Tag: cve
-
Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability
Tags: access, ai, attack, browser, cisa, cloud, container, crypto, cve, cybersecurity, data, exploit, flaw, infrastructure, kev, linux, mitigation, ransomware, risk, tool, update, vulnerabilityA flaw in the Linux kernel present since 2017 allows a local user to gain root access on virtually every major Linux distribution. A public exploit is available and reported to work reliably. Key Takeaways CVE-2026-31431 is a high severity local privilege escalation vulnerability in the Linux kernel reportedly affecting virtually every major distribution released…
-
Linux Kernel Flaw ‘Copy Fail’ Exposes Widespread Privilege Escalation Risk
A newly disclosed Linux kernel vulnerability is exposing a pathway for unprivileged users to gain full admin control on a wide range of systems. The flaw, identified as CVE-2026-31431 and dubbed Copy Fail, affects nearly all major Linux distros released over the past eight years. The issue stems from a logic error in the kernel’s..…
-
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-cpanel-and-whm-bug-exploited-as-a-zero-day-poc-now-available/
-
PoC Disclosed for Critical Root ASUSTOR ADM RCE Flaw
A critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP VPN Client feature. Carrying a CVSS v4.0 score of 9.4, this OS command injection vulnerability allows an authenticated administrator to execute arbitrary commands with root privileges. ASUSTOR has since addressed the…
-
Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release
A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers to bypass cPanel and WHM login mechanisms, granting them full administrative control over servers. The vulnerability stems from a Carriage Return Line Feed (CRLF) injection flaw within the application’s session…
-
Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release
A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers to bypass cPanel and WHM login mechanisms, granting them full administrative control over servers. The vulnerability stems from a Carriage Return Line Feed (CRLF) injection flaw within the application’s session…
-
New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root.The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori.”An unprivileged local user can write four controlled bytes into the page cache of any readable…
-
ProFTPD SQL Injection Flaw Opens Door To Remote Code Execution Attacks
A newly disclosed flaw in ProFTPD is drawing urgent attention because it can let attackers move from a simple SQL injection bug to authentication bypass, privilege escalation, and in some environments even remote code execution. Tracked as CVE-2026-42167, the issue was found in ProFTPD’s mod_sql extension by ZeroPath Research, and MITRE assigned it a CVSS…
-
EUVD-2026-24742 / CVE-2026-41651 – Telekom entdeckt 12 Jahre alte Linux-Root-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/pack2theroot-root-exploit-packagekit-cve-2026-41651-a-fe528109a86253ae2b0a7c51fe970808/
-
Coming Soon: AI-Scan OpenClaw Ecosystem Security Scanning Capabilities
As the OpenClaw ecosystem continues to surge in popularity, more customers are deploying and utilizing these AI agents on a large scale. However, this growth has brought significant security challenges to the forefront, including over 33 documented CVE vulnerabilities, 288+ GHSA security advisories, the rise in malicious Skills, and frequent memory poisoning attacks. The NSFOCUSLLM……
-
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure
Attackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM Python package, tracked as CVE-2026-42208, just days after it became public. The vulnerability, an SQL injection in the proxy API key verification process, lets attackers access and potentially modify database…
-
CISA Warns of ConnectWise ScreenConnect Flaw Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in ConnectWise ScreenConnect. CVE-2024-1708 is currently being exploited in real-world attacks. Because of this active threat, CISA officially added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on April 28, 2026. This addition serves as a major…
-
CISA Warns of ConnectWise ScreenConnect Flaw Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in ConnectWise ScreenConnect. CVE-2024-1708 is currently being exploited in real-world attacks. Because of this active threat, CISA officially added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on April 28, 2026. This addition serves as a major…
-
CISA Warns of ConnectWise ScreenConnect Flaw Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in ConnectWise ScreenConnect. CVE-2024-1708 is currently being exploited in real-world attacks. Because of this active threat, CISA officially added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on April 28, 2026. This addition serves as a major…
-
CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)
Attackers are exploiting CVE-2026-32202, a zero-click Windows Shell spoofing vulnerability that causes victims’ systems to authenticate the attacker’s server, CISA … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/29/windows-cve-2026-32202-exploited/
-
GitHub Fixes Critical RCE Bug CVE-2026-3854 Within Hours of Discovery
Tags: cloud, cve, cvss, cybersecurity, flaw, github, infrastructure, rce, remote-code-execution, vulnerabilityCybersecurity researchers have revealed critical details about a newly identified RCE vulnerability, tracked as CVE-2026-3854, affecting both GitHub’s cloud infrastructure and GitHub Enterprise Server deployments. The flaw, which carries a high CVSS score of 8.7, could allow an authenticated user to execute arbitrary code on affected systems with a single crafted First seen on thecyberexpress.com…
-
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in ConnectWise ScreenConnect First seen on thehackernews.com Jump to…
-
Cursor AI IDE vulnerability allows code execution via hidden Git hooks
Novee researchers find high-severity CVE-2026-26268 flaw in Cursor AI, allowing hackers to run malicious code when developers clone repositories. First seen on hackread.com Jump to article: hackread.com/cursor-ai-ide-vulnerability-code-execution-git-hooks/
-
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in ConnectWise ScreenConnect First seen on thehackernews.com Jump to…
-
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in ConnectWise ScreenConnect First seen on thehackernews.com Jump to…
-
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in ConnectWise ScreenConnect First seen on thehackernews.com Jump to…
-
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2024-1708 (CVSS score: 8.4) – A path traversal vulnerability in ConnectWise ScreenConnect First seen on thehackernews.com Jump to…
-
U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2024-02-21 is a path traversal vulnerability…
-
CISA Warns of Windows Shell Zero-Day Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windows, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28, 2026, the agency officially added CVE-2026-32202 to its Known Exploited Vulnerabilities (KEV) catalog. This critical flaw involves a failure of a protection mechanism within the Microsoft Windows Shell, and active exploitation…
-
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI’s LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge.The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could be…
-
GitHub.com and Enterprise Server Vulnerability Allows Remote Code Execution
Wiz Research has identified a critical remote code execution (RCE) vulnerability, tracked as CVE-2026-3854, deeply embedded within GitHub’s internal git infrastructure. This high-severity flaw enabled any authenticated user to execute arbitrary commands on backend servers using a single standard git push command. The vulnerability originates from an improper neutralization of special elements during repository push operations. GitHub’s…
-
EUVD-2026-19588 / CVE-2026-34197 Nachrichtenbroker im KEV-Katalog der CISA gelandet
First seen on security-insider.de Jump to article: www.security-insider.de/apache-activemq-code-injection-cve-2026-34197-a-5b9c4a93189d6ccc81551f18658447d7/
-
CVE-2026-3854 GitHub flaw enables remote code execution
Critical GitHub flaw CVE-2026-3854 lets attackers run code with a single git push, exploiting a command injection bug. Researchers found a critical vulnerability in GitHub, tracked as CVE-2026-3854, that allows remote code execution through a simple git push. The vulnerability affects GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise…
-
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-are-exploiting-a-critical-litellm-pre-auth-sqli-flaw/