CVE-2026-3888

Overview

snapd

17 Mar 2026

Published

18 Mar 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.01%

MITRE

KEV

Description

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

Statistics

17 Posts
48 Interactions

Last activity: 1 hour ago

Fediverse

Devuan @devuan

Found yet another high severity #systemd bug in Ubuntu: local root privilege escalation (CVE-2026-3888)

https://cybersecurity88.com/news/ubuntu-cve-2026-3888-timing-flaw-in-systemd-cleanup-enables-root-privilege-escalation/

Let us wish all #Devuan users a wonderful day out with their family for a merry father's day, instead of shoveling unicorn shit.

13
19
0
6h ago

Glen T, heated, not stirred @glent

Pretty much as expected, Ubuntu running snapd as root was always going to turn out well :-|

https://discourse.ubuntu.com/t/snapd-local-privilege-escalation-cve-2026-3888/78627

My friends, time to bring your Ubuntu system up to date:

sudo apt update && sudo apt upgrade && systemctl reboot

3
5
0
17h ago

Albert Cardona @albertcardona

Quite the Ubuntu 24.04 vulnerability, via snap packages. Surprise surprise.

https://cdn2.qualys.com/advisory/2026/03/17/snap-confine-systemd-tmpfiles.txt

#ubuntu #linux #CVE20263888

2
2
0
21h ago

OSTechNix @ostechnix

A serious Ubuntu vulnerability (CVE-2026-3888) allows local users to gain full root access. If you run Ubuntu 24.04 or later, you should update your system right now.

More details here: https://ostechnix.com/ubuntu-snapd-privilege-escalation-cve-2026-3888-fix/

#Ubuntu #Snapd #CVE20263888 #Security #Qualys #Linux

0
2
0
9h ago

Domdel AKA Data @domdel

Alerte pour les bubuntuistes:
https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html

0
0
0
23h ago

Claudio C @cktodon

CVE-2026-3888 en #Ubuntu: escalada a root aprovechando snap-confine y la limpieza de systemd-tmpfiles

https://unaaldia.hispasec.com/2026/03/cve-2026-3888-en-ubuntu-escalada-a-root-aprovechando-snap-confine-y-la-limpieza-de-systemd-tmpfiles.html?utm_source=rss&amp

0
0
0
23h ago

Bluesky

mrbyte @mrbyte.bsky.social

Domani mi sa che mi tocca lavorare. Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit thehackernews.com/2026/03/ubun...

1
1
0
20h ago

Hacker News 20 @betterhn20.e-work.xyz

CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root blog.qualys.com/vulnerabilit... (news.ycombinator.com/item?id=4742...)

0
0
0
22h ago

HN Link Bot @hnews.southla.social

📰 CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root 💬 Exec: Read the Qualys tech brief; article is verbose/ads. Sentiment: skeptical; vibe: wary+snark. 🧐 https://news.ycombinator.com/item?id=47427208

0
0
0
21h ago

/r/netsec @r-netsec-bot.bsky.social

Ubtuntu 24.04+ Snapd Local Privilege Escalation (CVE-2026-3888)

0
0
1
17h ago

Hacker News 100 @hn100.atproto.rocks

CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root https://news.ycombinator.com/item?id=47427208

0
0
0
15h ago

The Lobste.rs RSS feed @lobsters-feed.bsky.social

CVE-2026-3888: Snap Flaw, Local Privilege Escalation to Root https://lobste.rs/s/ccys1t #security

0
0
0
15h ago

The Lobste.rs RSS feed @lobsters-feed.bsky.social

snap-confine + systemd-tmpfiles = root (CVE-2026-3888) https://lobste.rs/s/deodzu #security #linux

0
0
0
5h ago

topickapp (IT技術系ニュースサイト) @topickapp.bsky.social

https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root QualysがUbuntuのSnapに存在する重要な脆弱性(CVE-2026-3888)を発見しました。この脆弱性は、権限のないローカル攻撃者がroot権限に昇格することを可能にします。 Ubuntu 24.04以降のバージョンが影響を受け、速やかなパッチ適用が推奨されています。

0
0
0
5h ago

Eyal Estrin ☁️ @eyalestrin.bsky.social

CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root #patchmanagement

0
0
0
1h ago

Ethical Hacking Consultores @ehcgroup.bsky.social

Un fallo de seguridad en Ubuntu (CVE-2026-3888) permite a los atacantes obtener acceso de administrador mediante una vulnerabilidad. Esta vulnerabilidad, podría permitir a un atacante tomar el control de un sistema vulnerable. #ciberseguridad #cybersecurity www.linkedin.com/pulse/un-fal...

