CVE-2026-35414

Overview

OpenBSD
OpenSSH

02 Apr 2026

Published

02 Apr 2026

Updated

CVSS v3.1

MEDIUM (4.2)

EPSS

0.02%

MITRE

KEV

Description

OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

Statistics

5 Posts
3 Interactions

Last activity: 2 hours ago

Fediverse

WinFuture.de @WinFuture

Kritische OpenSSH-Luecke: Ein Komma in Zertifikatsnamen kann Root-Zugriff ermoeglichen. CVE-2026-35414 mit CVSS 8,1 betrifft Versionen der letzten 15 Jahre. Update auf OpenSSH 10.3 verfuegbar. https://winfuture.de/news,158363.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

1
2
1
2h ago

CyberNetsecIO @netsecio

📰 Decade-Old OpenSSH Flaw (CVE-2026-35414) Allows Full Root Access, Exploits Hard to Detect

🚨 CRITICAL: A 15-year-old flaw in OpenSSH (CVE-2026-35414) allows attackers to gain full root access. The bug is trivial to exploit and hard to detect in logs. Update to OpenSSH 10.3p1 immediately! 🛡️ #OpenSSH #CVE #Linux #CyberSecurity

🔗 https://cyber.netsecops.io

0
0
0
15h ago

Bluesky

Cybersecurity News Everyday @hendryadrian.bsky.social

A 15-year-old OpenSSH flaw (CVE-2026-35414) mishandles commas in certificate principals, granting full root shell access by bypassing log detection. Fixed in OpenSSH 10.3. #OpenSSHFlaw #RootAccess #USA

0
0
0
17h ago

ohhara @shiojiri.com

rootシェルアクセスに繋がり得るOpenSSHの脆弱性、15年にわたり発見されず（CVE-2026-35414） | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45415/

0
0
0
3h ago

CVE-2026-41651

Overview

PackageKit
PackageKit

22 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.22%

MITRE

KEV

Description

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5. A local unprivileged user can install arbitrary RPM packages as root, including executing RPM scriptlets, without authentication. The vulnerability is a TOCTOU race condition on `transaction->cached_transaction_flags` combined with a silent state-machine guard that discards illegal backward transitions while leaving corrupted flags in place. Three bugs exist in `src/pk-transaction.c`: 1. Unconditional flag overwrite (line 4036): `InstallFiles()` writes caller-supplied flags to `transaction->cached_transaction_flags` without checking whether the transaction has already been authorized/started. A second call blindly overwrites the flags even while the transaction is RUNNING. 2. Silent state-transition rejection (lines 873–882): `pk_transaction_set_state()` silently discards backward state transitions (e.g. `RUNNING` → `WAITING_FOR_AUTH`) but the flag overwrite at step 1 already happened. The transaction continues running with corrupted flags. 3. Late flag read at execution time (lines 2273–2277): The scheduler's idle callback reads cached_transaction_flags at dispatch time, not at authorization time. If flags were overwritten between authorization and execution, the backend sees the attacker's flags.

Statistics

3 Posts
9 Interactions

Last activity: 1 hour ago

Fediverse

N_{Dario Fadda} @nuke

Pack2TheRoot: Critical Linux Privilege Escalation Flaw in PackageKit Affects 12+ Years of Releases (CVE-2026-41651)
#CyberSecurity
https://securebulletin.com/pack2theroot-critical-linux-privilege-escalation-flaw-in-packagekit-affects-12-years-of-releases-cve-2026-41651/

6
0
0
1h ago

:awesome:🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉 @nemo

Telekom's security team warns: “Pack2TheRoot” (CVE-2026-41651) in PackageKit lets low‑privilege users install/remove system packages and escalate to root — patch to PackageKit ≥1.3.5 and apply distro updates now: https://www.heise.de/en/news/Pack2TheRoot-Security-vulnerability-affects-several-Linux-distributions-11273070.html 🔒🐧 #CyberSecurity #Linux

2
1
0
22h ago

Bluesky

Cybersecurity News Everyday @hendryadrian.bsky.social

A critical TOCTOU race condition in PackageKit (CVE-2026-41651) allows unprivileged users to gain root access by installing arbitrary RPMs. Fixed in PackageKit 1.3.5 and updated in Debian, Ubuntu, Fedora. #Pack2TheRoot #LinuxSecurity #Germany

0
0
0
23h ago

CVE-2026-32202

Overview

Microsoft
Windows 10 Version 1607

14 Apr 2026

Published

28 Apr 2026

Updated

CVSS v3.1

MEDIUM (4.3)

EPSS

0.09%

MITRE

KEV

Description

Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.

Statistics

3 Posts

Last activity: 4 hours ago

Bluesky

r/blueteamsec bot @r-blueteamsec.bsky.social

A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202

0
0
0
21h ago

softfantw.eurosky.social @softfantw.eurosky.social

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 thehackernews.com/2026/04/micr...

0
0
1
4h ago

CVE-2026-21643

Overview

Fortinet
FortiClientEMS

06 Feb 2026

Published

14 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

43.14%

MITRE

KEV

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

3 Posts

Last activity: 14 hours ago

Bluesky

CrowdSec @crowdsec.bsky.social

🚨 In this week’s newsletter, we cover CVE-2026-21643, a FortiClient EMS SQL injection now under active exploitation. We break down how it moved from advisory to real attacks and what defenders should do next. Read the full analysis and protect your systems 👉 www.crowdsec.net/vulntracking...

