CVE-2026-40372

Overview

Microsoft
ASP.NET Core 10.0

21 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.04%

MITRE

KEV

Description

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

Statistics

8 Posts
2 Interactions

Last activity: 2 hours ago

Fediverse

Brandon H :csharp: :verified: @bc3tech

via @dotnet : .NET 10.0.7 Out-of-Band Security Update

https://ift.tt/M4BdDGe
#dotnet #dotnet10 #dotnetcore #AspNetCore #DataProtection #SecurityUpdate #OutOfBand #OOB #CVE202640372 #SecurityVulnerability #Decryption #HMAC #Encryption #ReleaseNotes #Downloads #SD…

1
0
0
16h ago

PrivacyDigest @PrivacyDigest

#Microsoft issues emergency update for #macOS and #Linux ASP.NET threat

Microsoft released an emergency patch for its ASP.NET Core to fix a high-severity #vulnerability that allows unauthenticated attackers to gain SYSTEM privileges on devices that use the Web development framework to run Linux or macOS apps.

The software maker said Tuesday evening that the vulnerability, tracked as CVE-2026-40372
#ASPNet #security

https://arstechnica.com/security/2026/04/microsoft-issues-emergency-update-for-macos-and-linux-asp-net-threat/

0
1
0
2h ago

TechNadu @technadu

CVE-2026-40372 in ASP.NET Core enables privilege escalation via cryptographic validation flaws.
Patch released - but token persistence risk remains without key rotation.

Source: https://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.html

Follow TechNadu. Insights? 👇

#Infosec #Microsoft #Vulnerability

0
0
0
17h ago

eSecurity Planet @esecurityplanet

CVE-2026-40372: Microsoft Patches ASP.NET Core Privilege Escalation Vulnerability https://www.esecurityplanet.com/threats/cve-2026-40372-microsoft-patches-asp-net-core-privilege-escalation-vulnerability/

0
0
0
15h ago

Bluesky

Ninja Owl @ninjaowl.ai

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
22h ago

TechNadu @technadu.com

ASP.NET Core vuln (CVE-2026-40372) → SYSTEM access risk. Crypto validation flaw = forged tokens possible. Patch helps, but key rotation is critical. Follow TechNadu for more. Thoughts? #CyberSecurity #Infosec #Microsoft

0
0
0
17h ago

piggo @pigondrugs.bsky.social

~Cybergcca~ Security updates released for GitLab CE/EE and a critical OOB patch for Microsoft .NET (CVE-2026-40372). - IOCs: CVE-2026-40372 - #GitLab #Microsoft #ThreatIntel

0
0
0
16h ago

rmcholewa.bsky.social @rmcholewa.bsky.social

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug thehackernews.com/2026/04/micr...

0
0
0
16h ago

CVE-2026-41651

Overview

PackageKit
PackageKit

22 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

Pending

MITRE

KEV

Description

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5. A local unprivileged user can install arbitrary RPM packages as root, including executing RPM scriptlets, without authentication. The vulnerability is a TOCTOU race condition on `transaction->cached_transaction_flags` combined with a silent state-machine guard that discards illegal backward transitions while leaving corrupted flags in place. Three bugs exist in `src/pk-transaction.c`: 1. Unconditional flag overwrite (line 4036): `InstallFiles()` writes caller-supplied flags to `transaction->cached_transaction_flags` without checking whether the transaction has already been authorized/started. A second call blindly overwrites the flags even while the transaction is RUNNING. 2. Silent state-transition rejection (lines 873–882): `pk_transaction_set_state()` silently discards backward state transitions (e.g. `RUNNING` → `WAITING_FOR_AUTH`) but the flag overwrite at step 1 already happened. The transaction continues running with corrupted flags. 3. Late flag read at execution time (lines 2273–2277): The scheduler's idle callback reads cached_transaction_flags at dispatch time, not at authorization time. If flags were overwritten between authorization and execution, the backend sees the attacker's flags.

Statistics

7 Posts
7 Interactions

Last activity: Last hour

Fediverse

Matthias Klumpp @matk

Forgot your root password? No problem! With #PackageKit <= 1.3.4 you can do all the fun root action on any Linux system you have local access to, no privileges required!

Don't like that? Then PLEASE UPDATE your system ASAP to PackageKit >= 1.3.5 or any fixed distro package. Fixes for this vulnerability should already be available everywhere since today.

