Overview
Description
Statistics
- 25 Posts
- 22 Interactions
Fediverse
So this PAN-OS bug, CVE-2026-0300.
Is there a good reason to expose this User-ID Authentication Portal to the internet in the first place? Yes yes, defend against insider threats and all that, but the opportunistic, across-the-ocean attack seems like it relies more on misconfiguration than anything.
It doesn't seem to be very useful to associate a user identity to an internet-based IP address in the first place, so don't do that? Or am I wildly misunderstanding the utility here? (At first I thought it was like a capture portal like you find on hotel WiFi, but it's more specialized than that I think.)
Regardless, @runZeroInc has a Rapid Response out for it now. No Palo Alto patches available yet.
📰 Critical Palo Alto Networks Zero-Day (CVE-2026-0300) Actively Exploited for RCE
🚨 CRITICAL ZERO-DAY: Palo Alto Networks warns of an unpatched, actively exploited RCE vulnerability (CVE-2026-0300) in PAN-OS firewalls. The flaw allows root access via the User-ID portal. Mitigate immediately! #CyberSecurity #ZeroDay #PANOS
PAN-OS zero-day (CVE-2026-0300) exploited.
• Unauth RCE (root)
• Targets exposed portals
• Patches start May 13
Are you mitigating now?
#InfoSec #CyberSecurity #ZeroDay
CVE Record: CVE-2026-0300 - Title: PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
🚨 CVE-2026-0300: CRITICAL PAN-OS vuln in PA-Series & VM-Series. Buffer overflow in User-ID Auth Portal enables unauth RCE as root. Restrict portal access ASAP. Prisma Access & Cloud NGFW not impacted. Details: https://radar.offseq.com/threat/cve-2026-0300-cwe-787-out-of-bounds-write-in-palo--a6a99009 #OffSeq #PaloAltoNetworks #Vuln
CVE-2026-0300: Zero-Day in PAN-OS erlaubt unauthentifizierten Root-Zugriff auf Palo Alto Firewalls
Eine aktiv ausgenutzte Schwachstelle im User-ID-Authentifizierungsportal von PAN-OS erlaubt Angreifern ohne Zugangsdaten die vollständige Übernahme betroffener Firewalls – Patches stehen noch nicht flächendeckend bereit.
#patch #cve #PANOS #rootzugriff #firewall #PaloAlto #zeroday
"Limited exploitation has been observed targeting Palo Alto Networks User-ID™ Authentication Portals" - Remember kids, "limited exploitation" means at least one customer hasn't been exploited at the time of publication!
Also, Palo Alto, who recently told* us "AI changes everything, assume all OSS is compromised" have a buffer overflow based unauthenticated root RCE in their captive portal
Palo Alto Networks alerte sur une nouvelle zero-day déjà exploitée (CVE-2026-0300) https://www.it-connect.fr/palo-alto-networks-alerte-sur-une-nouvelle-zero-day-deja-exploitee-cve-2026-0300/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #PaloAlto
Bluesky
Overview
- Apache Software Foundation
- Apache HTTP Server
Description
Statistics
- 13 Posts
- 34 Interactions
Fediverse
#Debian stable #apache2 package 2.4.66-1~deb13u2 already includes the fix for CVE-2026-23918.
You an verify this by apt-get source apache2 and then checking out apache2-2.4.66/debian/patches/bug1125368.patch
The security tracker at https://security-tracker.debian.org/tracker/CVE-2026-23918 currently has wrong information. This is likely due to automation based on version numbers alone.
RE: https://chaos.social/@icing/116526903529846107
Aftermath: people, running Debian httpd 2.4.66, started complaining when they’ll get the 2.4.67 update to fix this RCE vulnerability. Which they already were protected from, but did not know. Because the CVE was not public at the time the fix was shipped.
[...]
Two security researchers found the vulnerability independently. Just scanning the 2.4.66 source code. This means the bad guys can no longer be kept in the dark. Coordinated disclosure no longer works.
