rotate all API keys and staff passwords since any credentials from before the patch may already be compromised. Also review your published articles for unauthorized scripts and check API logs for signs of suspicious activity.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ghost-cms-sql-injection-flaw-exploited-in-global-clickfix-malware-campaign-d-m-c-f-3/gD2P6Ple2L

##

teezeh@ieji.de at 2026-05-25T06:23:57.000Z ##

"A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.

The campaign was discovered by XLab threat intelligence researchers at Chinese cybersecurity company Qianxin, who confirmed impact on more than 700 domains, including university portals, AI/SaaS companies, media outlets, fintech firms, security sites, and personal blogs.

According to the researchers, threat actors planted malicious code on the websites of Harvard University, Oxford University, Auburn University, and DuckDuckGo."

https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/

##

oversecurity@mastodon.social at 2026-05-24T15:10:43.000Z ##

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that...

🔗️ [Bleepingcomputer] https://link.is.it/2YwlcW

##

VirusBulletin@infosec.exchange at 2026-05-22T09:08:47.000Z ##

XLab researchers show how threat actors exploited CVE-2026-26980 to compromise Ghost CMS, causing numerous websites to become accomplices in ClickFix attacks. https://blog.xlab.qianxin.com/ghost-cms-page-poisoning-cve-2026-26980/

##

thenexusofprivacy@infosec.exchange at 2026-05-21T18:54:23.000Z ##

Thanks again! Yeah the read access from the SQL injection allowed exfiltration of admin API keys at which point game over. I don't see any malicious themes or changes to the theme file ... instead it seems like it was the vulnerability descried in https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/ (which I don't think had been published yet when I was doing the cleanup, or at least I didn't find it in my searching). Basically the hack edited every posts to put in a script in the "codeinjection_footer" field that brings the payload in from a malware site.

There aren't any obvious signs of LPE exploitation but who knows ... another good argument for spinning up a new instance.

@mildsunrise @JadedBlueEyes @thenexusofprivacy@gotosocial.thenexus.today

##

campuscodi@mastodon.social at 2026-05-21T18:06:48.000Z ##

A hacking campaign is planting FakeCaptcha pages and malware on websites built with the Ghost CMS.

The attacks began this month and are exploiting a vulnerability disclosed in February

https://blog.xlab.qianxin.com/ghost-cms-mass-compromised-via-cve-2026-26980-now-fueling-clickfix-attacks/

##

CVE-2019-15107
(9.8 CRITICAL)

EPSS: 94.46%

updated 2025-11-06T16:50:47.130000

1 posts

An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.

Nuclei template

44 repos

https://github.com/ketlerd/CVE-2019-15107

https://github.com/D4rkScare/CVE-2019-15107

https://github.com/n0obit4/Webmin_1.890-POC

https://github.com/K3ysTr0K3R/CVE-2019-15107-EXPLOIT

https://github.com/whokilleddb/CVE-2019-15107

https://github.com/g1vi/CVE-2019-15107

https://github.com/kh4sh3i/Webmin-CVE

https://github.com/CyberTuz/CVE-2019-15107_detection

https://github.com/cdedmondson/Modified-CVE-2019-15107

https://github.com/Mattb709/CVE-2019-15107-Scanner

https://github.com/0x4r2/Webmin-CVE-2019-15107

https://github.com/Mattb709/CVE-2019-15107-Webmin-RCE-PoC

https://github.com/MasterCode112/CVE-2019-15107

https://github.com/squid22/Webmin_CVE-2019-15107

https://github.com/diegojuan/CVE-2019-15107

https://github.com/Rayferrufino/Make-and-Break

https://github.com/HACHp1/webmin_docker_and_exp

https://github.com/g0db0x/CVE_2019_15107

https://github.com/aamfrk/Webmin-CVE-2019-15107

https://github.com/viglia/cve-2019-15107

https://github.com/AdministratorGithub/CVE-2019-15107

https://github.com/jas502n/CVE-2019-15107

https://github.com/MuirlandOracle/CVE-2019-15107

https://github.com/h4ck0rman/CVE-2019-15107

https://github.com/wenruoya/CVE-2019-15107

https://github.com/ianxtianxt/CVE-2019-15107

https://github.com/bayazid-bit/CVE-2019-15107

https://github.com/merlin-ke/CVE_2019_15107

https://github.com/hadrian3689/webmin_1.920

https://github.com/ArtemCyberLab/Project-Exploitation-of-Webmin-Authentication-Vulnerability