You can read more about CVE-2026-41651 on the security researcher's blog:
https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html

#pack2theroot #osssecurity

3
3
0
16h ago

Billchenchina 🏳️‍⚧️ @billchenchina

PackageKit GHSA-f55j-vvr9-69xv / "Pack2TheRoot" / CVE-2026-41651
请尽快更新
All PackageKit versions between >= 1.0.2 and <= 1.3.4 are vulnerable.
Debian 12 1.2.6-5+deb12u1
Debian 13 1.3.1-1+deb13u1
上游修复版本 1.3.5

This release fixes a critical security vulnerability that allows unprivileged local users to obtain root privileges on any distribution that uses PackageKit.

0
1
0
18h ago

intuentis0x0 @intuentis0x0

There is a great report out there by @dtcert

Telekom Red Team (great work guys) found a high severity LPE vulnerability in PackageKit daemon. In the report the distros of Ubuntu, Debian and Fedora and some more are mentioned as affected. Some left traces to hunt for the exploitation comes with the report, which is helpful.

edit: now known as CVE-2026-41651

https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html

0
0
0
19h ago

buherator @buherator

CVE-2026-41651: TOCTOU vulnerability in PackageKit <= 1.3.4 leads to
local root exploit

https://www.openwall.com/lists/oss-security/2026/04/22/6

0
0
0
Last hour

Bluesky

/r/netsec @r-netsec-bot.bsky.social

Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability

0
0
1
12h ago

buherator @buherator.bsky.social

CVE-2026-41651: TOCTOU vulnerability in PackageKit <= 1.3.4 leads to local root exploit www.openwall.com -> Original->

0
0
0
Last hour

CVE-2026-32201

Overview

Microsoft
Microsoft SharePoint Enterprise Server 2016

14 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

7.94%

MITRE

KEV

Description

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Statistics

5 Posts

Last activity: 10 hours ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 Plus de 1 300 serveurs SharePoint non patchés exposés à CVE-2026-32201, exploitée en zero-day 📝 📰 **Source** : BleepingComputer, article de … https://cyberveille.ch/posts/2026-04-22-plus-de-1-300-serveurs-sharepoint-non-patches-exposes-a-cve-2026-32201-exploitee-en-zero-day/ #CISA_KEV #Cyberveille

0
0
0
22h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Over 1,300 Microsoft SharePoint servers remain unpatched against zero-day spoofing flaw CVE-2026-32201, affecting Server 2016, 2019, and Subscription Edition. Fewer than 200 patched despite active exploitation. #MicrosoftSharePoint #CISA #USA

0
0
0
21h ago

Christina Ayiotis @christinaayiotis.bsky.social

“security flaw tracked as CVE-2026-32201 affects SharePoint Enterprise Server 2016, SharePoint Server 2019 & SharePoint Server Subscription Edition (.. latest on-premises version which uses a ‘continuous update’ model).” www.bleepingcomputer.com/news/securit... @microsoft.com @bleepingcomputer.com

0
0
0
14h ago

Eyal Estrin ☁️ @eyalestrin.bsky.social

Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks (CVE-2026-32201) #patchmanagement

0
0
0
12h ago

Information Security Briefly @infosecbriefly.bsky.social

Over 1,300 internet-exposed Microsoft SharePoint servers remain unpatched against a spoofing flaw, CVE-2026-32201, posing significant security risks.

0
0
0
10h ago

CVE-2026-33825

Overview

Microsoft
Microsoft Defender Antimalware Platform

14 Apr 2026

Published

23 Apr 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.06%

MITRE

KEV

Description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Statistics

5 Posts

Last activity: Last hour

Bluesky

Blacky @coldblacksun.bsky.social

CISA has added the Microsoft Defender insufficient granularity of access control vulnerability CVE-2026-33825 to its KEV Catalog www.cisa.gov/known-exploi...

0
0
0
11h ago

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Apr 22) CVE-2026-33825 Microsoft Defenderのアクセス制御の粒度が不十分な脆弱性 www.cisa.gov/news-events/...

0
0
0
9h ago

piggo @pigondrugs.bsky.social

~Cisa~ CISA added an actively exploited Microsoft Defender access control flaw to its KEV catalog. - IOCs: CVE-2026-33825 - #CVE2026_33825 #Microsoft #ThreatIntel

0
0
0
4h ago

Giovanni Popolizio @giovanni-popolizio.bsky.social

Windows Defender: Quando fa paura chi ti deve difendere CVE-2026-33825 & UnDefend C’è una differenza enorme tra una vulnerabilità qualunque e una vulnerabilità che tocca il software... www.aiutocomputerhelp.it?p=16772 #BlueHammer #bug_microsoft #RedSun #UnDefend #Windows_Defender #Zero_day

0
0
0
Last hour

Information Security Briefly @infosecbriefly.bsky.social

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.

0
0
0
Last hour

CVE-2025-29635

Overview

Pending

25 Mar 2025

Published

25 Mar 2025

Updated

CVSS

Pending

EPSS

1.25%

MITRE

KEV

Description

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.