0
0
0
1h ago

CVE-2026-20131

Overview

Cisco
Cisco Secure Firewall Management Center (FMC)

04 Mar 2026

Published

19 Mar 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

0.58%

MITRE

KEV

Description

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.

Statistics

13 Posts

Last activity: Last hour

Fediverse

ekiledjian @edwardk

The Interlock ransomware group is actively exploiting a Cisco Firewall 0-day vulnerability (CVE-2026-20131) to deploy their ransomware, a flaw that allows unauthenticated remote attackers to execute arbitrary Java code. This exploitation began before the vulnerability's public disclosure, enabling the group to compromise organizations unaware of the threat.
https://cybersecuritynews.com/cisco-firewall-0-day-ransomware/

0
0
0
20h ago

TechNadu @technadu

Interlock ransomware exploited Cisco firewall zero-day (CVE-2026-20131) before disclosure.
• Unauth RCE → root
• Memory webshells
• WebSocket C2
https://www.technadu.com/interlock-ransomware-campaign-exploited-cisco-firewall-vulnerability-cve-2026-20131-weeks-before-disclosure/623700/

#Cybersecurity #ZeroDay #Ransomware

0
0
0
6h ago

Patrick C Miller :donor: @patrickcmiller

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure https://securityaffairs.com/189636/malware/interlock-group-exploiting-the-cisco-fmc-flaw-cve-2026-20131-36-days-before-disclosure.html

0
0
1
6h ago

AllAboutSecurity @allaboutsecurity

Zero-Day-Lücke in Cisco-Firewall: Interlock-Ransomware nutzte Schwachstelle 36 Tage vor Bekanntgabe aus

Cisco-Schwachstelle CVE-2026-20131 – was steckt dahinter?

https://www.all-about-security.de/zero-day-luecke-in-cisco-firewall-interlock-ransomware-nutzte-schwachstelle-36-tage-vor-bekanntgabe-aus/

#cisco #firewall #zeroday #itsecurity

0
0
1
5h ago

𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

Cybersecurity: Interlock ransomware is exploiting a critical Cisco FMC zero-day (CVE-2026-20131, CVSS 10.0) for root access, active since January 2026. CISA added a Microsoft SharePoint vulnerability (CVE-2026-20963) to its Known Exploited Vulnerabilities Catalog. Geopolitical: Tensions in the Gulf region are escalating, with Iran reportedly targeting energy sites, leading to a sharp spike in oil prices. These events underscore the urgent need for enhanced digital resilience and geopolitical stability.

#Cybersecurity #Geopolitics #AnonNews_irc

0
0
0
10h ago

Bluesky

Radar @radar.bsky.social

Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, according to Amazon security boss CJ Moses.…

0
0
0
23h ago

tamosan @tamosan.bsky.social

Ciscoの脆弱性（CVE-2026-20131）。悪用されているのを発見したのはAmazonのセキュリティチーム：Ransomware crims abused Cisco 0-day weeks before disclosure • The Register https://www.theregister.com/2026/03/18/amazon_cisco_firewall_0_day_ransomware/

0
0
0
17h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

The Interlock ransomware gang exploited a zero-day Cisco Secure Firewall flaw (CVE-2026-20131) from Jan 26 to Mar 4, enabling root remote code execution. Targets include DaVita and Texas Tech University. #RansomwareAttack #CiscoFlaw #USA

0
0
0
15h ago

Information Security Briefly @infosecbriefly.bsky.social

Cisco firewall vulnerability CVE-2026-20131 was exploited as a zero-day by Interlock cybercrime group since January 26, before the March 4 patch announcement.