https://github.com/psw01/CVE-2019-15107_webminRCE

https://github.com/hannob/webminex

https://github.com/ch4ko/webmin_CVE-2019-15107

https://github.com/adampawelczyk/cve-2019-15107

https://github.com/gozn/detect-CVE-2019-15107-by-pyshark

https://github.com/ruthvikvegunta/CVE-2019-15107

https://github.com/darrenmartyn/CVE-2019-15107

https://github.com/EdouardosStav/CVE-2019-15107-RCE-WebMin

https://github.com/f0rkr/CVE-2019-15107

https://github.com/olingo99/CVE-2019-15107

https://github.com/hacknotes/CVE-2019-15107-Exploit

https://github.com/TheAlpha19/MiniExploit

https://github.com/AleWong/WebminRCE-EXP-CVE-2019-15107-

https://github.com/NasrallahBaadi/CVE-2019-15107

kev_Stalker@infosec.exchange at 2026-05-22T20:53:16.000Z ##

CVE-2019-15107 - Changed to Known Ransomware Status

Webmin Command Injection VulnerabilityVendor: WebminProduct: WebminAn issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.Status changed from Unknown to Known for ransomware campaign usage.Flip detected on: May 22, 2026 at 19:00:35 UTCDate Added to KEV: 2022-03-25View CVE Details

https://nvd.nist.gov/vuln/detail/CVE-2019-15107

#Ransomware #Webmin

##

CVE-2018-0802
(7.8 HIGH)

EPSS: 93.89%

updated 2025-10-22T00:31:30

1 posts

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

7 repos

https://github.com/Palvinder-Singh/PS_CVE2018-0802

https://github.com/rxwx/CVE-2018-0802

https://github.com/zldww2011/CVE-2018-0802_POC

https://github.com/Abdibimantara/Maldoc-Analysis

https://github.com/roninAPT/CVE-2018-0802

https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882

https://github.com/Ridter/RTF_11882_0802

technadu@infosec.exchange at 2026-05-22T15:19:51.000Z ##

Cloud Atlas APT campaigns targeting Russia & Belarus are leveraging phishing, CVE-2018-0802, SSH tunnels, and a new “PowerCloud” tool that exfiltrates data into Google Sheets.

https://www.technadu.com/cloud-atlas-apt-targets-russia-and-belarus-government-and-diplomatic-entities-with-powercloud-tool/628312/

#CyberSecurity #ThreatIntel #APT #InfoSec #Malware

##

CVE-2025-23256
(8.7 HIGH)

EPSS: 0.02%

updated 2025-09-05T18:31:19

1 posts

NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.

hugovalters@mastodon.social at 2026-05-22T18:05:42.000Z ##

CVE-2025-23256 - High severity info disclosure in Nvidia BlueField. Local access allows config tampering, DoS, privilege escalation. CVSS 8.7. No patch yet. Monitor for updates. #CVE #Nvidia #infosec

https://www.valtersit.com/cve/CVE-2025-23256/

##

CVE-2025-8853
(9.8 CRITICAL)

EPSS: 0.41%

updated 2025-08-11T09:30:44

2 posts

Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to obtain any user's connection token and use it to log into the system as that user.

hugovalters@mastodon.social at 2026-05-24T23:01:37.000Z ##

CVE-2025-8853 - Critical Authentication Bypass in 2100 technology Document Management System. Unauthenticated attackers can steal user tokens and log in as any user. CVSS 9.8. No patch available. Isolate affected systems immediately. #CVE #infosec #cybersecurity

https://www.valtersit.com/cve/CVE-2025-8853/

##

hugovalters@mastodon.social at 2026-05-24T23:01:37.000Z ##

CVE-2025-8853 - Critical Authentication Bypass in 2100 technology Document Management System. Unauthenticated attackers can steal user tokens and log in as any user. CVSS 9.8. No patch available. Isolate affected systems immediately. #CVE #infosec #cybersecurity

https://www.valtersit.com/cve/CVE-2025-8853/

##

CVE-2021-35036
(6.5 MEDIUM)

EPSS: 0.15%

updated 2024-11-21T06:11:43.343000

1 posts

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.

