24h | 7d | 30d

CVE-2026-48558

Overview

SimpleHelp
SimpleHelp

12 Jun 2026

Published

30 Jun 2026

Updated

CVSS v4.0

CRITICAL (9.5)

EPSS

1.22%

MITRE

KEV

Description

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacker can submit a forged token containing arbitrary identity claims to obtain a fully authenticated technician session. In some configurations, this may also allow bypass of multi-factor authentication. No user interaction is required.

Statistics

19 Posts
1 Interaction

Last activity: 2 hours ago

Fediverse

Daily CyberSecurity @DailyCyberSecurity

CVE-2026-48558, a SimpleHelp authentication bypass, is exploited in the wild to deploy TaskWeaver and Djinn Stealer. CISA added it to KEV. Patch now.

#SimpleHelp #CVE202648558 #InfoStealer #RMMSecurity #ExploitedInTheWild #CyberSecurity

https://securityonline.info/simplehelp-authentication-bypass-exploited/?utm_source=mastodon&utm_medium=jetpack_social

1
0
0
14h ago

Michael I Ransier @thecybermind

🚨 CRITICAL RMM ALERT: CISA has added CVE-2026-48558 (SimpleHelp Admin Bypass) to the KEV matrix. Attackers are forging tokens to hijack environments. Lock down your perimeter. Full T-SUITE forensic detection logs, n8n playbooks, and mitigation scripts are live: https://thecybermind.co/jily

0
0
0
12h ago

Michael I Ransier @thecybermind

🚨 EXECUTIVE ALERT: CISA has added CVE-2026-48558 (SimpleHelp Bypass) to the KEV matrix. This is a critical governance emergency exposing entire client supply chains to hijacking. Protect your enterprise assets now. Full C-SUITE risk management directives are live: https://thecybermind.co/jily

0
0
0
10h ago

ekiledjian @edwardk

Attackers are exploiting the CVE-2026-48558 authentication bypass vulnerability in SimpleHelp RMM to deploy Djinn Stealer, a sophisticated malware targeting sensitive data across Windows, macOS, and Linux systems. This credential-harvesting campaign leverages trusted support sessions to steal information from cloud platforms, development tools, and cryptocurrency wallets.
https://www.helpnetsecurity.com/2026/06/30/simplehelp-vulnerability-exploited-cve-2026-48558/

0
0
0
3h ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

Threat actors exploit CVE-2026-48558 in SimpleHelp RMM to gain admin access, deploy TaskWeaver and Djinn Stealer, and exfiltrate extensive developer and AI assistant data.

0
0
0
19h ago

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Jun 29) CVE-2026-48558 SimpleHelp認証バイパスの脆弱性 www.cisa.gov/news-events/...

0
0
0
15h ago

kripta.biz @kriptabiz.bsky.social

Уязвимость CVE-2026-48558 в SimpleHelp: как злоумышленники развертывают TaskWeaver и Djinn Stealer https://kripta.biz/posts/0B94B83C-28FB-433C-B8F5-AB2630274F1D

0
0
0
2h ago

kripta.biz @kriptabiz.bsky.social

Уязвимость CVE-2026-48558 в SimpleHelp RMM: обход аутентификации OIDC и последствия для ИТ-инфраструктуры https://kripta.biz/posts/DF2F4104-A19F-49C4-98D3-2CF5CB6222B2

0
0
0
3h ago

qian.cx @qiancx.bsky.social

深度解析SimpleHelp RMM CVE-2026-48558漏洞:OIDC认证绕过攻击的技术细节与防护策略 https://qian.cx/posts/99EFDF0B-4856-41DE-AF9C-76BD0A0347C6

0
0
0
3h ago

Ninja Owl @ninjaowl.ai

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
3h ago

ReconBee @reconbee.bsky.social

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer reconbee.com/attackers-ex... #cyberattack #TaskWeaver #Djinnstealer #cybersecurity #SimpleHelp

0
0
0
3h ago

All About Security @allaboutsecurity.bsky.social

SimpleHelp-Sicherheitslücke CVE-2026-48558: Authentifizierung lässt sich ohne gültige Zugangsdaten umgehen www.all-about-security.de/simplehelp-s...