0
0
0
8h ago

TechNadu @technadu.com

Interlock ransomware exploited a Cisco firewall zero-day (CVE-2026-20131) weeks before disclosure. Root access, memory webshells, stealth C2. How do you defend against zero-days? #Cybersecurity #Infosec

0
0
0
6h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Interlock ransomware gang exploited Cisco Secure Firewall zero-day (CVE-2026-20131) weeks before public disclosure, targeting local governments, healthcare, and education with custom malware and admin tools. #Interlock #CiscoZeroDay #UnitedStates

0
0
0
Last hour

CVE-2026-32721

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

1 Post
141 Interactions

Last activity: 6 hours ago

Fediverse

sash @sash

Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾
Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/
CVE-2026-32721, fixed in 24.10.6 / 25.12.1

73
68
0
6h ago

CVE-2026-20963

Overview

Microsoft
Microsoft SharePoint Enterprise Server 2016

13 Jan 2026

Published

19 Mar 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

9.87%

MITRE

KEV

Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Statistics

6 Posts
1 Interaction

Last activity: 2 hours ago

Fediverse

Offensive Sequence @offseq

⚠️ CRITICAL: CISA reports active exploits of CVE-2026-20963 in Microsoft SharePoint. Remote code execution allows full server compromise. Patch now, monitor logs, segment networks! https://radar.offseq.com/threat/cisa-warns-of-attacks-exploiting-recent-sharepoint-171abc90 #OffSeq #SharePoint #Vuln #RCE

0
0
0
7h ago

𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

Cybersecurity: Interlock ransomware is exploiting a critical Cisco FMC zero-day (CVE-2026-20131, CVSS 10.0) for root access, active since January 2026. CISA added a Microsoft SharePoint vulnerability (CVE-2026-20963) to its Known Exploited Vulnerabilities Catalog. Geopolitical: Tensions in the Gulf region are escalating, with Iran reportedly targeting energy sites, leading to a sharp spike in oil prices. These events underscore the urgent need for enhanced digital resilience and geopolitical stability.

#Cybersecurity #Geopolitics #AnonNews_irc

0
0
0
10h ago

Bluesky

Red Hot Cyber @redhotcyber.bsky.social

Microsoft SharePoint nel mirino: il CISA avverte lo sfruttamento del CVE-2026-20963 📌 Link all'articolo : www.redhotcyber.com/post/mic... #redhotcyber #news #cybersecurity #hacking #microsoftsharepoint #cisa #vulnerabilita #cve202620963

0
1
0
8h ago

piggo @pigondrugs.bsky.social

~Cisa~ CISA added actively exploited Microsoft SharePoint flaw CVE-2026-20963 to its KEV catalog. - IOCs: CVE-2026-20963 - #CVE202620963 #SharePoint #ThreatIntel

0
0
0
13h ago

Information Security Briefly @infosecbriefly.bsky.social

Microsoft SharePoint vulnerability CVE-2026-20963, a critical remote code execution flaw, is being exploited in the wild despite Microsoft's assessment indicating exploitation is less likely.

0
0
0
8h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

A critical Microsoft SharePoint flaw (CVE-2026-20963), patched in January, is now actively exploited on unpatched servers including SharePoint Enterprise 2016, 2019, and Subscription Edition. #CISA #SharePoint #USA

0
0
0
2h ago

CVE-2026-32746

Overview

GNU
inetutils

13 Mar 2026

Published

19 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.06%

MITRE

KEV

Description

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

Statistics

7 Posts
2 Interactions

Last activity: 12 hours ago

Fediverse

Miguel Afonso Caetano @remixtures

RT @TheHackersNews
⚠️ WARNING - An unpatched critical telnetd bug (CVE-2026-32746) lets attackers gain full system access with no credentials.

One connection to port 23 is enough to trigger memory corruption and execute code as root.

No patch yet. Prior telnet flaw is already exploited in the wild.