Statistics

4 Posts
5 Interactions

Last activity: 2 hours ago

Bluesky

BleepingComputer @bleepingcomputer.com

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet.

0
4
0
12h ago

Philippe Vynckier @pvynckier.bsky.social

Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers securityaffairs.com/191135/malwa...

0
1
0
2h ago

キタきつね @kitafox.bsky.social

MiraiボットネットはCVE-2025-29635を悪用し、旧型のD-Linkルーターを標的にしている Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers #SecurityAffairs (Apr 22) securityaffairs.com/191135/malwa...

0
0
0
9h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

A new Mirai campaign exploits CVE-2025-29635 in EoL D-Link DIR-823X routers, using POST to /goform/set_prohibiting for RCE and deploying the multi-arch variant "tuxnokill." Detected globally in March 2026. #DLink #MiraiBotnet #USA

0
0
0
8h ago

CVE-2026-28950

Overview

Apple
iOS and iPadOS

22 Apr 2026

Published

22 Apr 2026

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly retained on the device.

Statistics

2 Posts
1 Interaction

Last activity: 8 hours ago

Fediverse

Stefan Schmidt @zaphodb

https://support.apple.com/en-us/127002
Impact: Notifications marked for deletion could be unexpectedly retained on the device

Description: A logging issue was addressed with improved data redaction.

CVE-2026-28950

<3

1
0
0
10h ago

Bluesky

Cybersecurity News Everyday @hendryadrian.bsky.social

Apple released urgent updates iOS 26.4.2 and iPadOS 26.4.2 to fix CVE-2026-28950, a bug that retained deleted notification data potentially exposing Signal messages. #iOSUpdate #DataPrivacy #USA

0
0
0
8h ago

CVE-2026-21876

Overview

coreruleset
coreruleset

08 Jan 2026

Published

09 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.3)

EPSS

0.07%

MITRE

KEV

Description

The OWASP core rule set (CRS) is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when processing multipart requests with multiple parts. When the first rule in a chain iterates over a collection (like `MULTIPART_PART_HEADERS`), the capture variables (`TX:0`, `TX:1`) get overwritten with each iteration. Only the last captured value is available to the chained rule, which means malicious charsets in earlier parts can be missed if a later part has a legitimate charset. Versions 4.22.0 and 3.3.8 patch the issue.

Statistics

2 Posts

Last activity: 9 hours ago

Bluesky

Help Net Security @helpnetsecurity.com

Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876) 📖 Read more: www.helpnetsecurity.com/2026/04/22/p... #cybersecurity #cybersecuritynews #firewall #securityupdate #webapplicationsecurity #vulnerability @owasp.org @coreruleset.bsky.social

0
0
0
21h ago

キタきつね @kitafox.bsky.social

Progress Software社が、巧妙なWAFバイパスの脆弱性（CVE-2026-21876）を修正しました Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876) #HelpNetSecurity (Apr 22) www.helpnetsecurity.com/2026/04/22/p...

0
0
0
9h ago

CVE-2026-35616

Overview

Fortinet
FortiClientEMS

04 Apr 2026

Published

21 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

35.12%

MITRE

KEV

Description

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Statistics

1 Post
4 Interactions

Last activity: 21 hours ago

Fediverse

N_{Dario Fadda} @nuke

Critical Fortinet FortiClient EMS Zero-Day CVE-2026-35616 Exploited Before Official Patch Was Released
#CyberSecurity
https://securebulletin.com/critical-fortinet-forticlient-ems-zero-day-cve-2026-35616-exploited-before-official-patch-was-released/

4
0
0
21h ago

CVE-2026-40050

Overview

CrowdStrike
LogScale Self-Hosted

21 Apr 2026

Published

21 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.26%

MITRE

KEV

Description

CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does not affect Next-Gen SIEM customers. The vulnerability exists in a specific cluster API endpoint that, if exposed, allows a remote attacker to read arbitrary files from the server filesystem without authentication. Next-Gen SIEM customers are not affected and do not need to take any action. CrowdStrike mitigated the vulnerability for LogScale SaaS customers by deploying network-layer blocks to all clusters on April 7, 2026. We have proactively reviewed all log data and there is no evidence of exploitation. LogScale Self-hosted customers should upgrade to a patched version immediately to remediate the vulnerability. CrowdStrike identified this vulnerability during continuous and ongoing product testing.

Statistics

1 Post
9 Interactions

Last activity: 10 hours ago

Fediverse

cR0w :gayint: :ifin: :brdKnife: @cR0w

@reverseics I went to the Crowdstrike site to see if there was a new advisory and found this instead. Obviously better than any advisory. Even a ../ in CVE-2026-40050.