0
0
1
3h ago

AlphaHunt Converge @alphahunt.io

CISA KEV — CVE-2026-48558 exploitation status and July 2 due date: www.cisa.gov/known-exploi... SimpleHelp Security Update 2026-05 — vendor fix path: simple-help.com/security/sim... Microsoft Security Blog — AI-branded Chromium extension search-interception: www.microsoft.com/en-us/securi...

0
0
0
4h ago

AlphaHunt Converge @alphahunt.io

Today’s #CTI Brief for 2026-06-30: SimpleHelp CVE-2026-48558 is now in CISA KEV with a July 2 due date. In vulnerable OIDC configs, forged identity-token claims can become a technician session in an RMM tool. #Cybersecurity #ThreatIntel #CISA

0
0
0
4h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Critical SimpleHelp flaw CVE-2026-48558 lets attackers bypass auth, forge technician sessions, and deliver TaskWeaver and Djinn Stealer via exposed servers. #SimpleHelp #TaskWeaver #DjinnStealer

0
0
0
4h ago

Information Security Briefly @infosecbriefly.bsky.social

An unauthenticated attacker exploited CVE-2026-48558 in SimpleHelp to gain technician access and deploy TaskWeaver and Djinn Stealer malware.

0
0
0
4h ago

Help Net Security @helpnetsecurity.com

SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558) 📖 Read more: www.helpnetsecurity.com/2026/06/30/s... #cybersecurity #cybersecuritynews #credentials #datatheft #malware #MSP #remotemanagement #vulnerability @horizon3ai.bsky.social

0
0
0
5h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-48558 lets attackers forge OIDC identity tokens to gain fully authenticated technician sessions in SimpleHelp RMM, enabling file transfer, command execution, and malware deployment.

0
0
0
7h ago

CVE-2026-46817

Overview

Oracle Corporation
Oracle Payments

28 May 2026

Published

29 May 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.68%

MITRE

KEV

Description

Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Statistics

17 Posts
8 Interactions

Last activity: 2 hours ago

Fediverse

N_{Dario Fadda} @nuke

Hackers Actively Exploit CVE-2026-46817 in Oracle E-Business Suite — 456 Attacks Recorded in 24 Hours
#CyberSecurity
https://securebulletin.com/hackers-actively-exploit-cve-2026-46817-in-oracle-e-business-suite-456-attacks-recorded-in-24-hours/

5
0
0
6h ago

ekiledjian @edwardk

Attackers are actively exploiting CVE-2026-46817, a critical vulnerability in Oracle E-Business Suite that allows unauthenticated remote takeover of Oracle Payments. Users are urged to apply the patches released in the May 2026 Critical Patch Update immediately to secure their systems.
https://securityaffairs.com/194463/security/attackers-actively-exploit-the-oracle-e-business-suite-flaw-cve-2026-46817.html

0
0
0
3h ago

Bluesky

Red Siege @redsiege.com

Oracle's critical E-Business Suite flaw (CVE-2026-46817) is now being actively exploited, allowing attackers to take over unpatched systems without authentication. Oracle released a patch in May, but organizations that haven't updated remain at risk. www.bleepingcomputer.com/news/securit...

0
2
0
22h ago

The IT Nerd @theitnerd.ca

Attackers exploit critical Oracle E-Business vulnerabilitie Threat intel company Defused has reported that attackers are exploiting a critical vulnerability which is named CVE-2026-46817 in the Oracle E-Business Suite (EBS) financial application....

0
1
1
20h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Hackers are actively exploiting CVE-2026-46817 in Oracle E-Business Suite, hitting the Payments File Transmission component to enable unauthenticated takeover over HTTP. Oracle has issued patches. #Oracle #CVE202646817 #OracleEBusinessSuite

0
0
0
22h ago

Ninja Owl @ninjaowl.ai

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
2h ago

Information Security Briefly @infosecbriefly.bsky.social

Unauthenticated HTTP exploitation of Oracle E-Business Suite Payments vulnerability CVE-2026-46817 can lead to Oracle Payments takeover; patch immediately.