1 repos

https://github.com/minanagehsalalma/zyxel-cve-2021-35036-super-admin-password-leak

_r_netsec@infosec.exchange at 2026-05-22T14:43:05.000Z ##

Zyxel low-priv account leaked super-admin, FTPS, and TR-069 secrets across router fleets https://minanagehsalalma.github.io/zyxel-cve-2021-35036-super-admin-password-leak/

##

CVE-2021-21735
(6.5 MEDIUM)

EPSS: 0.15%

updated 2024-11-21T05:48:54.387000

2 posts

A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE.

1 repos

https://github.com/minanagehsalalma/cve-2021-21735-zte-zxhn-h168n-admin-compromise

_r_netsec at 2026-05-25T14:58:05.434Z ##

CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth https://minanagehsalalma.github.io/cve-2021-21735-zte-zxhn-h168n-admin-compromise/

##

_r_netsec@infosec.exchange at 2026-05-25T14:58:05.000Z ##

CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth https://minanagehsalalma.github.io/cve-2021-21735-zte-zxhn-h168n-admin-compromise/

##

##

6 posts

N/A

1 repos

https://github.com/suominen/CVE-2026-9256

undercodenews@mastodon.social at 2026-05-25T05:26:56.000Z ##

NGINX “Poolslip” Vulnerability Exposes Critical Remote Code Execution Risk Across F5 Ecosystem

Introduction A newly disclosed security vulnerability affecting NGINX has raised major concerns across the cybersecurity industry after researchers demonstrated a sophisticated attack capable of bypassing modern memory protections and potentially achieving remote code execution. The flaw, tracked as CVE-2026-9256 and internally identified as F5 ID 161 (NGINX), impacts both…

https://undercodenews.com/nginx-poolslip-vulnerability-exposes-critical-remote-code-execution-risk-across-f5-ecosystem/?utm_source=mastodon&utm_medium=jetpack_social

##

beyondmachines1@infosec.exchange at 2026-05-24T08:01:06.000Z ##

Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks

NGINX has disclosed a critical heap buffer overflow vulnerability (CVE-2026-9256) in its rewrite module that allows unauthenticated attackers to cause denial-of-service or execute arbitrary code. The flaw, known as nginx-poolslip, affects both Open Source and Plus versions and requires immediate patching or configuration changes.

**If you're running NGINX (Open Source or Plus), upgrade immediately to a patched version (1.30.2, 1.31.1, NGINX Plus R36 P5, R32 P7, or R37.0.1.1). If you can't patch right away, edit your config files to replace unnamed numeric capture groups (like $1, $2) in rewrite directives with named captures (like $user_id) as a temporary workaround.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/nginx-poolslip-vulnerability-enables-dos-and-code-execution-attacks-c-4-k-x-4/gD2P6Ple2L

##

e_nomem@hachyderm.io at 2026-05-23T05:46:08.000Z ##

@jerry Looks like there was a new release of nginx earlier today to address the unpatched RCE (CVE-2026-9256)

##

jschauma@mstdn.social at 2026-05-22T23:36:22.000Z ##

The previous announced sibling vulnerability to "nginx rift" has been fixed by F5 and has been assigned CVE-2026-9256):

https://my.f5.com/manage/s/article/K000161377

This was previously called "nginx-poolslip" (https://nitter.net/nebusecurity/status/2057071579876753643) and is a DoS with possible RCE ("if the attacker can bypass ASLR" - not sure how?), using a similar regex capture vector.

Wouldn't be surprised if this is the new norm: one vuln lands, everybody points their AI at that attack vector and discovers sibling vulns.

##

cR0w@infosec.exchange at 2026-05-22T20:00:38.000Z ##

Another vuln in NGINX rewriting. Looks pretty similar to the last one. Requires ASLR bypass or disabled for RCE.

https://my.f5.com/manage/s/article/K000161377

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression (PCRE) captures (for example, ^/((.*))$) and a replacement string that references multiple such captures (for example, $1$2) in a redirect or arguments context. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. (CVE-2026-9256)

EPSS: 0.00%

1 posts

N/A

generalx@freeradical.zone at 2026-05-24T15:19:11.000Z ##

The attribution for Mastodon's CVE-2026-46349 (CVSS 5.3, retracted boost reissuance) is interestingly reported as:

1 posts

N/A

sigdevel@infosec.exchange at 2026-05-23T15:20:17.000Z ##

Security Advisory: CVE-2025-70116 - NULL Pointer Dereference in GPAC MP4Box

A NULL pointer dereference vulnerability was identified in GPAC MP4Box when processing certain malformed or truncated MP4 files.