🔗Read → https://thehackernews.com/2026/03/critical-telnetd-flaw-cve-2026-32746.html

2
0
0
21h ago

Bluesky

Censys @censys.bsky.social

Critical vulnerability: CVE-2026-32746 is a pre-authentication remote code execution (RCE) in the telnet daemon 🛠️ Affects GNU Inetutils telnetd through version 2.7 🔎 Censys sees ~3,362 exposed hosts 🔴 Exploitation could grant an attacker control of the host censys.com/advisory/cve... #CVE202632746

0
0
0
20h ago

Michael Wyres @mwyr.es

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE Via Port 23 - https://mwyr.es/FHT9DxFj #thn #infosec

0
0
1
18h ago

/r/netsec @r-netsec-bot.bsky.social

CVE-2026-32746 GNU telnetd Buffer Overflow PoC - Critical (9.8)

0
0
1
17h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

A critical out-of-bounds write in GNU InetUtils telnetd's LINEMODE SLC handler (CVE-2026-32746) allows unauthenticated remote root code execution via initial Telnet handshake. #GNUInetUtils #RemoteExploit #LinuxSecurity

0
0
0
12h ago

CVE-2025-66376

Overview

Zimbra
Collaboration

05 Jan 2026

Published

19 Mar 2026

Updated

CVSS v3.1

HIGH (7.2)

EPSS

28.82%

MITRE

KEV

Description

Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message.

Statistics

5 Posts
1 Interaction

Last activity: 1 hour ago

Fediverse

TechNadu @technadu

CISA adds Zimbra XSS (CVE-2025-66376) to KEV.
Actively exploited.
Patch immediately.

Source: https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-adds-one-known-exploited-vulnerability-catalog

Follow TechNadu.

#InfoSec #VulnMgmt

0
1
0
2h ago

Bluesky

piggo @pigondrugs.bsky.social

~Cisa~ CISA added an actively exploited Zimbra Collaboration Suite XSS flaw to its KEV catalog. - IOCs: CVE-2025-66376 - #CVE2025_66376 #ThreatIntel #Zimbra

0
0
0
22h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

CISA mandates federal agencies to patch Zimbra Collaboration Suite servers by April 1 due to active exploitation of a stored XSS flaw via CSS @import in HTML emails (CVE-2025-66376). #ZimbraFlaw #USFed #XSSVulnerability

0
0
0
20h ago

Eyal Estrin ☁️ @eyalestrin.bsky.social

CISA orders feds to patch Zimbra XSS flaw exploited in attacks (CVE-2025-66376) #patchmanagement

0
0
0
1h ago

Modat @modat-io.bsky.social

⚠️ CISA added CVE-2025-66376 to KEV after active exploitation of Zimbra Collaboration Suite. A stored XSS in the Classic UI allows script injection via HTML emails; opening them can trigger in-session execution and enable mailbox access or session hijacking. Query: product="Zimbra Collaboration"

0
0
0
1h ago

CVE-2026-22557

Overview

Ubiquiti Inc
UniFi Network Application

19 Mar 2026

Published

19 Mar 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

Pending

MITRE

KEV

Description

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account.

Statistics

6 Posts
3 Interactions

Last activity: Last hour

Fediverse

Marcel Stritzelberger @marzlberger

@agitatra

CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVE: CVE-2026-22557 (n00r3(@izn0u))

0
1
0
2h ago

const_data @const_data

#infosec #cybersecurity #bugbounty

CVE-2026-22557

UniFi Network Application Path Traversal Account "Access Vulnerability"

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account.

0
1
0
1h ago

Maddy - ADHD-powered mess :neofox_googly_woozy: @maddy

Context: https://www.cve.org/CVERecord?id=CVE-2026-22557

0
0
0
Last hour

Günter Born @gborn

Setzt jemand die Ubiquiti UniFi Network Application ein? Es gibt zwei Schwachstellen CVE-2026-22557 (CVSS 3.1 10.0, ermöglicht Kontenübernahme), CVE-2026-22558 (CVSS 3.1 7.7 ermöglicht Rechteerweiterung) - patchen.

https://borncity.com/blog/2026/03/19/ubiquiti-unifi-network-application-schwachstellen-cve-2026-22557-cve-2026-22558/

0
1
1
17h ago

Bluesky

Cybersecurity News Everyday @hendryadrian.bsky.social

Ubiquiti patched two critical UniFi Network flaws including CVE-2026-22557, a max-severity path traversal vulnerability enabling account takeover without user interaction. Fixed in version 10.1.89+. #Ubiquiti #AccountTakeover #SecurityUpdate

0
0
0
1h ago

CVE-2026-20643

Overview

Apple
macOS

17 Mar 2026

Published

19 Mar 2026

Updated

CVSS

Pending

EPSS

0.03%

MITRE

KEV

Description

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2. Processing maliciously crafted web content may bypass Same Origin Policy.