0
0
0
4h ago

qian.cx @qiancx.bsky.social

深度解析Oracle E-Business Suite漏洞CVE-2026-46817:攻击者如何利用该漏洞及企业如何防护 https://qian.cx/posts/1A470233-6FCB-4AB7-85BB-D497B30F2927

0
0
0
5h ago

kripta.biz @kriptabiz.bsky.social

Активная эксплуатация уязвимости Oracle E-Business Suite CVE-2026-46817: угрозы и меры защиты https://kripta.biz/posts/D915D708-B59D-41DF-B9FA-185395334FE7

0
0
1
5h ago

qian.cx @qiancx.bsky.social

Oracle E-Business Suite漏洞CVE-2026-46817被广泛利用:企业如何应对这一严重威胁? https://qian.cx/posts/826823B2-4D4D-4394-A1DE-4126802DCBB5

0
0
0
9h ago

qian.cx @qiancx.bsky.social

Oracle E-Business Suite 严重漏洞 CVE-2026-46817 爆发式利用:企业如何应对高危威胁? https://qian.cx/posts/9E7674DC-C754-4C7C-AAF6-2F41389E2FC3

0
0
0
9h ago

kripta.biz @kriptabiz.bsky.social

Критическая уязвимость в Oracle E-Business Suite: CVE-2026-46817 и её последствия https://kripta.biz/posts/1ED13756-2DB3-40E0-AFE8-C679458FE402

0
0
0
9h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-46817 is a critical Oracle Payments flaw actively exploited in the wild, enabling unauthenticated network access over HTTP to take over vulnerable instances.

0
0
0
10h ago

softfantw.eurosky.social @softfantw.eurosky.social

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild thehackernews.com/2026/06/orac...

0
0
0
10h ago

Bitnewsbot @bitnewsbot.bsky.social

A critical flaw in Oracle Payments (CVE-2026-46817) is being actively exploited to take over unpatched Oracle E-Business Suite instances. The […]

0
0
0
11h ago

CVE-2026-8037

Overview

Progress Software
LoadMaster

04 Jun 2026

Published

30 Jun 2026

Updated

CVSS v3.1

CRITICAL (9.6)

EPSS

1.87%

MITRE

KEV

Description

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

Statistics

7 Posts
2 Interactions

Last activity: 5 hours ago

Fediverse

DragonJAR @dragonjar

Las últimas 24 horas en seguridad informática revelan técnicas avanzadas de evasión EDR con modelos de lenguaje grande y manipulaciones sistémicas como HookChain y Lacuna Chain, junto a alertas por extensiones maliciosas en Chrome y una grave vulnerabilidad en Progress Kemp LoadMaster que permite ejecución remota sin autenticación. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 30/06/26 📆 |====

🔍 ACELERACIÓN DE LA EVASIÓN EDR CON ANÁLISIS IMPULSADO POR LLM

SpecterOps ha utilizado modelos de lenguaje grande (LLMs) para analizar Cortex XDR, extrayendo reglas YARA, modelos de machine learning y detecciones de comportamiento con mayor rapidez y precisión. Esta técnica abre nuevas vías para comprender y fortalecer las defensas EDR frente a amenazas avanzadas. Profundiza en cómo los LLMs están transformando la seguridad endpoint 👉 https://djar.co/rlDDng

⚠️ EXTENSIÓN MALICIOSA DE PERPLEXITY PARA CHROME INTERCEPTA BÚSQUEDAS Y ENTRADAS EN LA BARRA DE DIRECCIONES

Microsoft ha detectado una extensión falsa de Perplexity para Chrome que intercepta la información ingresada por el usuario, incluidos términos de búsqueda, direcciones IP y encabezados, antes de redirigir a sitios maliciosos. Esta amenaza pone en riesgo la privacidad y seguridad de los navegadores, por lo que es crucial verificar la autenticidad de las extensiones instaladas. Descubre cómo protegerte frente a esta amenaza 👉 https://djar.co/KRJDD

