Overview
Description
Statistics
- 7 Posts
- 18 Interactions
Fediverse
Ah! The nginx updates fixing CVE-2026-42945 have arrived for my RHEL (Red Hat Enterprise Linux) machines. So. `dnf update` and `reboot` to get them installed. Safe again, for the moment :)
[Related]
L'exploitation sur internet de CVE-2026-42945 aka NGINX RIFT https://depthfirst.com/nginx-rift aurait commencé selon VulnCheck
⬇️
"Exploitation of Critical NGINX Vulnerability Begins"
"The flaw leads to denial-of-service on default configurations and to remote code execution if ASLR is disabled.
"
"Shortly after F5 released patches for the bug, Depthfirst published technical details and proof-of-concept (PoC) code targeting it. Now, VulnCheck says threat actors are already exploiting the issue in attacks.
“We’re seeing active exploitation of CVE-2026-42945 in F5 NGINX, a heap buffer overflow affecting both NGINX Plus and NGINX Open Source on VulnCheck Canaries just days after the CVE was published,” VulnCheck researcher Patrick Garrity warned. ( https://www.linkedin.com/posts/patrickmgarrity_cybersecurity-threatintelligence-riskmanagement-share-7461369931851517952-PBjV/ ) "
👇
https://www.securityweek.com/exploitation-of-critical-nginx-vulnerability-begins
Malcolm v26.05.1 is out?!? What, already? Déjà vu? We bumped up to the timetable on this release as a critical vulnerability found in NGINX made it expedient for us to do so.
Malcolm v26.05.1 focuses heavily on security updates, most notably upgrading OpenResty to address a critical NGINX remote code execution heap buffer overflow vulnerability. It also adds new Suricata OT detections for D-Link HNAP abuse, improves alerting webhook support, introduces the File Tree dashboard, and includes Suricata parsing/mapping fixes and documentation updates. Several other components received version bumps as well.
If you are upgrading from an existing Malcolm installation, run ./scripts/status for Malcolm to migrate some settings prior to running ./scripts/configure, ./scripts/start, or other Malcolm control scripts.
https://github.com/idaholab/Malcolm/compare/v26.05.0...v26.05.1
- ✨ Features and enhancements
- Improvements to alerting loopback webhook API endpoint (#971) (see also this discussion)
- Add Suricata OT rules for D-Link HNAP abuse detection (#969) (Suricata detection for GHSA-m69q-2cfc-q63c / CVE-2026-8260; thanks @sercanokur)
- Added the File Tree visualization dashboard which presents a hierarchical breakdown of files observed in network traffic, particularly with regards to archived files such as ZIP files or tarballs, allowing parent/child relationships between nested files to be explored. (thanks @sbhiens25)
- ✅ Component version updates
- Filebeat to v9.4.1
- Fluent Bit to v5.0.5
- GitPython to v3.1.50 to address high vulnerabilities CVE-2026-44244, CVE-2026-44243, and CVE-2026-42284
- Logstash to v9.4.1
- NetBox to v4.5.x (#955)
- This is a major NetBox release, up from v4.4.10. It's recommended that you back up your NetBox database before upgrading.
- these NetBox plugins were also updated:
- netbox-initializers to v4.5.1
- netbox-topology-views to v4.5.1
- Device-Type-Library-Import switched to marcinpsk/Device-Type-Library-Import fork
- thanks to @boscard in this discussion for some tips on running NetBox docker on a base path.
- OpenResty to v1.29.2.4, which, in addition to other fixes and changes, addresses the following CVEs
- critical: RCE heap buffer overflow vulnerability in NGINX CVE-2026-42945 (#976)
- high: Buffer overflow in ngx_http_dav_module CVE-2026-27654
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-27784
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-32647
- high: NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651
- medium: Injection in auth_http and XCLIENT CVE-2026-28753
- medium: OCSP result bypass in stream CVE-2026-28755
- high: SSL upstream injection CVE-2026-1642
- urllib3 to v2.7.0 to address high vulnerabilities CVE-2026-44431 and CVE-2026-44432
- 🐛 Bug fixes
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
filescan's python-statfs (#960 #962) - Added a few missing Suricata fields (
suricata.tc_progress,suricata.ts_progress,suricata.tunnel.pcap_cnt,suricata.tunnel.pkt_src) to the index mapping template - When
suricata.app_proto_tsand/orsuricata.app_proto_tcreported that protocol parsing had failed (due to malformed input data), invalid data could be stored in HTTP, DNS, and/or TLS fields. This is now detected and those invalid values are dropped, and some combination ofproto_parse_failed,client_stream_failed, orserver_stream_failedare added totags. - Suricata's HTTP version was not being normalized to
network.protocol_version.
