CVE-2026-45185

Overview

Exim
Exim

12 May 2026

Published

13 May 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

Pending

MITRE

KEV

Description

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

Statistics

13 Posts
12 Interactions

Last activity: 3 hours ago

Fediverse

Catalin Cimpanu @campuscodi

XBOW's AI found an unauth RCE in Exim, bug is being called Dead.Letter

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

Patches are out: https://www.exim.org/static/doc/security/EXIM-Security-2026-05-01.1/EXIM-Security-2026-05-01.1.txt

6
1
0
11h ago

buherator @buherator

Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

2
0
3
17h ago

equinox @equinox

I didn't think I would ever use this sentence, but "thank fuck I use openssl"…

Then again it'll be the other way around some future time. Near future probably, considering how things are going.

(My primary server is still running Gentoo, so, exim is indeed built against openssl. Unlike all my Debian boxes…)

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

0
0
0
9h ago

Bluesky

buherator @buherator.bsky.social

Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim xbow.com -> Original->

1
0
2
17h ago

Hacker News Top Stories @hackernewsbot.bsky.social

Dead.letter (CVE-2026-45185) Humans vs. LLM for Unauthenticated RCE Race on Exim | Discussion

0
2
0
14h ago

Information Security Briefly @infosecbriefly.bsky.social

Exim security updates fix CVE-2026-45185, a GnuTLS-related BDAT use-after-free that can cause heap corruption and potential code execution.

0
0
0
15h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Exim patched CVE-2026-45185, a use-after-free in BDAT handling on GnuTLS builds that could enable heap corruption and code execution. Affects versions 4.97 to 4.99.2; fixed in 4.99.3. #Exim #GnuTLS #CVE202645185

0
0
0
12h ago

Undercode Testing @undercode.bsky.social

AI Hacked Your Mail Server: CVE-2026-45185 Exim RCE & The Dawn of Autonomous Offensive Security + Video Introduction: The discovery of CVE-2026-45185—an unauthenticated remote code execution (RCE) vulnerability in Exim, the world’s most widely deployed mail transfer agent (MTA)—marks a tectonic…

0
0
0
3h ago

CVE-2026-41940

Overview

WebPros
cPanel

29 Apr 2026

Published

06 May 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

67.01%

MITRE

KEV

Description

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

Statistics

6 Posts

Last activity: Last hour

Fediverse

TechNadu @technadu

CVE-2026-41940 is under active mass exploitation.

Researchers say threat group “Mr_Rot13” is exploiting the critical cPanel flaw to steal credentials, deploy webshells, and gain persistent access across hosting infrastructure.

2,000+ attacking IPs observed globally.

https://www.technadu.com/cve-2026-41940-vulnerability-in-cpanel-exploited-to-steal-credentials/627803/

#CyberSecurity #ThreatIntel #cPanel

0
0
0
18h ago

Bluesky

r/blueteamsec bot @r-blueteamsec.bsky.social

Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment

0
0
0
22h ago

TechNadu @technadu.com

Researchers say threat group “Mr_Rot13” is actively exploiting the critical cPanel flaw CVE-2026-41940. The attacks reportedly involve credential theft, SSH key implantation, webshell deployment, and persistent backdoors across compromised hosting systems. #CyberSecurity #ThreatIntel #InfoSec

0
0
0
18h ago

Help Net Security @helpnetsecurity.com

Stealthy hackers exploit cPanel flaw in active backdoor campaign (CVE-2026-41940) 🔗 Read more: www.helpnetsecurity.com/2026/05/12/c... #cybercrime #Japan #vulnerability

0
0
0
17h ago

キタきつね @kitafox.bsky.social

cPanelの認証バイパスに関する重大な脆弱性（CVE-2026-41940）が数千件の被害に遭う Critical cPanel Auth Bypass CVE-2026-41940 Exploited by Thousands #DailyCyberSecurity (May 12) securityonline.info/cpanel-whm-a...

0
0
0
10h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Major patches hit SAP Commerce Cloud, SAP S/4HANA, and Apple macOS/iOS, while cPanel CVE-2026-41940 is actively exploited to drop a Filemanager backdoor. #SAP #Apple #Texas

0
0
0
Last hour

CVE-2026-7482

Overview

ollama
ollama
ollama/ollama

04 May 2026

Published

04 May 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.10%

MITRE

KEV

Description

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and server/quantization.go (WriteTo()), the server reads past the allocated heap buffer. The leaked memory contents may include environment variables, API keys, system prompts, and concurrent users' conversation data, and can be exfiltrated by uploading the resulting model artifact through the /api/push endpoint to an attacker-controlled registry. The /api/create and /api/push endpoints have no authentication in the upstream distribution. Default deployments bind to 127.0.0.1, but the documented OLLAMA_HOST=0.0.0.0 configuration is widely used in practice (large public-internet exposure observed).