🛡️ HOOKCHAIN: ANÁLISIS PROFUNDO DE TÉCNICAS AVANZADAS PARA EVADIR EDR

HookChain representa una sofisticada técnica para evadir soluciones EDR mediante el uso de API de Windows y la manipulación directa de llamadas al sistema. Este método permite que el malware se oculte eficazmente evitando la detección y respuesta de seguridad habitual. Entiende los detalles técnicos y casos reales para anticiparte a esta evasión 👉 https://djar.co/PfjW

👻 LACUNA CHAIN: FRAMES FANTASMAS PARA VENCER TODAS LAS CAPAS DE DETECCIÓN EDR BASADAS EN PILA DE LLAMADAS

Como evolución de HookChain, Lacuna Chain implementa manipulación avanzada del sistema para derrotar todas las capas de detección que analizan la pila de llamadas en EDR. Esta técnica demuestra cómo los atacantes pueden esquivar controles profundos, exigiendo defensas más robustas y adaptativas. Conoce cómo funciona esta nueva amenaza y cómo prepararte 👉 https://djar.co/1eteTF

🎯 GARLASCO: “LOS SUPER SOFTWARES ISRAELÍES PUEDEN AYUDAR A BUSCAR LA VERDAD” EN INVESTIGACIONES DE CIBERSEGURIDAD

Matteo Adjimi, CEO de Argo Spa, destaca las complejidades que enfrentan las investigaciones en ciberseguridad tras años de evolución tecnológica y cómo el software avanzado israelí puede aportar claridad y eficacia en la búsqueda de evidencias digitales. Una visión clave para quienes valoran la innovación en seguridad y análisis forense digital. Lee la entrevista completa y sus perspectivas 👉 https://djar.co/bTu8

🚨 CVE-2026-8037 EN PROGRESS KEMP LOADMASTER PERMITE EJECUCIÓN DE COMANDOS RAÍZ SIN AUTENTICACIÓN

Se ha identificado una grave vulnerabilidad en Progress Kemp LoadMaster que permite la ejecución de comandos raíz previos a autenticación mediante la API, exponiendo sistemas críticos. Ya existen parches oficiales y una prueba de concepto pública para evaluar la amenaza. Es urgente aplicar las actualizaciones recomendadas para evitar compromisos. Consulta los detalles técnicos y las mitigaciones 👉 https://djar.co/BNnf

0
1
0
5h ago

Bluesky

/r/netsec @r-netsec-bot.bsky.social

Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs

0
1
2
21h ago

qian.cx @qiancx.bsky.social

CVE-2026-8037漏洞揭秘:Kemp LoadMaster API严重漏洞的影响与应对策略 https://qian.cx/posts/C1E71FAC-5F8F-48B8-84DC-ADC1EC0CBE70

0
0
0
6h ago

kripta.biz @kriptabiz.bsky.social

Критическая уязвимость CVE-2026-8037 в Progress Kemp LoadMaster: угроза и способы защиты https://kripta.biz/posts/991C109A-D7C3-4285-9EE1-62009B337AAC

0
0
0
6h ago

Information Security Briefly @infosecbriefly.bsky.social

Unauthenticated attackers can exploit CVE-2026-8037 in Progress Kemp LoadMaster to execute arbitrary root commands via a crafted API request.

0
0
0
7h ago

CVE-2026-55200

Overview

libssh2
libssh2

17 Jun 2026

Published

30 Jun 2026

Updated

CVSS v4.0

CRITICAL (9.2)

EPSS

0.92%

MITRE

KEV

Description

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper bounds on packet_length field. Remote attackers can send crafted SSH packets with excessively large packet_length values to corrupt heap memory and achieve remote code execution.

