CVE-2026-8461

Overview

FFmpeg
FFmpeg

18 Jun 2026

Published

19 Jun 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.39%

MITRE

KEV

Description

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg before version 8.1.2.

Statistics

9 Posts
34 Interactions

Last activity: 3 hours ago

Fediverse

Xe :verified: @cadey

"No way to prevent this" say users of only language where this regularly happens

https://xeiaso.net/shitposts/no-way-to-prevent-this/memory-safety/CVE-2026-8461/?utm_campaign=mi_irl&utm_medium=social&utm_source=mastodon

8
12
1
18h ago

i am root @null

I built FFmpeg 7.1.5 from source since Ubuntu is moving slowly on CVE-2026-8461, and leaving a Mastodon server that processes untrusted media all day long unpatched seems like a bad idea. So anyway, testing with a #Goose post.

4
6
0
22h ago

Ari Sovijärvi @apz

Looks like #ffmpeg leaks (CVE-2026-8461), #mastodon Docker images have all been updated with a fixed version.

#infosec #vulnerability

2
0
0
23h ago

ottoto @ottoto2017

#Mastodon v4.6.2 へ #update した。

CVE-2026-8461へのセキュリティ対応。

git fetch && git checkout v4.6.2
だけで完了。

#prattohome #更新

1
0
0
16h ago

James Purser @purserj

So it appears that there's a new CVE for ffmpeg (https://nvd.nist.gov/vuln/detail/CVE-2026-8461), but bugger all information on the FFMPEG website about it.

#security #ffmpeg

1
0
0
15h ago

caramel beurre salope 🔜 EMF @kouett

nice; the ffmpeg fix is being backported

https://security-tracker.debian.org/tracker/CVE-2026-8461
#PixelSmash #Debian #ffmpeg

0
0
0
3h ago

Bluesky

some-rss-feeds.bsky.social @some-rss-feeds.bsky.social

[some-subscribed-rss] New Post: "No way to prevent this" say users of only language where this regularly happens, by https://xeiaso.net/shitposts/no-way-to-prevent-this/memory-safety/CVE-2026-8461/

0
0
0
17h ago

CyberVeille @cyberveille-ch.bsky.social

📢 CVE-2026-8461 PixelSmash : RCE critique dans FFmpeg via le décodeur MagicYUV 📝 ## 🗓️ Contexte Publié le 23 juin 2026 par SecurityWeek (auteur : Ionut Arg… https://cyberveille.ch/posts/2026-06-26-cve-2026-8461-pixelsmash-rce-critique-dans-ffmpeg-via-le-decodeur-magicyuv/ #CVE_2026_8461 #Cyberveille

0
0
0
5h ago

CVE-2026-49494

Overview

Xcitium (formerly Comodo Security Solutions)
Comodo Internet Security

07 Jun 2026

Published

23 Jun 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.54%

MITRE

KEV

Description

Xcitium Client Security (XCS) before 13.8.2.10019 and Comodo Internet Security (CIS) through 12.3.4.8162 (fix expected by 2026 Q3) contain an integer underflow vulnerability in the firewall driver Inspect.sys that allows remote unauthenticated attackers to crash the system by sending a crafted IPv6 packet with a declared payload length smaller than the sum of its extension-header lengths. The unsigned 64-bit payload-length value underflows to a near-maximal integer, triggering an out-of-bounds read and oversized memcpy in the Windows kernel at DISPATCH_LEVEL, resulting in a blue screen of death even on hosts with all ports blocked.

Statistics

1 Post
220 Interactions

Last activity: 20 hours ago

Fediverse

Marcus Hutchins :verified: @malwaretech

I think it’s hilarious that I now have my first CVE because I got annoyed with an unresponsive vendor and just posted the zero day exploit I was trying to report to them on my GitHub 😆

https://nvd.nist.gov/vuln/detail/CVE-2026-49494

62
158
0
20h ago

CVE-2026-20245

Overview

Cisco
Cisco Catalyst SD-WAN Controller

04 Jun 2026

Published

12 Jun 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

9.92%

MITRE

KEV

Description

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user.  To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.

