24h | 7d | 30d

CVE-2026-0300

Overview

  • Palo Alto Networks
  • Cloud NGFW
06 May 2026
Published
07 May 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

Statistics

  • 25 Posts
  • 22 Interactions
Last activity: Last hour

Fediverse

Profile picture fallback
cR0w @cR0w

Whoopsie

security.paloaltonetworks.com/

  • 7
  • 10
  • 0
  • 21h ago
Profile picture fallback
Tod Beardsley @todb

So this PAN-OS bug, CVE-2026-0300.

Is there a good reason to expose this User-ID Authentication Portal to the internet in the first place? Yes yes, defend against insider threats and all that, but the opportunistic, across-the-ocean attack seems like it relies more on misconfiguration than anything.

It doesn't seem to be very useful to associate a user identity to an internet-based IP address in the first place, so don't do that? Or am I wildly misunderstanding the utility here? (At first I thought it was like a capture portal like you find on hotel WiFi, but it's more specialized than that I think.)

Regardless, @runZeroInc has a Rapid Response out for it now. No Palo Alto patches available yet.

runzero.com/blog/palo-alto-net

  • 1
  • 1
  • 0
  • 17h ago
Profile picture fallback
CyberNetsecIO @netsecio

📰 Critical Palo Alto Networks Zero-Day (CVE-2026-0300) Actively Exploited for RCE

🚨 CRITICAL ZERO-DAY: Palo Alto Networks warns of an unpatched, actively exploited RCE vulnerability (CVE-2026-0300) in PAN-OS firewalls. The flaw allows root access via the User-ID portal. Mitigate immediately! #CyberSecurity #ZeroDay #PANOS

🔗 cyber.netsecops.io

  • 1
  • 0
  • 0
  • 21h ago
Profile picture fallback
TechNadu @technadu

PAN-OS zero-day (CVE-2026-0300) exploited.
• Unauth RCE (root)
• Targets exposed portals
• Patches start May 13

technadu.com/palo-alto-network

Are you mitigating now?

  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
corq @corq

CVE Record: CVE-2026-0300 - Title: PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

cve.org/CVERecord?id=CVE-2026-

  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
OffSequence @offseq

🚨 CVE-2026-0300: CRITICAL PAN-OS vuln in PA-Series & VM-Series. Buffer overflow in User-ID Auth Portal enables unauth RCE as root. Restrict portal access ASAP. Prisma Access & Cloud NGFW not impacted. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
AllAboutSecurity @allaboutsecurity

CVE-2026-0300: Zero-Day in PAN-OS erlaubt unauthentifizierten Root-Zugriff auf Palo Alto Firewalls

Eine aktiv ausgenutzte Schwachstelle im User-ID-Authentifizierungsportal von PAN-OS erlaubt Angreifern ohne Zugangsdaten die vollständige Übernahme betroffener Firewalls – Patches stehen noch nicht flächendeckend bereit.

all-about-security.de/cve-2026

#patch #cve #PANOS #rootzugriff #firewall #PaloAlto #zeroday

  • 0
  • 0
  • 1
  • 4h ago
Profile picture fallback
Reed Mideke @reedmideke

"Limited exploitation has been observed targeting Palo Alto Networks User-ID™ Authentication Portals" - Remember kids, "limited exploitation" means at least one customer hasn't been exploited at the time of publication!

Also, Palo Alto, who recently told* us "AI changes everything, assume all OSS is compromised" have a buffer overflow based unauthenticated root RCE in their captive portal

security.paloaltonetworks.com/

* mastodon.social/@reedmideke/11

  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
benzogaga33 :verified: @benzogaga33

Palo Alto Networks alerte sur une nouvelle zero-day déjà exploitée (CVE-2026-0300) it-connect.fr/palo-alto-networ #ActuCybersécurité #Cybersécurité #Vulnérabilité #PaloAlto