Statistics

6 Posts
4 Interactions

Last activity: Last hour

Fediverse

:awesome:🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉 @nemo

🚨 Kritische libssh2-Lücke: Ein Proof-of-Concept-Exploit wurde veröffentlicht. Ursache: fehlende Begrenzung von „packet_length“ in ssh2_transport_read()—Angreifer können manipulierte SSH-Pakete senden und Speicher auf dem Heap durcheinanderbringen (CVE-2026-55200, CVSS 9.8). Update prüfen: https://www.heise.de/news/Kritische-libssh2-Luecke-Proof-of-Concept-Exploit-veroeffentlicht-11347855.html 🔐 #CyberSecurity #Vulnerability #CVE #SSH #libssh2

2
0
0
8h ago

:awesome:🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉 @nemo

🚨 Critical update: A proof-of-concept exploit has been released for a libssh2 vulnerability (CVE-2026-55200, CVSS 9.8). Attackers can abuse oversized SSH “packet_length” to corrupt heap memory. 📌 Patch status varies—check updates now: https://www.heise.de/en/news/Critical-libssh2-vulnerability-Proof-of-concept-exploit-released-11347906.html #CyberSecurity #Vulnerability #libssh2 #CVE

1
0
0
8h ago

Bluesky

Tech-News @technology-news.bsky.social

A public PoC for CVE-2026-55200 exposes a critical libssh2 flaw that can let a malicious SSH server corrupt client memory.

0
1
0
Last hour

Ninja Owl @ninjaowl.ai

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
18h ago

kripta.biz @kriptabiz.bsky.social

Уязвимость CVE-2026-55200 в libssh2: угроза для SSH-соединений и способы защиты https://kripta.biz/posts/D9744011-2C3D-4BEE-AEAF-67EE82D4D9F7

0
0
0
9h ago

ohhara @shiojiri.com

匿名の研究者がゼロデイ数件をGitHubリポジトリで公開（CVE-2026-55200、CVE-2026-20896） | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/46394/

0
0
0
10h ago

CVE-2026-43503

Overview

Linux
Linux

23 May 2026

Published

30 Jun 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.13%

MITRE

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()->flags when moving frags from source to destination. __pskb_copy_fclone() defers the rest of the shinfo metadata to skb_copy_header() after copying frag descriptors, but that helper only carries over gso_{size,segs, type} and never touches skb_shinfo()->flags; skb_shift() moves frag descriptors directly and leaves flags untouched. As a result, the destination skb keeps a reference to the same externally-owned or page-cache-backed pages while reporting skb_has_shared_frag() as false. The mismatch is harmful in any in-place writer that uses skb_has_shared_frag() to decide whether shared pages must be detoured through skb_cow_data(). ESP input is one such writer (esp4.c, esp6.c), and a single nft 'dup to <local>' rule -- or any other nf_dup_ipv4() / xt_TEE caller -- is enough to land a pskb_copy()'d skb in esp_input() with the marker stripped, letting an unprivileged user write into the page cache of a root-owned read-only file via authencesn-ESN stray writes. Set SKBFL_SHARED_FRAG on the destination whenever frag descriptors were actually moved from the source. skb_copy() and skb_copy_expand() share skb_copy_header() too but linearize all paged data into freshly allocated head storage and emerge with nr_frags == 0, so skb_has_shared_frag() returns false on its own; they need no change. The same omission exists in skb_gro_receive() and skb_gro_receive_list(). The former moves the incoming skb's frag descriptors into the accumulator's last sub-skb via two paths (a direct frag-move loop and the head_frag + memcpy path); the latter chains the incoming skb whole onto p's frag_list. Downstream skb_segment() reads only skb_shinfo(p)->flags, and skb_segment_list() reuses each sub-skb's shinfo as the nskb -- both p and lp must carry the marker. The same omission also exists in tcp_clone_payload(), which builds an MTU probe skb by moving frag descriptors from skbs on sk_write_queue into a freshly allocated nskb. The helper falls into the same family and warrants the same fix for consistency; no TCP TX-side in-place writer is currently known to reach a user page through this gap, but a future consumer depending on the marker would regress silently. The same omission exists in skb_segment(): the per-iteration flag merge takes only head_skb's flag, and the inner switch that rebinds frag_skb to list_skb on head_skb-frags exhaustion does not fold the new frag_skb's flag into nskb. Fold frag_skb's flag at both sites so segments drawing frags from frag_list members carry the marker.

