Tag: cve
-
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/
-
Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring any specialized conditions to be met.The vulnerability, tracked as CVE-2026-45659, carries a CVSS score of 8.8. It has been assigned an important severity.”Deserialization of untrusted data in Microsoft Office SharePoint…
-
Memcached SASL Flaw Exposes Usernames to Enumeration Attacks
A newly identified vulnerability in Memcached has raised concerns among security professionals after researchers confirmed a timing side-channel flaw that allows attackers to enumerate valid usernames. Tracked as CVE-2026-47783, the issue affects Memcached versions before 1.6.42 and specifically impacts SASL (Simple Authentication and Security Layer) password database authentication. The flaw stems from improper username validation…
-
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon.The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to…
-
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon.The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to…
-
Hackers Abuse KnowledgeDeliver LMS Flaw to Install BLUEBEAM Web Shell
Tags: cve, cyber, exploit, flaw, google, hacker, intelligence, mandiant, remote-code-execution, threat, vulnerabilityHackers are actively exploiting a critical vulnerability in the KnowledgeDeliver Learning Management System (LMS) to deploy the BLUEBEAM web shell, according to findings from Mandiant’s Google Threat Intelligence Group. The flaw, tracked as CVE-2026-5426, enables unauthenticated remote code execution through ASP.NET ViewState deserialization and has been observed in real-world attacks. KnowledgeDeliver LMS Flaw The vulnerability…
-
Ghost CMS flaw abused to push ClickFix attacks on hundreds of sites
Attackers are exploiting the patched Ghost CMS flaw CVE-2026-26980, compromising over 700 unpatched sites, including universities. Threat actors are actively exploiting a security flaw, tracked as CVE-2026-26980, in Ghost CMS that was fixed months ago in real attacks against unpatched websites. According to Qianxin, the campaign has already affected more than 700 sites, including well-known organizations and…
-
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost’s Content API that could allow an unauthenticated attacker to read arbitrary…
-
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost’s Content API that could allow an unauthenticated attacker to read arbitrary…
-
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, risk, sql, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in the wild. The flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling a high risk to organizations using affected Drupal deployments.…
-
(g+) ActiveMQ Jolokia Code-Injection: Schwachstelle Message Broker
CVE-2026-34197 in Apache ActiveMQ wird aktiv ausgenutzt. Die Schwachstelle liegt in der Jolokia-API, in einigen Versionen ist keine Authentisierung nötig. Was zu tun ist. First seen on golem.de Jump to article: www.golem.de/news/activemq-jolokia-code-injection-schwachstelle-message-broker-2605-208974.html
-
Nginx-poolslip Flaw Exposes Servers to DoS and Code Execution Attacks
NGINX users are facing a critical security issue after F5 disclosed a new vulnerability, tracked as CVE-2026-9256, affecting the widely used ngx_http_rewrite_module. The flaw, dubbed “Nginx-poolslip,” can allow attackers to trigger denial-of-service (DoS) conditions and, under certain conditions, achieve remote code execution. Nginx-poolslip Flaw The issue originates from improper handling of overlapping PCRE (Perl-Compatible Regular…
-
Boards want cyber risk in dollars, not CVE counts
In this Help Net Security video, Ziv Levi, SVP of Technology at CYE, explains why translating cyber risk into dollars is one of the most pressing tasks for security leaders. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/25/translating-cyber-risk-video/
-
Security Affairs newsletter Round 578 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack Why pure extortion is…
-
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May…
-
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-9082 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Drupal issued a highly critical security patch on May…
-
CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack
Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or…
-
Linux-Kernel-Schwachstelle ermöglicht Zugriff auf sensible Root-Daten
Die Sicherheitsforscher der Threat Research Unit (TRU) von Qualys haben mit CVE-2026-46333 eine Schwachstelle im Linux-Kernel identifiziert, die unter bestimmten Bedingungen die Offenlegung sensibler Informationen privilegierter Prozesse ermöglicht. Die Sicherheitslücke befindet sich im sogenannten ptrace-Zugriffspfad des Kernels und kann von lokal angemeldeten Benutzern ohne administrative Rechte ausgenutzt werden. Nach Erkenntnissen der Forscher handelt es sich um eine Race-Condition…
-
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions.”Any cPanel user (including an attacker or a compromised account) may First…
-
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.”Drupal Core First seen on…
-
Qualys entdeckt Schwachstelle im Linux-Kernel mit Risiko für sensible Daten
Die Entdeckung von CVE-2026-46333 unterstreicht einmal mehr, dass selbst moderne Linux-Infrastrukturen nicht vor kritischen Kernel-Schwachstellen gefeit sind. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/qualys-entdeckt-schwachstelle-im-linux-kernel-mit-risiko-fuer-sensible-daten/a45282/
-
MSSP Market News: Vulnerability Management Moves From CVE Lists to Fixes
First seen on scworld.com Jump to article: www.scworld.com/news/mssp-market-news-58-of-cisos-would-pay-the-ransom-thats-an-mssp-problem
-
CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
Tags: ai, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, risk, tool, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation risks and urging immediate remediation. The vulnerability stems from an origin validation flaw in Langflow, a popular tool used for building and orchestrating AI-driven workflows. According to CISA,…
-
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Trend Micro Apex One and Langflow flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-34291(CVSS score of 9.4) is…
-
CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
CISA has issued an urgent alert warning organizations about two newly disclosed zero-day vulnerabilities affecting Microsoft Defender, both added to the Known Exploited Vulnerabilities (KEV) catalog on May 20, 2026. CVE-2026-45498: Microsoft Defender DoS Vulnerability CVE-2026-45498 is a denial-of-service (DoS) vulnerability in Microsoft Defender that can cause the security service to stop functioning. An attacker…
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/