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
Rene Robichaud @neroqc.bsky.social
Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300) www.rapid7.com/blog/post/et...
  • 1
  • 0
  • 0
  • 20h ago
Profile picture fallback
Rapid7 @rapid7.com
🚨 On 5/6/26, #PaloAltoNetworks published a security advisory for a critical vuln. affecting PAN-OS PA-Series & VM-Series firewall appliances. CVE-2026-0300 carries a CVSSv4 score of 9.3 and has been confirmed as exploited in the wild by the vendor. More: r-7.co/48ML0Pf
  • 1
  • 0
  • 0
  • 20h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Certeu~ A critical buffer overflow in PAN-OS User-ID Authentication Portal allows unauthenticated RCE as root. - IOCs: CVE-2026-0300 - #CVE2026_0300 #PANOS #ThreatIntel
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ CCCS released 3 advisories, highlighting an actively exploited critical vulnerability (CVE-2026-0300) in Palo Alto PAN-OS. - IOCs: CVE-2026-0300 - #CVE2026_0300 #PaloAlto #ThreatIntel
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 Zero-day critique CVE-2026-0300 dans PAN-OS exploité contre des firewalls Palo Alto 📝 ## 🗓️ Contexte Publié le 6 mai 2026 par Eduard Kovacs sur … https://cyberveille.ch/posts/2026-05-06-zero-day-critique-cve-2026-0300-dans-pan-os-exploite-contre-des-firewalls-palo-alto/ #CVE_2026_0300 #Cyberveille
  • 0
  • 0
  • 1
  • 17h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ CISA added actively exploited CVE-2026-0300 (PAN-OS out-of-bounds write) to the KEV catalog. - IOCs: CVE-2026-0300 - #CVE2026_0300 #PaloAlto #ThreatIntel
  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
Mrs. Y @mrsyiswhy.bsky.social
Palo Alto warns of critical software bug used in firewall attacks A patch for the bug, tracked as CVE-2026-0300, has not been published yet and Palo Alto Networks said it will be included in releases over the next two weeks.
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (May 6) CVE-2026-0300 Palo Alto Networks PAN-OS 境界外書き込みの脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
Palo Altoファイアウォールにおけるルートレベルのリモートコード実行(RCE)脆弱性が悪用される(CVE-2026-0300) Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300) #HelpNetSecurity (May 6) www.helpnetsecurity.com/2026/05/06/p...
  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
IT-Connect @it-connect.bsky.social
🔥 Palo Alto Networks - Zero-Day Palo Alto Networks alerte sur une nouvelle zero-day déjà exploitée (CVE-2026-0300) Ma publication à ce sujet 👇 - www.it-connect.fr/palo-alto-ne... #paloalto #zeroday #firewall #infosec
  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
ohhara @shiojiri.com
CVE-2026-0300 Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
LeMagIT @lemagit.bsky.social
PAN-OS : Vulnérabilité critique (CVE-2026-0300) = risque ROOT. 💥 Ne laissez pas une faille compromettre votre infra ! Découvrez les mesures urgentes à prendre. 🛡️ [Lien vers l'article] [lire]
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
ohhara @shiojiri.com
PAN-OSのRCEゼロデイが攻撃に悪用される:パロアルトが警告(CVE-2026-0300) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45477/
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
LeMagIT @lemagit.bsky.social
PAN-OS en danger ! 💥 CVE-2026-0300 ouvre la porte au contrôle root. Ne tardez pas : découvrez les actions défensives *immédiates* pour protéger votre réseau. 🛡️ [Lien vers l'article] [lire]
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-23918

Overview

  • Apache Software Foundation
  • Apache HTTP Server
04 May 2026
Published
05 May 2026
Updated
CVSS
Pending
EPSS
0.06%
KEV

Description

Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.

Statistics

  • 13 Posts
  • 34 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
Harry Sintonen @harrysintonen

stable package 2.4.66-1~deb13u2 already includes the fix for CVE-2026-23918.

You an verify this by apt-get source apache2 and then checking out apache2-2.4.66/debian/patches/bug1125368.patch

The security tracker at security-tracker.debian.org/tr currently has wrong information. This is likely due to automation based on version numbers alone.

  • 6
  • 6
  • 0
  • 23h ago
Profile picture fallback
Royce Williams @tychotithonus

RE: chaos.social/@icing/1165269035

Aftermath: people, running Debian httpd 2.4.66, started complaining when they’ll get the 2.4.67 update to fix this RCE vulnerability. Which they already were protected from, but did not know. Because the CVE was not public at the time the fix was shipped.

[...]

Two security researchers found the vulnerability independently. Just scanning the 2.4.66 source code. This means the bad guys can no longer be kept in the dark. Coordinated disclosure no longer works.