Statistics

6 Posts
3 Interactions

Last activity: 10 hours ago

Fediverse

Sam Stepanyan :verified: 🐘 @securestep9

#Linux: New DirtyClone Linux Kernel #Vulnerability Lets Local Users Gain Root via Cloned Packets (CVE-2026-43503):
👇
https://thehackernews.com/2026/06/new-dirtyclone-linux-kernel-flaw-lets.html

1
1
1
18h ago

Dark Web Informer :verified_paw: @DarkWebInformer

‼️ CVE-2026-43503: Python PoC for DirtyClone, a Linux kernel LPE via page-cache corruption exploit

GitHub: https://github.com/entra1337/DirtyClone

0
1
0
21h ago

Bluesky

ohhara @shiojiri.com

root権限取得につながるLinuxカーネルの脆弱性「DirtyClone」 PoCコードが公開される（CVE-2026-43503） | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/46404/

0
0
0
10h ago

CyberVeille @cyberveille-ch.bsky.social

📢 DirtyClone (CVE-2026-43503) : LPE Linux via corruption du page cache par IPsec 📝 ## 🔍 Contexte Publié le 25 juin 2026 par les chercheurs Eddy Tsalolikh… https://cyberveille.ch/posts/2026-06-29-dirtyclone-cve-2026-43503-lpe-linux-via-corruption-du-page-cache-par-ipsec/ #CVE_2026_43284 #Cyberveille

0
0
0
23h ago

r/blueteamsec bot @r-blueteamsec.bsky.social

pagecache-lpe-containment-kit: Educational, defensive kit for two Linux page-cache-corruption LPEs (DirtyClone CVE-2026-43503, pedit COW CVE-2026-46331): hardening, detection, verification, seccomp + validation harness. Detection and prevention only — no exploit code. TLP:CLEAR.

0
0
0
21h ago

CVE-2026-46331

Overview

Linux
Linux

16 Jun 2026

Published

30 Jun 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.26%

MITRE

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcf_pedit_act() computes the COW range for skb_ensure_writable() once before the key loop using tcfp_off_max_hint, but the hint does not account for the runtime header offset added by typed keys. This can leave part of the write region un-COW'd. Fix by moving skb_ensure_writable() inside the per-key loop where the actual write offset is known, and add overflow checking on the offset arithmetic. For negative offsets (e.g. Ethernet header edits at ingress), use skb_cow() to COW the headroom instead. Guard offset_valid() against INT_MIN, where negation is undefined.

Statistics

4 Posts
3 Interactions

Last activity: 8 hours ago

Fediverse

:awesome:🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉 @nemo

Root-Zugriff ist möglich: Exploits zu CVE-2026-46331 (Linux-Kernel) wurden geleakt und betreffen u.a. Debian, Ubuntu & RHEL. Ein Patch ist teils schon drin, Updates fehlen aber noch nicht überall—Admins sollten schnell absichern. 🔧🚨 https://www.golem.de/news/root-zugriff-moeglich-exploits-fuer-gefaehrliche-luecke-im-linux-kernel-geleakt-2606-210283.html #Linux #Security #CVE #SysAdmin

3
0
0
8h ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 CVE-2026-46331 ' pedit COW ' : élévation de privilèges root dans le noyau Linux 📝 ## 🔍 Contexte Source : The Hacker News, publiée le 26 juin 2026. https://cyberveille.ch/posts/2026-06-29-cve-2026-46331-pedit-cow-elevation-de-privileges-root-dans-le-noyau-linux/ #CVE_2026_46331 #Cyberveille

0
0
0
23h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

Linux カーネルの act_pedit モジュールに脆弱性(CVE-2026-46331)-RHEL・Debian・Ubuntu 全バージョンに影響 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews

0
0
0
18h ago

r/blueteamsec bot @r-blueteamsec.bsky.social

0
0
0
21h ago

CVE-2026-35273

Overview

Oracle Corporation
PeopleSoft Enterprise PeopleTools

11 Jun 2026

Published

13 Jun 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

92.33%

MITRE

KEV

Description

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Statistics

4 Posts
7 Interactions

Last activity: 3 hours ago

Fediverse

DevaOnBreaches @DevaOnBreaches

Nissan disclosed a #databreach after attackers exploited the #Oracle PeopleSoft zero-day (CVE-2026-35273) in a campaign linked to ShinyHunters. The breach may have exposed employee personal, payroll, banking, tax, and ID data across the U.S., Canada, Mexico, and Brazil.