0
0
1
21h ago

CyberVeille @cyberveille-ch.bsky.social

📢 CVE-2026-21643 : Injection SQL critique dans FortiClient EMS activement exploitée 📝 ## 🔍 Contexte Rapport publié le 27 avril 2026 par CrowdSec sur la pl… https://cyberveille.ch/posts/2026-04-27-cve-2026-21643-injection-sql-critique-dans-forticlient-ems-activement-exploitee/ #CISA_KEV #Cyberveille

0
0
0
14h ago

CVE-2026-40050

Overview

CrowdStrike
LogScale Self-Hosted

21 Apr 2026

Published

21 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.32%

MITRE

KEV

Description

CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does not affect Next-Gen SIEM customers. The vulnerability exists in a specific cluster API endpoint that, if exposed, allows a remote attacker to read arbitrary files from the server filesystem without authentication. Next-Gen SIEM customers are not affected and do not need to take any action. CrowdStrike mitigated the vulnerability for LogScale SaaS customers by deploying network-layer blocks to all clusters on April 7, 2026. We have proactively reviewed all log data and there is no evidence of exploitation. LogScale Self-hosted customers should upgrade to a patched version immediately to remediate the vulnerability. CrowdStrike identified this vulnerability during continuous and ongoing product testing.

Statistics

2 Posts
2 Interactions

Last activity: 15 hours ago

Fediverse

CyberNetsecIO @netsecio

📰 Critical Unauthenticated Path Traversal Flaw Found in CrowdStrike LogScale

🚨 CRITICAL FLAW: CrowdStrike patches an unauthenticated path traversal vulnerability (CVE-2026-40050) in self-hosted LogScale. The bug could allow remote attackers to read any file on the server. Patch immediately! #CyberSecurity #Vulnerability

🔗 https://cyber.netsecops.io

0
0
0
15h ago

DragonJAR @dragonjar

En las últimas 24 horas, se detectaron vulnerabilidades críticas en CrowdStrike LogScale y navegadores Firefox y Tor que permitían accesos no autorizados y seguimiento en modo privado; además, Itron reportó un incidente de seguridad en su red interna y CISA actualizó su lista con fallos explotados en SimpleHelp, Samsung y D-Link. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 27/04/26 📆 |====

🔓 VULNERABILIDAD CRÍTICA EN CROWDSTRIKE LOGSCALE PERMITÍA ACCESO NO AUTORIZADO A ARCHIVOS

CrowdStrike ha corregido la grave falla CVE-2026-40050 que afectaba a LogScale autohospedado. Esta vulnerabilidad de traversal de rutas podía ser explotada por atacantes para acceder a archivos sensibles sin necesidad de autenticación, poniendo en riesgo datos críticos. Actualizar a la última versión es fundamental para proteger su entorno. Conozca más sobre esta amenaza y la solución implementada aquí 👉 https://djar.co/A0eG

⚠️ ITRON, IMPORTANTE EMPRESA DE SERVICIOS PÚBLICOS, REPORTA INCIDENTE DE SEGURIDAD INFORMÁTICA

Itron reveló un acceso no autorizado detectado el 13 de abril de 2026 en parte de su infraestructura informática. La empresa activó sus protocolos de respuesta y notificó a las autoridades regulatorias para mitigar posibles impactos. Este caso subraya la importancia de la vigilancia continua y respuesta rápida frente a intrusiones en infraestructuras críticas. Detalles completos y medidas tomadas 👉 https://djar.co/aW8Q

🦊 FALLA EN FIREFOX Y TOR PERMITÍA SEGUIMIENTO ENTRE SITIOS Y FINGERPRINTING EN MODO PRIVADO

El bug CVE-2026-6770 afectaba a Firefox y Tor Browser, posibilitando que atacantes realizaran seguimiento cruzado y obtuvieran huellas digitales del usuario incluso en navegación privada. Las actualizaciones Firefox 150 y Tor Browser 15.0.10 corrigen esta vulnerabilidad, reforzando la privacidad y seguridad del usuario. Asegure sus navegadores actualizados para evitar ser rastreado 👉 https://djar.co/D31m9

🔐 ITRON CONFIRMA INCIDENTE DE SEGURIDAD EN SU RED INTERNA

Mediante un informe oficial 8-K a la SEC, Itron, Inc. informó que un tercero no autorizado accedió a ciertos sistemas internos, destacando la creciente amenaza contra infraestructuras críticas. La transparencia en la comunicación de incidentes y la pronta reacción son clave para minimizar daños y aumentar la resiliencia. Conozca más sobre la situación y el manejo del incidente aquí 👉 https://djar.co/YdgE

📋 CISA INCORPORA VULNERABILIDADES DE SIMPLEHELP, SAMSUNG Y D-LINK A SU LISTADO DE FALLOS EXPLOTADOS

La Agencia de Seguridad de Infraestructura y Ciberseguridad de EE. UU. (CISA) ha incluido nuevas vulnerabilidades explotadas activamente en sus registros, afectando productos de SimpleHelp, Samsung y D-Link. Esta actualización alerta a organizaciones y usuarios sobre riesgos inmediatos, recomendando acciones rápidas para parchear y mitigar posibles ataques. Revise la lista completa y los detalles aquí 👉 https://djar.co/zEJeo

1
1
0
23h ago

CVE-2026-6770

Overview

Mozilla
Firefox

21 Apr 2026

Published

21 Apr 2026

Updated

CVSS

Pending

EPSS

0.06%

MITRE

KEV

Description

Other issue in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

Statistics

2 Posts
2 Interactions

Last activity: 23 hours ago

Fediverse

ekiledjian @edwardk

A Firefox bug (CVE-2026-6770) allowed cross-site tracking and Tor fingerprinting, even in Private Browsing mode. This vulnerability, which exposed stable identifiers via IndexedDB, has been fixed in Firefox 150 and Tor Browser 15.0.10.
https://securityaffairs.com/191374/security/firefox-bug-cve-2026-6770-enabled-cross-site-tracking-and-tor-fingerprinting.html

0
0
0
23h ago