  • 4
  • 5
  • 0
  • 22h ago
Profile picture fallback
Adhidarma Hadiwinoto :verifyc: @adhisimon

Yang masih pakai #httpd nya #apache silahkan dicek, kena impact-nya gak

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE thehackernews.com/2026/05/crit

#cve #infosec

  • 3
  • 1
  • 0
  • 21h ago
Profile picture fallback
ZaufanaTrzeciaStrona.pl @zaufanatrzeciastrona

Mocne odkrycie - RCE bez uwierzytelnienia w serwerze Apache znalezione przez Bartłomieja Dmitruka ze striga.ai (detektor błędów oparty na AI) oraz Stanisława Strzałkowskiego z ISEC.pl. Na serwerze musi być włączone mod_http2 - ale na wielu jest.

cve.org/CVERecord?id=CVE-2026-
httpd.apache.org/security/vuln

  • 2
  • 3
  • 0
  • 15h ago
Profile picture fallback
Royce Williams @tychotithonus

@Andres4NY Parent post updated, apparently CVE-2026-23918 was fixed much earlier?

  • 0
  • 1
  • 0
  • 21h ago
Profile picture fallback
Beemo @nflatrea

Doubling the Trouble

CVE-2026-23918 double free vulnerability PoC for Apache httpd <=2.4.66. Fixed in >=2.4.67
github.com/nflatrea/playground

  • 0
  • 0
  • 0
  • 23h ago
Profile picture fallback
CyberNetsecIO @netsecio

📰 Critical RCE Flaw in Apache HTTP Server's HTTP/2 Module Patched

🚨 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE

🔗 cyber.netsecops.io

  • 0
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture fallback
Ninja Owl @ninjaowl.ai
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 1
  • 1
  • 0
  • 22h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
Apache HTTP/2の重大な脆弱性(CVE-2026-23918)により、DoS攻撃およびリモートコード実行の可能性が生じる Apache HTTP/2の重大な脆弱性(CVE-2026-23918)により、DoS攻撃およびリモートコード実行の可能性が生じる #HackerNews (May 5) thehackernews.com/2026/05/crit...
  • 0
  • 1
  • 0
  • 9h ago
Profile picture fallback
IT-Connect @it-connect.bsky.social
⚠️ Faille de sécurité Apache2 Une nouvelle vulnérabilité importante, identifiée sous la référence CVE-2026-23918, a été patchée dans la dernière version d'Apache2. Plus d'infos par ici 🔽 - www.it-connect.fr/faille-apach... #apache #linux #webserver #infosec
  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback
Modat @modat-io.bsky.social
⚠️ CVE-2026-23918: Double free in Apache HTTP Server 2.4.66 HTTP/2 may allow unauth RCE via crafted requests, risking full server compromise. Update to 2.4.67 or disable HTTP/2/restrict access. Query: web.headers="Server: Apache/2.4.66"  The platform: magnify.modat.io
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Ethical Hacking Consultores @ehcgroup.bsky.social
Vulnerabilidad crítica en Apache expone a millones de servidores a ataques RCE. Se ha parchado una vulnerabilidad grave (CVE-2026-23918) que permite la Ejecución Remota de Código (RCE) aprovechando un fallo en HTTP/2. #ciberseguridad #cybersecurity www.linkedin.com/pulse/vulner...
  • 0
  • 0
  • 0
  • 17h ago
Profile picture fallback
ohhara @shiojiri.com
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-31431

Overview

  • Linux
  • Linux
22 Apr 2026
Published
07 May 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
1.23%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Statistics

  • 9 Posts
  • 26 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
#:idle: Don T3rr0r :antifa: @t3rr0rz0n3

Mañana ha sido hoy:

voidnull.es/como-comprobar-y-m

  • 8
  • 8
  • 0
  • 12h ago
Profile picture fallback
🌈 Lascapi ⁂ @lascapi

Copy Fail CVE-2026-31431

> How they found it
> Taeyang Lee's earlier kernelCTF work had mapped out the AF_ALG attack surface. He realized that AF_ALG + splice creates a path where unprivileged userspace can feed page cache pages directly into the crypto subsystem and suspected that scatterlist page provenance may be an underexplored source of vulnerabilities.

#cve #linux #kernel #security

xint.io/blog/copy-fail-linux-d

  • 4
  • 1
  • 0
  • 19h ago
Profile picture fallback
Lautaro :mastodon: :pixelfed: @Lautaro_Ferrero

Cómo comprobar y mitigar la vulnerabilidad Copy Fail (CVE-2026-31431) en GNU/Linux
voidnull.es/como-comprobar-y-m

  • 1
  • 3
  • 0
  • 9h ago
Profile picture fallback
Erik Nygren :verified: @nygren

#Linode (#Akamai Cloud) has published documentation on how to mitigate #CopyFail for both new and existing instances running there:

linode.com/docs/guides/cve-202

  • 0
  • 1
  • 0
  • 20h ago
Profile picture fallback
TechNadu @technadu

CISA warns: CopyFail Linux vuln exploited.
• Privilege escalation → root
• Impacts major distros
• Patch deadline May 15

technadu.com/cisa-warns-of-sev

Are you patched?