Statistics

4 Posts
3 Interactions

Last activity: 4 hours ago

Bluesky

topickapp (IT技術系ニュースサイト) @topickapp.bsky.social

https://forest.watch.impress.co.jp/docs/news/2094087.html AppleがiOS/iPadOS/macOS向けに「バックグラウンドセキュリティ改善」を実施。これはSafari(WebKit)などで見つかる小規模なセキュリティ問題に迅速に対処する仕組みです。 Navigation APIの脆弱性(CVE-2026-20643)を解決し、Webサイト間での不正なデータやり取りを防ぎます。

1
1
0
12h ago

Information Security Briefly @infosecbriefly.bsky.social

Apple released a security update addressing CVE-2026-20643, a WebKit vulnerability allowing attackers to bypass the Same Origin Policy and access data from other websites through maliciously crafted web content.

0
1
0
8h ago

IT-Connect @it-connect.bsky.social

🍎 Apple a corrigé une faille sur iOS et macOS : CVE-2026-20643 L'installation est transparente pour l'utilisateur grâce à cette nouveauté. Ce qu'il faut savoir 👇 - www.it-connect.fr/apple-a-corr... #apple #infosec #cybersecurite

0
0
0
7h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Apple released patches for WebKit vulnerability CVE-2026-20643, fixing a critical Navigation API flaw that could bypass the Same Origin Policy on iOS, iPadOS, and macOS via improved input validation. #WebKitPatch #iOSSecurity #USA

0
0
0
4h ago

CVE-2026-33058

Overview

kanboard
kanboard

18 Mar 2026

Published

18 Mar 2026

Updated

CVSS v4.0

HIGH (8.4)

EPSS

0.02%

MITRE

KEV

Description

Kanboard is project management software focused on Kanban methodology. Versions prior to 1.2.51 have an authenticated SQL injection vulnerability. Attackers with the permission to add users to a project can leverage this vulnerability to dump the entirety of the kanboard database. Version 1.2.51 fixes the issue.

Statistics

4 Posts

Last activity: 6 hours ago

Fediverse

buherator @buherator

[RSS] Kanboard Authenticated SQL Injection CVE-2026-33058 Writeup

https://0dave.ch/posts/cve-2026-33058/

0
0
0
6h ago

Bluesky

/r/netsec @r-netsec-bot.bsky.social

Kanboard Authenticated SQL Injection CVE-2026-33058 Writeup

0
0
1
8h ago

buherator @buherator.bsky.social

[RSS] Kanboard Authenticated SQL Injection CVE-2026-33058 Writeup 0dave.ch -> Original->

0
0
0
6h ago

CVE-2026-33306

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

2 Posts
11 Interactions

Last activity: 18 hours ago

Fediverse

The JRuby Team @JRuby

Earlier today the JRuby team was informed of a low-severity vulnerability in the bcrypt-ruby gem. We worked with the library's maintainers to arrange a fix and disclosure. The issue is now fixed in versions 3.1.22 and higher. Exposure risk is low, but upgrading is recommended.

CVE-2026-33306: Integer Overflow Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby

https://github.com/bcrypt-ruby/bcrypt-ruby/security/advisories/GHSA-f27w-vcwj-c954

3
5
0
18h ago

Bluesky

The JRuby Project @jrubyproject.bsky.social

Today we were informed of a low-severity vulnerability in the bcrypt-ruby gem. We worked with the maintainers to arrange a fix. Upgrading is recommended. CVE-2026-33306: Integer Overflow Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby github.com/bcrypt-ruby/...

2
1
0
18h ago