Summary:
When MP4Box parses a specially crafted damaged MP4 file, an invalid or incomplete stsd entry may result in missing descriptor data. In the affected code path, gf_media_map_esd() in src/media_tools/isom_tools.c may dereference a NULL pointer, leading to a crash.

Affected component:
src/media_tools/isom_tools.c
Function: gf_media_map_esd()

Affected product:
GPAC MP4Box

Affected version:
The issue was reproduced on GPAC version 2.5-DEV-rev1815-g261ffdd13-master / MP4Box commit 261ffdd135eee8f646eb9326a43438b32a7ad3a1.

Attack conditions:
Exploitation requires local access or another way to make the vulnerable MP4Box instance process a malformed or truncated MP4 file. The issue is triggered during local processing of the crafted media file.

Impact:
Successful exploitation causes a segmentation fault and terminates the MP4Box process, resulting in a local denial of service (DoS). No evidence of code execution has been identified.

CWE:
CWE-476 - NULL Pointer Dereference

Fixed version:
The issue has been fixed in GPAC commit 56d21ea812fd5ba83e6c01777273de4903786fe4. Users are advised to update to a GPAC build that includes this commit or apply the patch manually.

References:
Issue: https://github.com/gpac/gpac/issues/3345
PoC: https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/68/68_gf_media_map_esd_media_tools_isom_tools_c_1364
Fix: https://github.com/gpac/gpac/commit/56d21ea812fd5ba83e6c01777273de4903786fe4

Credits:
@sigdevel

##

CVE-2026-40411
(0 None)

🚨 CRITICAL: CVE-2026-41090 in Microsoft 365 Copilot for iOS allows remote command injection (CVSS 9.3). Affects cloud service; fix is live server-side. Ensure your org is covered — see https://radar.offseq.com/threat/cve-2026-41090-cwe-77-improper-neutralization-of-s-c8e983a4 #OffSeq #Microsoft #CVE202641090 #infosec

##

CVE-2026-33843
(0 None)

EPSS: 0.05%

2 posts

N/A

offseq@infosec.exchange at 2026-05-23T09:30:25.000Z ##

⚠️ CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) enables remote authentication bypass & privilege escalation. Patch released by Microsoft — confirm your cloud environment is updated. Details: https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #Security #CVE202633843

##

offseq@infosec.exchange at 2026-05-23T03:00:24.000Z ##

🚨 CRITICAL: CVE-2026-33843 in Microsoft Entra (Azure AD B2C) allows remote auth bypass (CVSS 9.1). Patch released — Microsoft manages remediation. No known exploits. Check advisory & verify your cloud config. https://radar.offseq.com/threat/cve-2026-33843-cwe-288-authentication-bypass-using-57b6f0a6 #OffSeq #AzureAD #CloudSecurity #CVE202633843

##

CVE-2026-46300
(0 None)

EPSS: 0.05%

1 posts

N/A

8 repos

https://github.com/Koshmare-Blossom/Fragnesia-go

https://github.com/Sentebale/CVE-2026-46300

https://github.com/0xBlackash/CVE-2026-46300

https://github.com/HORKimhab/CVE-2026-46300

https://github.com/infiniroot/ansible-mitigate-copyfail-dirtyfrag

https://github.com/ExploitEoom/CVE-2026-46300

https://github.com/Maxime288/Fragnesia-CVE-2026-46300

https://github.com/First-John/cve_2026_frag_family_fix

funz@systemli.social at 2026-05-23T08:43:35.000Z ##

Has anybody an explanation why this time it takes longer to patch the kernel for fragnesia esp. for bookworm and trixie in debian?
I get that sid is patched first because it's unstable

https://security-tracker.debian.org/tracker/CVE-2026-46300

It's NOT a complaint but getting to know the processes.
Thanks!
e: and a huge thanks to the people maintaining debian and the other distributions ❤️

#linux #debian #bookworm #trixie #fragnesia

##

CVE-2026-42901
(0 None)

EPSS: 0.03%

2 posts

N/A

offseq@infosec.exchange at 2026-05-23T06:30:25.000Z ##

🚨 CRITICAL: CVE-2026-42901 in Microsoft Entra (CWE-346) enables remote privilege escalation via origin validation error. Immediate patching is essential — official fix available: https://radar.offseq.com/threat/cve-2026-42901-cwe-346-origin-validation-error-in--0744f928 #OffSeq #Microsoft #Vuln #CVSS10 #Security