https://www.bleepingcomputer.com/news/security/nissan-discloses-employee-data-breach-linked-to-oracle-zero-day-attacks/

4
0
0
17h ago

DevaOnBreaches @DevaOnBreaches

NAIC, the U.S. insurance regulator, disclosed a #databreach after #ShinyHunters exploited the #Oracle PeopleSoft zero-day (CVE-2026-35273). NAIC said the attackers accessed only public reports, outdated logs, and configuration files,

https://www.bleepingcomputer.com/news/security/naic-says-public-data-stolen-in-shinyhunters-peoplesoft-breach/

1
0
0
17h ago

Bluesky

Hackmanac @hackmanac.com

🚨Cyber Alert ‼️ 🇺🇸🇨🇦🇲🇽🇧🇷 - 𝗡𝗶𝘀𝘀𝗮𝗻 𝗔𝗺𝗲𝗿𝗶𝗰𝗮𝘀 Nissan Americas disclosed a data breach after hackers exploited the Oracle PeopleSoft zero-day (CVE-2026-35273), potentially exposing current and former employees' personal, financial, tax, and identification data across the U.S., Canada, Mexico, and Brazil.

1
1
0
10h ago

Undercode Testing @undercode.bsky.social

Oracle PeopleSoft Zero-Day CVE-2026-35273: How a 98 CVSS Flaw Exposed Nissan Employee Data and What You Must Do Now Introduction The line between a patched vulnerability and a catastrophic data breach is often measured in days—and for Nissan, that window closed with devastating consequences.…

0
0
0
3h ago

CVE-2026-12243

Overview

nltk
nltk/nltk

30 Jun 2026

Published

30 Jun 2026

Updated

CVSS v3.0

HIGH (7.5)

EPSS

0.49%

MITRE

KEV

Description

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504. The `_UNSAFE_NO_PROTOCOL_RE` regex in `nltk/data.py` checks for literal `../` sequences but fails to account for percent-encoded traversal sequences such as `..%2f`. The `url2pathname()` function decodes these sequences after the validation step, allowing an attacker to bypass the protection. This vulnerability enables an attacker to read arbitrary files accessible to the Python process by controlling the resource name parameter passed to `nltk.data.load()` or `nltk.data.find()`. The issue affects applications that rely on NLTK for resource loading, including NLP web applications, Jupyter notebooks, and CLI tools. The default `pathsec.ENFORCE=False` setting exacerbates the impact by not blocking the file read at the `open()` stage.

Statistics

3 Posts
1 Interaction

Last activity: 14 hours ago

Fediverse

OffSequence @offseq

CVE-2026-12243: NLTK 3.9.4 suffers from a HIGH severity path traversal bug — percent-encoded sequences like ..%2f bypass directory checks, allowing arbitrary file reads in NLP apps/Jupyter/CLI. Audit usages & restrict resource loading. https://radar.offseq.com/threat/cve-2026-12243-cwe-22-improper-limitation-of-a-pat-3eae11979fc43a41 #OffSeq #NLTK #Python

1
0
0
15h ago

Bluesky

qian.cx @qiancx.bsky.social

深度解析CVE-2026-12243:NLTK 3.9.4路径遍历漏洞的成因与防范策略 https://qian.cx/posts/893F8E4D-CCA5-47EB-B2FE-7CD766A875E5

0
0
0
14h ago

kripta.biz @kriptabiz.bsky.social

Уязвимость CVE-2026-12243 в NLTK 3.9.4: угроза path traversal и способы защиты https://kripta.biz/posts/D8109989-D984-4F37-B7BF-7B36809D1F96