Statistics

6 Posts

Last activity: 2 hours ago

Fediverse

Daily CyberSecurity @DailyCyberSecurity

Cisco SD-WAN Zero-Day Exploited in Attacks

At a glance Actor: Unknown threat actor Activity Type: Privilege escalation and zero-day exploitation Targets: Service provider infrastructure Scale: Unknown victim count Jurisdiction: Active investigation; no arrests reported Source: Mandiant TL;DR Attackers breached a service provider using a Cisco SD-WAN zero-day flaw. They exploited CVE-2026-20245 to gain root-level control over network systems. Therefore, administrators must upgrade their software immediately to block further intrusions.

https://securityonline.info/cisco-sd-wan-zero-day/?utm_source=mastodon&utm_medium=jetpack_social

0
0
0
4h ago

Vito Botta @vitobotta

Cisco SD-WAN zero-day CVE-2026-20245 exploited for two months before disclosure. Mandiant found the traces. Attacker had netadmin access, escalated to root, cleaned up config files. Inside for months.

https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html

0
0
0
2h ago

Bluesky

Triton Technologies @tritontech.bsky.social

Cisco Catalyst SD-WAN zero-day CVE-2026-20245 exploited for root access. Critical to patch now and deploy AI threat detection. https://tcc.onl/OjXdyFNT #ZeroDay

0
0
0
22h ago

ohhara @shiojiri.com

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure https://securityaffairs.com/194200/hacking/cisco-catalyst-sd-wan-zero-day-cve-2026-20245-exploited-months-before-disclosure.html

0
0
0
14h ago

Royans Tharakan @royans.bsky.social

Cisco Catalyst SD-WAN: Critical Privilege Escalation via CVE-2026-20245 ##Cisco ##ZeroDay ##SDWAN ##PrivilegeEscalation ##TelecomSecurity https://flagthis.com/newsletter/2026/06/26/tldr/3850

0
0
0
2h ago

CyberVeille @cyberveille-ch.bsky.social

📢 Exploitation zero-day CVE-2026-20245 dans Cisco Catalyst SD-WAN par un acteur inconnu 📝 ## 🔍 Contexte Publié le 24 juin 2026 par Mandiant (G… https://cyberveille.ch/posts/2026-06-26-exploitation-zero-day-cve-2026-20245-dans-cisco-catalyst-sd-wan-par-un-acteur-inconnu/ #CVE_2026_20127 #Cyberveille

0
0
0
6h ago

CVE-2026-12569

Overview

PTC
Windchill PDMLink

18 Jun 2026

Published

26 Jun 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.93%

MITRE

KEV

Description

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. * This advisory also applies to all CPS versions * The identified vulnerability also impacts Windchill and FlexPLM releases prior to 11.0 M030

Statistics

6 Posts
2 Interactions

Last activity: 2 hours ago

Fediverse

Michael I Ransier @thecybermind

CISA adds CVE-2026-12569 to the KEV catalog as adversaries actively exploit PTC Windchill & FlexPLM input validation vulnerabilities. Lock down your supply chain assets. Full forensic indicators, lateral movement tracking, and active endpoint hardening protocols are live: https://thecybermind.co/y7tn

0
0
1
4h ago

CyberNetsecIO @netsecio

📰 CISA Adds Actively Exploited PTC and Cisco Flaws to KEV Catalog, Mandates Federal Patching

📢 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! ⚠️ #CyberSecurity #Vulnerability #CI...

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/cisa-adds-actively-exploited-ptc-and-cisco-flaws-to-kev-cata…

0
0
0
2h ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-12569 in PTC Windchill/FlexPLM is being exploited in the wild by remote unauthenticated attackers to execute arbitrary code.

1
0
0
8h ago

Information Security Briefly @infosecbriefly.bsky.social

CISA added CVE-2026-12569 to KEV after evidence of active exploitation of PTC Windchill and FlexPLM systems via malicious requests.

0
0
0
3h ago

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性2件をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Jun 25) CVE-2026-12569 PTC WindchillおよびFlexPLMにおける不適切な入力検証の脆弱性 CVE-2026-20230 Cisco Unified Communications Managerのサーバーサイドリクエストフォージェリ（SSRF）脆弱性 www.cisa.gov/news-events/...

1
0
0
19h ago

CVE-2026-46331

Overview

Linux
Linux

16 Jun 2026

Published

19 Jun 2026

Updated

CVSS

Pending

EPSS

0.29%

MITRE

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcf_pedit_act() computes the COW range for skb_ensure_writable() once before the key loop using tcfp_off_max_hint, but the hint does not account for the runtime header offset added by typed keys. This can leave part of the write region un-COW'd. Fix by moving skb_ensure_writable() inside the per-key loop where the actual write offset is known, and add overflow checking on the offset arithmetic. For negative offsets (e.g. Ethernet header edits at ingress), use skb_cow() to COW the headroom instead. Guard offset_valid() against INT_MIN, where negation is undefined.

Statistics

3 Posts

Last activity: Last hour

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-46331 enables unprivileged users to gain root by corrupting shared page-cache memory via tc pedit, then executing a poisoned setuid binary in memory.