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
- 🧹 Code and project maintenance
- Added Malcolm Dashboard Reference to documentation
- Completely rewrote Upgrading Malcolm in documentation
- Updated links to protocols page in documentation for new Arkime protocol support (thanks @awick)
Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.
Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.
Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.
As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.
#Malcolm #HedgehogLinux #Zeek #Arkime #Strelka #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL
Bluesky
Overview
- kovidgoyal
- kitty
Description
Statistics
- 2 Posts
- 12 Interactions
Fediverse
@cR0w @catsalad shitpost replacement service!
Just a 9.9 but nevertheless:
https://db.gcve.eu/vuln/cve-2026-33642
Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check
:ablobcatbongo:
⚠️ CRITICAL: kitty terminal <0.47.0 vulnerable to integer overflow (CVE-2026-33642). Malicious escape sequences can cause heap memory corruption — no user action needed. Upgrade to 0.47.0+ now! https://radar.offseq.com/threat/cve-2026-33642-cwe-190-integer-overflow-or-wraparo-3fc58bfe #OffSeq #Vuln #KittyTerminal #Infosec
Overview
Description
Statistics
- 2 Posts
- 2 Interactions
Fediverse
Publicado el PoC de DirtyDecrypt para la vulnerabilidad de LPE CVE-2026-31635 en el kernel de Linux
https://blog.elhacker.net/2026/05/publicado-el-poc-de-dirtydecrypt-para.html
Overview
- Universal Robots
- PolyScope 5
Description
Statistics
- 2 Posts
Fediverse
⚠️ CRITICAL: CVE-2026-8153 affects Universal Robots PolyScope 5 — OS command injection via Dashboard Server lets unauthenticated attackers control cobots on internal networks. Patch to v5.25.1 now! https://radar.offseq.com/threat/critical-vulnerability-exposes-industrial-robot-fl-d5e8e072 #OffSeq #ICS #Robotics #Security
Overview
Description
Statistics
- 5 Posts
- 30 Interactions
Fediverse
📝🚨 New blog post: How a bug in Archive Utility allowed access to protected app data (including iMessage and WhatsApp chats, and Safari cookies) without any permissions.
The bug could also be exploited to hijack installed apps such as Signal and 1Password to perform phishing attacks.
Apple fixed the issue in macOS 26.4 as CVE-2026-28910, five months after we reported it
macOS Bug Lets Attackers Hijack Background Apps to Spy on Clipboard — Fixed in 26.4 (CVE-2026-28910)
Overview
Description
Statistics
- 1 Post
- 12 Interactions
Fediverse
We released Ruby 4.0.5 and published security advisory for CVE-2026-46727.
If you use Ruby 4.0.0~4.0.4, we recommend updating your Ruby version to 4.0.5.
https://www.ruby-lang.org/en/news/2026/05/20/ruby-4-0-5-released/
Overview
Description
Statistics
- 2 Posts
Fediverse
A Linuxnak sok előnye van, de vannak néha hátrányai is.
A most előjött CVE-2026-31431-nek hála... nagyon sok rendszert kell frissítenem... -.-'
Azt hiszem, erre is kellene egy automatizáló rendszert beállítanom, mint a Wordpresshez létező #InfiniteWP.
Please read this important update from #CheckPoint:
Check Point Response to CVE-2026-31431 (Copy Fail), CVE-2026-43284, CVE-2026-43500 (Dirty Frag) and CVE-2026-46300 (Fragnesia)
Overview
- Chroma
- ChromaDB
- chromadb
Description
Statistics
- 2 Posts
- 1 Interaction
Bluesky
Overview
- Red Hat
- Red Hat Hardened Images
- libxml2-main
Description
Statistics
- 1 Post
- 1 Interaction
Overview
Description
Statistics
- 1 Post
- 1 Interaction