  • 0
  • 0
  • 0
  • 17h ago

Bluesky

Profile picture fallback
Hacker News 200 Points @newsyc200.bsky.social
CVE-2026-31431: Copy Fail vs. rootless containers https://www.dragonsreach.it/2026/05/04/cve-2026-31431-copy-fail-rootless-containers/ (http://news.ycombinator.com/item?id=48017813)
  • 0
  • 0
  • 0
  • 15h ago
Profile picture fallback
Checkmarx Zero @checkmarxzero.bsky.social
#CopyFail has been added to the CISA KEV; and it's an AppSec consideration that too many practitioners are ignoring. The Linux vulnerability (CVE-2026-31431) can allow for privesc from unprivileged to root, and is seeing active exploitation.
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
Linuxの脆弱性対策について(CVE-2026-31431、Copy Fail) #IPA (May 1) www.ipa.go.jp/security/sec...
  • 0
  • 0
  • 0
  • 11h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (May 1) CVE-2026-31431 Linuxカーネルにおけるスフィア間の不適切なリソース転送の脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-7482

Overview

  • ollama
  • ollama
  • ollama/ollama
04 May 2026
Published
04 May 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.09%
KEV

Description

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and server/quantization.go (WriteTo()), the server reads past the allocated heap buffer. The leaked memory contents may include environment variables, API keys, system prompts, and concurrent users' conversation data, and can be exfiltrated by uploading the resulting model artifact through the /api/push endpoint to an attacker-controlled registry. The /api/create and /api/push endpoints have no authentication in the upstream distribution. Default deployments bind to 127.0.0.1, but the documented OLLAMA_HOST=0.0.0.0 configuration is widely used in practice (large public-internet exposure observed).

Statistics

  • 4 Posts
  • 5 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
buherator @buherator
[RSS] Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (CVE-2026-7482)

https://www.cyera.com/research/bleeding-llama-critical-unauthenticated-memory-leak-in-ollama
  • 0
  • 1
  • 0
  • 18h ago

Bluesky

Profile picture fallback
L'algorisme @lalgorisme.bsky.social
Una vulnerabilitat al GGUF, el format obert que empaqueta models d'IA en un sol fitxer i que Ollama utilitza, exposa prompts, missatges i variables d'entorn d'unes 300.000 instàncies exposades a internet. Puntuació 9.3/10 (CVE-2026-7482). www.securityweek.com/critical-bug...
  • 3
  • 1
  • 0
  • 1h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Regulatory actions hit Kochava over location data and privacy settlements impact Forbes. Data exposures found in Vimeo and Canvas. Critical flaws like Bleeding Llama (CVE-2026-7482) and MOVEit exploited amid active threat groups. #DataPrivacy #US
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
buherator @buherator.bsky.social
[RSS] Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (CVE-2026-7482) www.cyera.com -> Original->
  • 0
  • 0
  • 0
  • 18h ago

CVE-2026-41940

Overview

  • WebPros
  • cPanel
29 Apr 2026
Published
06 May 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
26.55%
KEV

Description

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 9 hours ago

Bluesky

Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Apr 30) CVE-2026-41940 WebPros cPanel & WHMおよびWP2(WordPress Squared)における重要機能の認証欠落の脆弱性 www.cisa.gov/news-events/...
  • 0
  • 1
  • 0
  • 9h ago
Profile picture fallback
NEWSTECNICAS | Tecnología , IA y Gaming @newstecnicas.info.ve
🟢 Cómo solucionar la #vulnerabilidad CVE-2026-41940 en cPanel/WHM: #Parche de seguridad urgente para #acceso root www.newstecnicas.info.ve/2026/05/solu...
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Commonwealth Sentinel Cyber Security @cwealthsentinel.bsky.social
Hackers target governments and MSPs via critical cPanel flaw CVE-2026-41940
  • 0
  • 0
  • 0
  • 20h ago

CVE-2026-3854

Overview

  • GitHub
  • Enterprise Server
10 Mar 2026
Published
29 Apr 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.30%
KEV

Description

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly sanitized before being included in internal service headers. Because the internal header format used a delimiter character that could also appear in user input, an attacker could inject additional metadata fields through crafted push option values. This vulnerability was reported via the GitHub Bug Bounty program and has been fixed in GitHub Enterprise Server versions 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.7 and 3.19.4.