##

offseq@infosec.exchange at 2026-05-23T00:00:35.000Z ##

⚠️ CRITICAL: CVE-2026-42901 in Microsoft Entra (CVSS 10) enables remote privilege escalation via origin validation error. Patch now to prevent full system compromise! Fix: https://radar.offseq.com/threat/cve-2026-42901-cwe-346-origin-validation-error-in--0744f928 #OffSeq #MicrosoftEntra #Vulnerability #Cybersecurity

##

CVE-2026-25262
(0 None)

EPSS: 0.00%

1 posts

N/A

GrantJoseph@mastodon.social at 2026-05-23T05:05:14.000Z ##

@GrapheneOS are any supported Pixel devices vulnerable to the new Qualcomm boot ROM vulnerability? I've found confusing information on the use of Qualcomm components. https://www.kaspersky.com/blog/qualcomm-cve-2026-25262/55811/

##

CVE-2026-46529
(0 None)

EPSS: 0.00%

1 posts

N/A

1 repos

https://github.com/N1et/CVE-2026-46529

lobsters@mastodon.social at 2026-05-22T22:20:12.000Z ##

[oss-security] Evince/Atril/Xreader command injection CVE-2026-46529 https://lobste.rs/s/rlpzut #linux #security
https://lwn.net/ml/all/ce81312b-99e1-4305-a816-e74b2bd1ffd5@app.fastmail.com/

##

CVE-2026-8992
(0 None)

EPSS: 0.12%

1 posts

N/A

nyanbinary@infosec.exchange at 2026-05-22T15:29:20.000Z ##

https://www.cve.org/CVERecord?id=CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

OwO

Signed my separation agreement today, here is hoping the next shop doesnt have me deal with Ivanti..

##

CVE-2026-25606
(0 None)

CVE-2026-9011(7.5 HIGH)

EPSS: 0.03%

CVE-2026-9018(8.8 HIGH)

EPSS: 0.03%

CVE-2026-4834(7.5 HIGH)

EPSS: 0.06%

CVE-2026-34908(10.0 CRITICAL)

EPSS: 0.01%

CVE-2026-45250(7.8 HIGH)

EPSS: 0.01%

CVE-2026-9264(0 None)

EPSS: 0.02%

CVE-2026-34911(7.7 HIGH)

EPSS: 0.01%

CVE-2026-34910(10.0 CRITICAL)

EPSS: 0.08%

CVE-2026-34909(10.0 CRITICAL)

EPSS: 0.02%

CVE-2026-33000(9.1 CRITICAL)

EPSS: 0.05%

CVE-2026-6960(9.8 CRITICAL)

EPSS: 0.15%

CVE-2026-46473(7.5 HIGH)

EPSS: 0.01%

CVE-2026-47102(8.8 HIGH)

EPSS: 0.05%

CVE-2026-47101(8.8 HIGH)

EPSS: 0.05%

CVE-2026-47114(8.8 HIGH)

EPSS: 0.16%

CVE-2026-34926(6.7 MEDIUM)

EPSS: 0.19%

CVE-2025-34291(8.8 HIGH)

EPSS: 31.85%

CVE-2026-24217(8.8 HIGH)

EPSS: 0.08%

CVE-2026-41035(7.4 HIGH)

EPSS: 0.03%

CVE-2026-48207(9.8 CRITICAL)

EPSS: 0.04%

CVE-2026-9089(8.8 HIGH)

EPSS: 0.00%

CVE-2026-48241(8.1 HIGH)

EPSS: 0.05%

CVE-2026-48235(8.2 HIGH)

EPSS: 0.03%

CVE-2026-48242(8.1 HIGH)

EPSS: 0.04%

CVE-2026-45251(7.8 HIGH)

EPSS: 0.01%

CVE-2026-45253(8.4 HIGH)

EPSS: 0.01%

CVE-2026-45255(7.5 HIGH)

EPSS: 0.01%

CVE-2026-8632(7.8 HIGH)

EPSS: 0.01%

CVE-2026-8631(9.8 CRITICAL)

EPSS: 0.02%

CVE-2026-43494(CVSS UNKNOWN)

EPSS: 0.03%

CVE-2026-44925(8.8 HIGH)

EPSS: 0.00%

CVE-2026-47373(7.5 HIGH)

EPSS: 0.03%

CVE-2026-47372(9.1 CRITICAL)

EPSS: 0.01%

CVE-2026-2740(8.4 HIGH)