2
7
0
10h ago

CVE-2026-5752

Overview

Cohere
cohere-terrarium

14 Apr 2026

Published

21 Apr 2026

Updated

CVSS

Pending

EPSS

0.02%

MITRE

KEV

Description

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal.

Statistics

1 Post
2 Interactions

Last activity: 21 hours ago

Fediverse

DragonJAR @dragonjar

En las últimas 24 horas se reportaron accesos no autorizados al modelo de IA Mythos de Anthropic, una vulnerabilidad crítica en su plataforma que permite ejecución remota de código, ataques simultáneos del ransomware Kyber en Windows y ESXi, brechas en gestión de tokens OAuth en Vercel y un fallo en Cohere AI que da acceso root, todo mientras Mythos ayuda a detectar más de 270 vulnerabilidades en Firefox 150, destacando el doble filo de la inteligencia artificial en ciberseguridad. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 22/04/26 📆 |====

🔐 ACCESO NO AUTORIZADO AL MODELO DE IA MYTHOS DE ANTHROPIC

Un grupo reducido de usuarios ha logrado ingresar sin permiso al avanzado modelo de inteligencia artificial Mythos desarrollado por Anthropic PBC. Esta tecnología, considerada altamente potente, podría ser utilizada para facilitar ataques cibernéticos de gran impacto, aumentando el riesgo de explotación masiva si no se controlan correctamente sus accesos. Conocer este incidente es clave para entender las amenazas emergentes en IA. Descubre todos los detalles sobre esta brecha en el acceso a Mythos aquí 👉 https://djar.co/uEVw

⚠️ VULNERABILIDAD CRÍTICA EN MCP DE ANTHROPIC QUE PERMITE EJECUCIÓN REMOTA DE CÓDIGO

Una falla grave en el MCP (Microcontroller Platform) de Anthropic ha sido descubierta, permitiendo a atacantes ejecutar código de forma remota. Este tipo de vulnerabilidad abre la puerta a comprometer sistemas completos desde ubicaciones externas, subrayando la importancia de parches inmediatos y auditorías constantes en infraestructuras críticas. Infórmate sobre cómo proteger tus sistemas frente a esta amenaza aquí 👉 https://djar.co/ASyow

💀 DOBLE AMENAZA DEL RANSOMWARE KYBER EN WINDOWS Y ESXI

El ransomware Kyber está desplegando ataques simultáneos en sistemas Windows y ESXi, utilizando técnicas avanzadas que complican la recuperación y aumentan el impacto económico. Esta doble vectorialidad hace indispensable revisar las defensas en servidores virtualizados y estaciones de trabajo para minimizar riesgos. Aprende a identificar y mitigar estos ataques con este análisis completo 👉 https://djar.co/zJlX

🔓 ANÁLISIS DEL INCUMPLIMIENTO DE VERCEL: EL CAMINO DEL ATAQUE A TRAVÉS DE UN TOKEN OAUTH

Un estudio detallado revela cómo una brecha en la gestión de tokens OAuth permitió a atacantes en Vercel iniciar ataques de identidad, comprometiendo credenciales y acceso a recursos críticos. Este caso ejemplifica la necesidad de reforzar la seguridad en flujos de autenticación y gestión de tokens para evitar ataques sofisticados en entornos de desarrollo y nube. Profundiza en esta investigación y fortalece tus medidas aquí 👉 https://djar.co/4poWFN

🐞 FALLA EN COHERE AI TERRARIUM QUE PERMITE EJECUCIÓN ROOT Y ESCAPE DE CONTENEDOR

Se ha identificado la vulnerabilidad CVE-2026-5752 en la sandbox Terrarium de Cohere AI, que facilita la ejecución de código con privilegios root y la evasión del entorno aislado mediante manipulación del prototipo Pyodide. Este tipo de fallo compromete la integridad del entorno de ejecución y puede derivar en acceso completo al sistema host. Conoce los detalles técnicos y recomendaciones para mitigarla aquí 👉 https://djar.co/qThy

🕵️ MOZILLA Y EL MODELO DE IA MYTHOS: DETECTAN 271 VULNERABILIDADES DE DÍA CERO EN FIREFOX 150

El CTO de Mozilla ha reportado que el modelo Mythos de Anthropic fue capaz de identificar 271 vulnerabilidades desconocidas en la versión 150 de Firefox, demostrando el poder de la inteligencia artificial aplicada a la seguridad informática. Este avance promete acelerar la detección y resolución de vulnerabilidades críticas de forma automatizada, fortaleciendo la protección de millones de usuarios. Entérate cómo la IA está revolucionando la ciberseguridad aquí 👉 https://djar.co/GQzTtv

1
1
0
21h ago