0
0
0
3h ago

Undercode Testing @undercode.bsky.social

Linux Kernel “pedit COW” LPE (CVE-2026-46331): One-Click Root for Any Local User – Are You Patched? Introduction: A newly disclosed local privilege escalation (LPE) vulnerability in the Linux kernel’s network traffic control subsystem, tracked as CVE-2026-46331, allows any unprivileged local user…

0
0
0
1h ago

Bitnewsbot @bitnewsbot.bsky.social

A new Linux kernel vulnerability, CVE-2026-46331, allows local, unprivileged users to gain full root access on affected systems. The flaw […]

0
0
0
Last hour

CVE-2026-20230

Overview

Cisco
Cisco Unified Communications Manager

03 Jun 2026

Published

26 Jun 2026

Updated

CVSS v3.1

HIGH (8.6)

EPSS

51.24%

MITRE

KEV

Description

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.

Statistics

4 Posts
1 Interaction

Last activity: Last hour

Fediverse

CyberNetsecIO @netsecio

📰 Attackers Actively Exploit Critical Cisco Unified CM Flaw to Deploy Webshells

⚠️ ACTIVE EXPLOITATION: A critical SSRF flaw in Cisco Unified CM (CVE-2026-20230) is being used to drop webshells. Attackers are scanning from Tor. Disable the WebDialer service or patch immediately! #Cisco #CyberAttack #Infosec #SSRF

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/active-exploitation-of-critical-cisco-unified-cm-flaw-begins/?utm_source=mastodon&utm_medium…

0
0
0
23h ago

CyberNetsecIO @netsecio

📰 CISA Adds Actively Exploited PTC and Cisco Flaws to KEV Catalog, Mandates Federal Patching

📢 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! ⚠️ #CyberSecurity #Vulnerability #CI...

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/cisa-adds-actively-exploited-ptc-and-cisco-flaws-to-kev-cata…

0
0
0
2h ago

Bluesky

Royans Tharakan @royans.bsky.social

Cisco Unified Communications Manager: Critical SSRF-to-RCE Chain CVE-2026-20230 ##Cisco ##SSRF ##RCE ##VulnerabilityAnalysis https://flagthis.com/newsletter/2026/06/26/tldr/3798

0
0
0
Last hour

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性2件をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Jun 25) CVE-2026-12569 PTC WindchillおよびFlexPLMにおける不適切な入力検証の脆弱性 CVE-2026-20230 Cisco Unified Communications Managerのサーバーサイドリクエストフォージェリ（SSRF）脆弱性 www.cisa.gov/news-events/...

1
0
0
19h ago

CVE-2026-43503

Overview

Linux
Linux

23 May 2026

Published

14 Jun 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.13%

MITRE

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()->flags when moving frags from source to destination. __pskb_copy_fclone() defers the rest of the shinfo metadata to skb_copy_header() after copying frag descriptors, but that helper only carries over gso_{size,segs, type} and never touches skb_shinfo()->flags; skb_shift() moves frag descriptors directly and leaves flags untouched. As a result, the destination skb keeps a reference to the same externally-owned or page-cache-backed pages while reporting skb_has_shared_frag() as false. The mismatch is harmful in any in-place writer that uses skb_has_shared_frag() to decide whether shared pages must be detoured through skb_cow_data(). ESP input is one such writer (esp4.c, esp6.c), and a single nft 'dup to <local>' rule -- or any other nf_dup_ipv4() / xt_TEE caller -- is enough to land a pskb_copy()'d skb in esp_input() with the marker stripped, letting an unprivileged user write into the page cache of a root-owned read-only file via authencesn-ESN stray writes. Set SKBFL_SHARED_FRAG on the destination whenever frag descriptors were actually moved from the source. skb_copy() and skb_copy_expand() share skb_copy_header() too but linearize all paged data into freshly allocated head storage and emerge with nr_frags == 0, so skb_has_shared_frag() returns false on its own; they need no change. The same omission exists in skb_gro_receive() and skb_gro_receive_list(). The former moves the incoming skb's frag descriptors into the accumulator's last sub-skb via two paths (a direct frag-move loop and the head_frag + memcpy path); the latter chains the incoming skb whole onto p's frag_list. Downstream skb_segment() reads only skb_shinfo(p)->flags, and skb_segment_list() reuses each sub-skb's shinfo as the nskb -- both p and lp must carry the marker. The same omission also exists in tcp_clone_payload(), which builds an MTU probe skb by moving frag descriptors from skbs on sk_write_queue into a freshly allocated nskb. The helper falls into the same family and warrants the same fix for consistency; no TCP TX-side in-place writer is currently known to reach a user page through this gap, but a future consumer depending on the marker would regress silently. The same omission exists in skb_segment(): the per-iteration flag merge takes only head_skb's flag, and the inner switch that rebinds frag_skb to list_skb on head_skb-frags exhaustion does not fold the new frag_skb's flag into nskb. Fold frag_skb's flag at both sites so segments drawing frags from frag_list members carry the marker.