Statistics

2 Posts
5 Interactions

Last activity: 2 hours ago

Fediverse

knoppix @knoppix95

Ollama fixed CVE-2026-7482 in v0.17.1, a critical out-of-bounds read flaw that could leak API keys, prompts, and chat data from exposed servers via crafted GGUF files. 🔓
Researchers also disclosed unpatched Windows update flaws enabling persistent code execution through unsigned updates and path traversal in Ollama 0.12.10–0.17.5. ⚠️

🔗 https://thehackernews.com/2026/05/ollama-out-of-bounds-read-vulnerability.html

#TechNews #Ollama #LLM #AI #Cybersecurity #OpenSource #FOSS #Privacy #Infosec #Windows #Linux #Security #Servers #DataBreach #Technology

3
1
0
2h ago

Bluesky

OpsMatters @opsmatters.com

The latest update for #Indusface includes "Bleeding Llama (CVE-2026-7482): Critical Unauthenticated Memory Leak in Ollama" and "DDoS Protection for Insurance: Always-On Defense for Claims, Quotes & #APIs". #cybersecurity #infosec https://opsmtrs.com/3ySs2VF

0
1
0
4h ago

CVE-2026-44413

Overview

JetBrains
TeamCity

11 May 2026

Published

11 May 2026

Updated

CVSS v3.1

HIGH (8.2)

EPSS

0.00%

MITRE

KEV

Description

In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access

Statistics

2 Posts
2 Interactions

Last activity: 16 hours ago

Fediverse

CyberNetsecIO @netsecio

📰 High-Severity Flaw in JetBrains TeamCity On-Premises Allows API Exposure (CVE-2026-44413)

PATCH NOW: A high-severity vulnerability (CVE-2026-44413) in JetBrains TeamCity On-Premises allows any authenticated user to expose server APIs. All versions up to 2025.11.4 are affected. Upgrade to 2026.1 immediately. 💻🔧 #TeamCity #JetBrains #CI/CD

🔗 https://cyber.netsecops.io

1
0
0
16h ago

Bluesky

Help Net Security @helpnetsecurity.com

JetBrains TeamCity vulnerability allows privilege escalation, API exposure (CVE-2026-44413) 📖 Read more: www.helpnetsecurity.com/2026/05/12/j... #cybersecurity #Cybersecuritynews #continuousintegration #softwaredelivery #vulnerability @jetbrains.com

1
0
0
20h ago

CVE-2026-43500

Overview

Linux
Linux

11 May 2026

Published

11 May 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.

Statistics

2 Posts
10 Interactions

Last activity: 4 hours ago

Fediverse

knoppix @knoppix95

Linux 7.0.6 and 6.18.29 LTS patch the Dirty Frag local privilege flaw, fixing unsafe rxrpc decryption paths tied to CVE-2026-43500.
Fedora and Pop!_OS shipped fixes before release, reflecting rapid open-source patching and the need for timely user-controlled updates. 🔧

🔗 https://itsfoss.com/news/linux-fully-patches-dirty-frag-exploit/

#TechNews #Linux #DirtyFrag #Kernel #Fedora #PopOS #OpenSource #Cybersecurity #Privacy #Security #FOSS #SysAdmin #LTS #LinuxKernel #DirtyFrag #CopyFail #CVE #Fedora #PopOS #Ubuntu #Tech

6
4
0
12h ago

Bluesky

OpsMatters @opsmatters.com

The latest update for #SafeBreach includes "Dirty Frag Vulnerability (CVE-2026-43284 & CVE-2026-43500): Why Reliable #Linux Privilege Escalation Changes the Defense Equation". #Cybersecurity https://opsmtrs.com/41NWGuQ

0
0
0
4h ago

CVE-2026-26083

Overview

Fortinet
FortiSandbox Cloud

12 May 2026

Published

13 May 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

Pending

MITRE

KEV

Description

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests.

Statistics

3 Posts

Last activity: 1 hour ago

Bluesky

tamosan @tamosan.bsky.social

FortiSandboxの脆弱性。Web UIに認証されていないユーザーがコードやコマンドを投げれるようす：FG-IR-26-136｜CVE-2026-26083｜PSIRT | FortiGuard Labs https://www.fortiguard.com/psirt/FG-IR-26-136

0
0
0
8h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Fortinet patches critical RCE flaws in FortiAuthenticator and FortiSandbox. CVE-2026-44277 and CVE-2026-26083 could let unauthenticated attackers run unauthorized code or commands. #Fortinet #FortiAuthenticator #FortiSandbox

0
0
0
11h ago

ohhara @shiojiri.com

Fortinet、FortiSandboxとFortiAuthenticatorの重大なRCE脆弱性について警告（CVE-2026-44277、CVE-2026-26083） | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45561/

0
0
0
1h ago

CVE-2026-32661

Overview

Canon Marketing Japan Inc.
GUARDIANWALL MailSuite (On-premises version)

13 May 2026

Published

13 May 2026

Updated

CVSS v3.0

CRITICAL (9.8)

EPSS

Pending

MITRE

KEV

Description

Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege.