EPSS: 1.25%

CVE-2026-24218(8.1 HIGH)

EPSS: 0.02%

CVE-2025-13479(7.5 HIGH)

EPSS: 0.03%

CVE-2026-9082(6.5 MEDIUM)

EPSS: 12.57%

CVE-2026-9102(0 None)

EPSS: 0.48%

CVE-2026-9157(8.4 HIGH)

EPSS: 0.02%

CVE-2026-44052(7.5 HIGH)

EPSS: 0.03%

CVE-2026-9011
(7.5 HIGH)

CVE-2026-9018
(8.8 HIGH)

CVE-2026-4834
(7.5 HIGH)

CVE-2026-34908
(10.0 CRITICAL)

CVE-2026-45250
(7.8 HIGH)

CVE-2026-9264
(0 None)

CVE-2026-34911
(7.7 HIGH)

CVE-2026-34910
(10.0 CRITICAL)

CVE-2026-34909
(10.0 CRITICAL)

CVE-2026-33000
(9.1 CRITICAL)

CVE-2026-6960
(9.8 CRITICAL)

CVE-2026-46473
(7.5 HIGH)

CVE-2026-47102
(8.8 HIGH)

CVE-2026-47101
(8.8 HIGH)

CVE-2026-47114
(8.8 HIGH)

CVE-2026-34926
(6.7 MEDIUM)

CVE-2025-34291
(8.8 HIGH)

CVE-2026-24217
(8.8 HIGH)

CVE-2026-41035
(7.4 HIGH)

CVE-2026-48207
(9.8 CRITICAL)

CVE-2026-9089
(8.8 HIGH)

CVE-2026-48241
(8.1 HIGH)

CVE-2026-48235
(8.2 HIGH)

CVE-2026-48242
(8.1 HIGH)

CVE-2026-45251
(7.8 HIGH)

CVE-2026-45253
(8.4 HIGH)

CVE-2026-45255
(7.5 HIGH)

CVE-2026-8632
(7.8 HIGH)

CVE-2026-8631
(9.8 CRITICAL)

CVE-2026-44925
(8.8 HIGH)

CVE-2026-47373
(7.5 HIGH)

CVE-2026-47372
(9.1 CRITICAL)

CVE-2026-2740
(8.4 HIGH)

CVE-2026-24218
(8.1 HIGH)

CVE-2025-13479
(7.5 HIGH)

CVE-2026-9082
(6.5 MEDIUM)

CVE-2026-9102
(0 None)

CVE-2026-9157
(8.4 HIGH)

CVE-2026-44052
(7.5 HIGH)

CVE-2026-44051
(8.1 HIGH)

CVE-2026-44050
(9.9 CRITICAL)

CVE-2026-44049
(7.5 HIGH)

CVE-2026-44048
(8.8 HIGH)

CVE-2026-44062
(7.5 HIGH)

CVE-2026-44055
(7.5 HIGH)

CVE-2026-5118
(9.8 CRITICAL)

CVE-2025-71217
(7.8 HIGH)

CVE-2025-71216
(7.8 HIGH)

CVE-2025-71214
(7.8 HIGH)

CVE-2025-71211
(9.8 CRITICAL)

CVE-2025-71213
(7.8 HIGH)

CVE-2025-71212
(7.8 HIGH)

CVE-2025-71210
(9.8 CRITICAL)

CVE-2026-34930
(7.8 HIGH)

CVE-2026-34927
(7.8 HIGH)

CVE-2026-34929
(7.8 HIGH)

CVE-2026-34928
(7.8 HIGH)

CVE-2026-45207
(7.8 HIGH)

CVE-2026-45206
(7.8 HIGH)

CVE-2026-45208
(7.8 HIGH)

CVE-2026-46333
(7.1 HIGH)

CVE-2026-5433
(9.1 CRITICAL)

CVE-2026-44068
(7.6 HIGH)

CVE-2026-44060
(7.5 HIGH)

CVE-2026-44047
(8.8 HIGH)

CVE-2026-42960
(10.0 CRITICAL)

CVE-2026-42959
(7.5 HIGH)

CVE-2026-42944
(7.5 HIGH)

CVE-2026-41292
(7.5 HIGH)

CVE-2026-33278
(9.8 CRITICAL)

CVE-2026-44926
(8.8 HIGH)

CVE-2026-41091
(7.8 HIGH)

CVE-2026-45498
(4.0 MEDIUM)