Yang masih pakai #httpd nya #apache silahkan dicek, kena impact-nya gak
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html
Mocne odkrycie - RCE bez uwierzytelnienia w serwerze Apache znalezione przez Bartłomieja Dmitruka ze striga.ai (detektor błędów oparty na AI) oraz Stanisława Strzałkowskiego z ISEC.pl. Na serwerze musi być włączone mod_http2 - ale na wielu jest.
https://www.cve.org/CVERecord?id=CVE-2026-23918
https://httpd.apache.org/security/vulnerabilities_24.html
@Andres4NY Parent post updated, apparently CVE-2026-23918 was fixed much earlier?
Doubling the Trouble
CVE-2026-23918 double free vulnerability PoC for Apache httpd <=2.4.66. Fixed in >=2.4.67
https://github.com/nflatrea/playground/tree/main/cve/CVE-2026-23918
📰 Critical RCE Flaw in Apache HTTP Server's HTTP/2 Module Patched
🚨 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE
Bluesky
Overview
Description
Statistics
- 9 Posts
- 26 Interactions
Fediverse
Copy Fail CVE-2026-31431
> How they found it
> Taeyang Lee's earlier kernelCTF work had mapped out the AF_ALG attack surface. He realized that AF_ALG + splice creates a path where unprivileged userspace can feed page cache pages directly into the crypto subsystem and suspected that scatterlist page provenance may be an underexplored source of vulnerabilities.
https://xint.io/blog/copy-fail-linux-distributions#how-we-found-it-9
Cómo comprobar y mitigar la vulnerabilidad Copy Fail (CVE-2026-31431) en GNU/Linux
https://voidnull.es/como-comprobar-y-mitigar-la-vulnerabilidad-copy-fail-cve-2026-31431-en-gnu-linux/
#Linode (#Akamai Cloud) has published documentation on how to mitigate #CopyFail for both new and existing instances running there:
https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/
CISA warns: CopyFail Linux vuln exploited.
• Privilege escalation → root
• Impacts major distros
• Patch deadline May 15
Are you patched?
#InfoSec #Linux #CyberSecurity
Bluesky
Overview
- ollama
- ollama
- ollama/ollama
Description
Statistics
- 4 Posts
- 5 Interactions
Fediverse
https://www.cyera.com/research/bleeding-llama-critical-unauthenticated-memory-leak-in-ollama
Bluesky
Overview
Description
Statistics
- 3 Posts
- 1 Interaction
Bluesky
Overview
- GitHub
- Enterprise Server
Description
Statistics
- 2 Posts
- 14 Interactions
Fediverse
So, #GitHub is having a rough go of it lately. With significant instability and frequent outages in the last month and platform uptime dropping below 85%.
But the most fun trick? Any authenticated user could execute arbitrary commands on GitHub's backend servers with a single git push command - using nothing but a standard git client. (Because their architecture didn’t sterilize semicolons, thus prompt injection.)
On GitHub Enterprise Server, the vulnerability grants full server compromise, including access to all hosted repositories and internal secrets.
GitHub Enterprise Server customers should upgrade ASAP. Wiz dot io data indicates that 88% of instances were still vulnerable.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
GitHub Enterprise Server: Immediate action required!
Upgrade to #GHES version 3.19.3 or later - this release patches #CVE-2026-3854
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Overview
Description
Statistics
- 2 Posts
Bluesky
Overview
Description
Statistics
- 1 Post
- 8 Interactions
Overview
Description
Statistics
- 1 Post
Bluesky
Overview
- ci4-cms-erp
- ci4ms
Description
Statistics
- 1 Post
Fediverse
🔎 CVE-2026-41202: CRITICAL path traversal in ci4ms (<0.31.5.0) lets authenticated users upload ZIPs for remote code execution. Patch to 0.31.5.0 now! Details: https://radar.offseq.com/threat/cve-2026-41202-cwe-22-improper-limitation-of-a-pat-c7627c61 #OffSeq #infosec #CVE202641202 #vuln