Statistics

2 Posts
1 Interaction

Last activity: 2 hours ago

Fediverse

Ԏєηυкι, 手抜き🚀🐧♏ 🔭 ⚫⚪ @enigma

#Linux sometimes puts me on . Only here from Ubuntu for a real critical CVE vuln. an Update reached me for 43503 aka DirtyClone ( another DirtyFrag) . However 70% of my 100 Lx kernels (SLES only) have been patched. And tonight the rest follows . But the update forced me in this heat to check if the update today is from Suse provided already . But there is no new kernel. The 70 VMs had been patched for it in June 14 days ago. So the today’s update is useless.

https://ubuntu.com/security/CVE-2026-43503

0
0
0
2h ago

Bluesky

Undercode Testing @undercode.bsky.social

DirtyClone (CVE-2026-43503) — The Silent Linux LPE That Writes Root Into Memory, Not Disk + Video Introduction A newly discovered Local Privilege Escalation (LPE) vulnerability in the Linux kernel, tracked as CVE-2026-43503 and dubbed "DirtyClone," allows any unprivileged local user to gain root…

1
0
0
6h ago

CVE-2026-20253

Overview

Splunk
Splunk Enterprise

10 Jun 2026

Published

19 Jun 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

92.10%

MITRE

KEV

Description

In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service.

Statistics

2 Posts

Last activity: Last hour

Bluesky

Royans Tharakan @royans.bsky.social

Splunk Enterprise: Pre-Authentication RCE via PostgreSQL Sidecar CVE-2026-20253 ##Splunk ##RCE ##CVE202620253 ##ZeroDay ##CloudSecurity https://flagthis.com/newsletter/2026/06/26/tldr/3800

0
0
0
7h ago

Cyber Threat Feeds @montxt.bsky.social

Critical Unauthenticated Remote Code Execution in Splunk Enterprise (CVE-2026-20253) https://www.zscaler.com/blogs/security-research/critical-unauthenticated-remote-code-execution-splunk-enterprise-cve-2026

0
0
0
Last hour

CVE-2025-67038

Overview

Pending

11 Mar 2026

Published

24 Jun 2026

Updated

CVSS

Pending

EPSS

1.13%

MITRE

KEV

Description

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.

Statistics

2 Posts

Last activity: 4 hours ago

Fediverse

CyberNetsecIO @netsecio

📰 CISA Mandates Urgent Patching for Actively Exploited Flaws in Lantronix and Ubiquiti Devices

🚨 CISA KEV ALERT: Critical flaws in Lantronix EDS5000 (CVE-2025-67038) & Ubiquiti UniFi OS (CVE-2026-34908) are actively exploited. Unauthenticated RCE with root access possible. Patch immediately! #CyberSecurity #Vulnerability #PatchNow

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/cisa-adds-critical-lantronix-and-ubiquiti-flaws-to-kev-catalog/?utm_sourc…

0
0
0
23h ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 CVE-2025-67038 : exécution de commandes arbitraires dans les convertisseurs Lantronix EDS5000 ajoutée au KEV CISA 📝 #… https://cyberveille.ch/posts/2026-06-26-cve-2025-67038-execution-de-commandes-arbitraires-dans-les-convertisseurs-lantronix-eds5000-ajoutee-au-kev-cisa/ #Berserk_Bear #Cyberveille

0
0
0
4h ago

CVE-2026-57879

Overview

GeoVision Inc.
GV-LPCLPC2011/2211

26 Jun 2026

Published

26 Jun 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.53%

MITRE

KEV

Description

An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by sending a crafted RTSP request, resulting in memory corruption, denial of service, or potentially arbitrary code execution.

Statistics

1 Post
1 Interaction

Last activity: 3 hours ago

Fediverse

OffSequence @offseq

GeoVision GV-LPC2011/2211 (≤v1.12) affected by CVE-2026-57879: CRITICAL stack-based buffer overflow in ssvr (CVSS 9.8). Remote, unauthenticated code execution possible via crafted RTSP. Restrict RTSP & monitor. https://radar.offseq.com/threat/cve-2026-57879-cwe-121-stack-based-buffer-overflow-92b9e3b3fdb94e2a #OffSeq #CVE202657879 #infosec #IoT

1
0
0
3h ago