Statistics

  • 2 Posts
  • 14 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
MissConstrue @MissConstrue

So, #GitHub is having a rough go of it lately. With significant instability and frequent outages in the last month and platform uptime dropping below 85%.

But the most fun trick? Any authenticated user could execute arbitrary commands on GitHub's backend servers with a single git push command - using nothing but a standard git client. (Because their architecture didn’t sterilize semicolons, thus prompt injection.)

On GitHub Enterprise Server, the vulnerability grants full server compromise, including access to all hosted repositories and internal secrets.

GitHub Enterprise Server customers should upgrade ASAP. Wiz dot io data indicates that 88% of instances were still vulnerable.

wiz.io/blog/github-rce-vulnera

#infosec #live #githubEnterprise #rce

  • 9
  • 5
  • 0
  • 16h ago
Profile picture fallback
github.com/ghostwriter @ghostwriter

GitHub Enterprise Server: Immediate action required!

Upgrade to #GHES version 3.19.3 or later - this release patches #CVE-2026-3854

wiz.io/blog/github-rce-vulnera

  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-42208

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
Last activity: 12 hours ago

Bluesky

Profile picture fallback
Bishop Fox @bishopfox.bsky.social
Bishop Fox researchers reproduced CVE-2026-42208, a critical pre-authentication SQL injection in LiteLLM’s proxy. Exploitation was observed in the wild roughly 36 hours after disclosure. If you’re running LiteLLM, upgrade to 1.83.7+.
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 CVE-2026-42208 : Injection SQL pré-authentification critique dans LiteLLM Proxy 📝 ## 🔍 Contexte Bishop Fox a publié le 6 mai 2026 une analyse techni… https://cyberveille.ch/posts/2026-05-06-cve-2026-42208-injection-sql-pre-authentification-critique-dans-litellm-proxy/ #CVE_2026_42208 #Cyberveille
  • 0
  • 0
  • 0
  • 12h ago

CVE-2024-3273

Overview

  • D-Link
  • DNS-320L
04 Apr 2024
Published
21 Oct 2025
Updated
CVSS v3.1
HIGH (7.3)
EPSS
94.42%
KEV

Description

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

Statistics

  • 1 Post
  • 8 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture fallback
clearbluejar @clearbluejar

pyghidra-mcp v0.2.0 is out with new --gui mode. 👀

Your local LLM drives a real Ghidra CodeBrowser, not a plugin.

New blog post shows firmware RE of the CVE-2024-3273 RCE chain with Gemma4.

clearbluejar.github.io/posts/p

  • 5
  • 3
  • 0
  • 14h ago

CVE-2026-40108

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
Last activity: 14 hours ago

Bluesky

Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 GLPI 11.0.7 & 10.0.25 : 13 vulnérabilités corrigées dont 4 critiques (XSS, suppression arbitraire) 📝 📅 **Source** : IT-Connect, publié … https://cyberveille.ch/posts/2026-05-06-glpi-11-0-7-10-0-25-13-vulnerabilites-corrigees-dont-4-critiques-xss-suppression-arbitraire/ #CVE_2026_40108 #Cyberveille
  • 0
  • 0
  • 0
  • 14h ago

CVE-2026-41202

Overview

  • ci4-cms-erp
  • ci4ms
07 May 2026
Published
07 May 2026
Updated
CVSS v4.0
CRITICAL (9.4)
EPSS
Pending
KEV

Description

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Backup::restore extracts user uploaded ZIP archives without validating entry names, allowing an authenticated backend user with the backup create permission to write files to arbitrary filesystem locations (Zip Slip) and achieve remote code execution by dropping a PHP file under the public web root. This issue has been patched in version 0.31.5.0.

Statistics

  • 1 Post
Last activity: 1 hour ago

Fediverse

Profile picture fallback
OffSequence @offseq

🔎 CVE-2026-41202: CRITICAL path traversal in ci4ms (<0.31.5.0) lets authenticated users upload ZIPs for remote code execution. Patch to 0.31.5.0 now! Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 1h ago
Showing 1 to 10 of 29 CVEs