0
0
0
14h ago

CVE-2026-33825

Overview

Microsoft
Microsoft Defender Antimalware Platform

14 Apr 2026

Published

19 Jun 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

6.75%

MITRE

KEV

Description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Statistics

5 Posts
2 Interactions

Last activity: 1 hour ago

Bluesky

BaseFortify.eu @basefortify.bsky.social

📈 One interesting aspect of CVE-2026-33825 is how the risk evolved over time: • Public PoC released • KEV inclusion • Active exploitation • Reported ransomware usage Threat intelligence is not static. #CyberSecurity #ThreatIntel #KEV #InfoSec

0
1
0
2h ago

BaseFortify.eu @basefortify.bsky.social

🚨 A vulnerability in Microsoft Defender is now reportedly being used in ransomware attacks. CVE-2026-33825 evolved quickly from a local privilege escalation issue into a much more operationally significant threat. 👇 basefortify.eu/posts/2026/0... #CyberSecurity #Microsoft #Ransomware #CVE

0
1
0
2h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-33825 (BlueHammer) is being exploited in ransomware campaigns, leading CISA to update its KEV entry despite uncertainty about which group uses it.

0
0
0
2h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

CISA says ransomware gangs are exploiting BlueHammer, a Microsoft Defender flaw tracked as CVE-2026-33825. The bug lets local attackers escalate to SYSTEM on Windows after PoC code was leaked. #BlueHammer #CVE202633825 #MicrosoftDefender

0
0
0
5h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

CISA says BlueHammer, tracked as CVE-2026-33825 in Microsoft Defender, is being used in ransomware attacks. Microsoft disclosed it on April 2 and patched it on April 14 after Huntress saw zero-day exploitation. #BlueHammer #CVE202633825

0
0
0
1h ago

CVE-2026-8023

Overview

zephyrproject
zephyr
zephyr

29 Jun 2026

Published

30 Jun 2026

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.69%

MITRE

KEV

Description

Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled request path into client-url_buffer (assembled in on_url() for HTTP/1 and copied verbatim from the :path pseudo-header for HTTP/2) without resolving ./.. segments. The static-FS handler then built the on-disk filename by directly concatenating the configured root with that raw URL (snprintk(fname, ..., "%s%s", static_fs_detail-fs_path, client-url_buffer) at http_server_http1.c:603 and http_server_http2.c:490) and opened it with fs_open(fname, FS_O_READ). Because the handler is reached via wildcard/leading-dir (fnmatch FNM_LEADING_DIR) or fallback resource matching, a request such as GET /<prefix/../../<file is dispatched to the handler and, after the underlying filesystem (e.g. LittleFS/FAT) resolves the .. segments, escapes the configured web root, letting an unauthenticated remote client read arbitrary readable files on the mounted volume (information disclosure). The HTTP server requires no TLS or authentication to reach this path. The fix adds http_server_remove_dot_segments(), which canonicalizes the path portion of the URL before resource lookup in both protocol handlers, neutralizing the traversal. Affects releases v4.0.0 through v4.4.0 for deployments that register a static-filesystem resource.

Statistics

3 Posts

Last activity: 16 hours ago

Fediverse

OffSequence @offseq

Zephyr HTTP server (4.0.0 – 4.4.x) is affected by CVE-2026-8023 (HIGH): improper path handling enables unauthenticated remote file access via path traversal (../). Patch status unclear — check advisories & restrict exposure. https://radar.offseq.com/threat/cve-2026-8023-improper-limitation-of-a-pathname-to-c30c7b8fffb254ad #OffSeq #Zephyr #Infosec #PathTraversal

0
0
0
16h ago

Bluesky

qian.cx @qiancx.bsky.social

深度解析CVE-2026-8023:Zephyr HTTP服务器漏洞的安全风险与应对策略 https://qian.cx/posts/E5C6374A-80AE-454A-8E15-6177E60E2AD6

0
0
0
16h ago

kripta.biz @kriptabiz.bsky.social

Уязвимость CVE-2026-8023 в HTTP-сервере Zephyr: угрозы и способы защиты https://kripta.biz/posts/9764B4FF-6CBA-4D4E-9ABC-7327DF6F4C08

0
0
0
16h ago

Showing 1 to 10 of 430 CVEs