Statistics

2 Posts

Last activity: Last hour

Fediverse

OffSequence @offseq

🚨 CRITICAL: CVE-2026-32661 stack buffer overflow in Canon GUARDIANWALL MailSuite (v1.4.00 – 2.4.26). Remote code execution possible. Restrict network access & monitor pop3wallpasswd. Patch pending. https://radar.offseq.com/threat/cve-2026-32661-stack-based-buffer-overflow-in-cano-fe8551b1 #OffSeq #CVE202632661 #infosec #vuln

0
0
0
1h ago

Bluesky

ケイ | 副業Webライター📖 @keiwork35.bsky.social

GUARDIANWALL MailSuiteの脆弱性とは？影響範囲や悪用状況、対策をわかりやすく解説本記事では、GUARDIANWALL MailSuiteの脆弱性（CVE-2026-32661）の概要、影響を受ける環境、想定されるリスク、利用者が取るべき対策をわかりやすく解説します。

0
0
0
Last hour

CVE-2026-41096

Overview

Microsoft
Windows 11 version 22H3

12 May 2026

Published

13 May 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

Pending

MITRE

KEV

Description

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.

Statistics

3 Posts
5 Interactions

Last activity: 2 hours ago

Fediverse

Jan Korbel 🐧 @jackc

Microsoft Patch Tuesday 05/2026:
- opravy 120 zranitelností ve Windows, Officech, ale také třeba Malování(!)
- 17 kritických (z toho 14x RCE)
- krom toho mnoho (130+) oprav Edge nebo Teamsů

Velmi zajímavě vypadá zranitelnost CVE-2026-41096 ve Windows DNS klientovi(!), která umožňuje vzdálené spuštění kódu podstrčením připravených DNS odpovědí. S tím bych se vyloženě bál připojit se k sítím s cizím DNS.

#kybez

1
2
0
2h ago

nyanbinary @nyanbinary

checks notes ...

Windows Netlogon Remote Code Execution
Windows DNS Client Remote Code Execution

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089

0
2
0
14h ago

Bluesky

piggo @pigondrugs.bsky.social

@talosintelligence.com Microsoft's May 2026 Patch Tuesday addresses 137 vulnerabilities, including 31 critical flaws with 16 RCEs, though none are actively exploited. - IOCs: CVE-2026-32161, CVE-2026-41089, CVE-2026-41096 - ...

0
0
0
13h ago

CVE-2026-34260

Overview

SAP_SE
SAP S/4HANA (SAP Enterprise Search for ABAP)

12 May 2026

Published

12 May 2026

Updated

CVSS v3.1

CRITICAL (9.6)

EPSS

0.01%

MITRE

KEV

Description

SAP S/4HANA (SAP Enterprise Search for ABAP) contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the underlying database without proper validation or sanitization. Upon successful exploitation, an attacker may gain unauthorized access to sensitive database information and could potentially crash the application. This vulnerability has a high impact on the confidentiality and availability of the application, while integrity remains unaffected.

Statistics

2 Posts

Last activity: Last hour

Bluesky

Undercode Testing @undercode.bsky.social

Critical SAP S/4HANA SQL Injection Under Active Patching – CVE-2026-34260 (CVSS 96) What Undercode Say + Video A critical SQL injection vulnerability in the SAP Enterprise Search for ABAP component (CVE-2026-34260) has been patched, scoring a near-maximum CVSS 9.6 due to its potential for…

0
0
0
Last hour

ohhara @shiojiri.com

SAP、Commerce CloudとS/4HANAのCriticalな脆弱性に対処：CVE-2026-34263、CVE-2026-34260 | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45556/

0
0
0
1h ago

CVE-2026-8043

Overview

ivanti
Xtraction

12 May 2026

Published

12 May 2026

Updated

CVSS v3.1

CRITICAL (9.6)

EPSS

Pending

MITRE

KEV

Description

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks.

Statistics

2 Posts

Last activity: 16 hours ago

Fediverse

nyanbinary @nyanbinary

til that Ivanti doesn't just make insecure endpoint management software. they also make insecure reporting software :neobot_giggle:

https://nvd.nist.gov/vuln/detail/cve-2026-8043

0
0
0
16h ago

Bluesky

piggo @pigondrugs.bsky.social

~Cybergcca~ CCCS issued 5 advisories for vulnerabilities in SAP, Siemens, Schneider Electric, Ivanti, and Mozilla products. - IOCs: CVE-2026-8043, CVE-2026-8051, CVE-2026-7431 - #Patching #ThreatIntel #Vulnerability

0
0
0
17h ago