CVE-2026-41089

Overview

Microsoft
Windows Server 2012

12 May 2026

Published

01 Jun 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.10%

MITRE

KEV

Description

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

Statistics

20 Posts
421 Interactions

Last activity: 2 hours ago

Fediverse

Dr. Christopher Kunz @christopherkunz

So CVE-2026-41089 (CVSS 9.8) in Windows Netlogon can be triggered by sending a username that is AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA or longer.
How original.

132
219
1
8h ago

cR0w @cR0w

:brdScream2: ^{^{^Hello,}} ^{^{^{CVE-2026-41089.}}} ^{^{^My}} ^{^{^name}} ^{^{^is}} ^{^{^{AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA}}}

13
32
0
5h ago

N_{Dario Fadda} @nuke

CVE-2026-41089: Windows Netlogon 0-Click RCE Now Actively Exploited — Patch Domain Controllers Immediately
#CyberSecurity
https://securebulletin.com/cve-2026-41089-windows-netlogon-0-click-rce-now-actively-exploited-patch-domain-controllers-immediately/

5
0
0
18h ago

Graham Sutherland / Polynomial @gsuberland

hmm. CVE-2026-41089 looks like a super basic stack buffer overflow in LSASS, straight out of a remote packet. I know Microsoft runs CodeQL over their code, and I can't envision a world where LSASS doesn't have coverage, so that raises questions about how it wasn't identified. my best guess is a process gap somewhere, but it would be cool to see a post incident report with info.

(and before one of you mentions the slopcoding thought-terminating cliché, maybe think about it for a minute first)

3
11
0
3h ago

buherator @buherator

CVE-2026-41089 — Microsoft Windows Netlogon BuildSamLogonResponse Stack-based Buffer Overflow RCE

https://aretiq.ai/research/vul260513-cve-2026-41089-microsoft-windows-netlogon-buildsamlogonresponse-stack-based-buffer-overflow-rce/

2
1
0
8h ago

Licho @licho

CVE-2026-41089 be like

0
1
0
5h ago

cR0w @cR0w

@zombie042 :brdThink:

MS08-067
9 years later
MS17-010
9 years later
CVE-2026-41089

0
1
0
2h ago

Bluesky

Tech-News @technology-news.bsky.social

The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is now under active exploitation in the wild, significantly raising the risk profile for unpatched Windows Server environments.

0
1
0
12h ago

Help Net Security @helpnetsecurity.com

Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089) 🔗 Read more: www.helpnetsecurity.com/2026/06/01/w... #vulnerability #Windows #cybersecurity

0
0
0
12h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-41089 enables unauthenticated remote code execution against Windows domain controllers via Netlogon, and is actively exploited in the wild.

0
0
2
12h ago

boredchilada @boredchilada.bsky.social

~Cybergcca~ CCCS published 9 advisories, notably warning of active in-the-wild exploitation of Windows Netlogon vulnerability CVE-2026-41089. - IOCs: CVE-2026-41089 - #CVE202641089 #ThreatIntel #Vulnerability

0
0
0
11h ago

WinFuture.de @winfuture.de

Kritische Sicherheitslücke CVE-2026-41089 in Netlogon wird aktiv ausgenutzt. Ungepatchte Windows-Server können ohne Authentifizierung kompromittiert werden. CVSS 9,8. #Windows #Sicherheit

0
0
1
10h ago

buherator @buherator.bsky.social

CVE-2026-41089 — Microsoft Windows Netlogon BuildSamLogonResponse Stack-based Buffer Overflow RCE aretiq.ai -> Original->

0
0
0
8h ago

Undercode Testing @undercode.bsky.social

URGENT PATCH NOW: CVE-2026-41089 – The Zerologon-Level Netlogon RCE Being Mass-Exploited in the Wild + Video Introduction: CVE-2026-41089 is a CVSS 9.8 stack-based buffer overflow vulnerability in the Windows Netlogon service. This critical flaw allows an unauthenticated, remote attacker to…

0
0
0
7h ago

Robert Wilson @frcolumba.bsky.social

Hang on, RCE in netlogon and Belgium is saying it’s actively being exploited? CVE-2026-41089 Either internal networks are going to be on fire or something ain’t right with the actively exploited bit ccb.belgium.be/advisories/w...

0
0
0
4h ago

キタきつね @kitafox.bsky.social

Windows Netlogonのリモートコード実行（RCE）が悪用され、ドメインコントローラーが危険にさらされています（CVE-2026-41089） Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089) #HelpNetSecurity (Jun 1) www.helpnetsecurity.com/2026/06/01/w...

0
0
0
2h ago

CVE-2026-0257

Overview

Palo Alto Networks
Cloud NGFW

13 May 2026

Published

30 May 2026

Updated

CVSS v4.0

HIGH (7.8)

EPSS

41.50%

MITRE

KEV

Description

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.

Statistics

13 Posts
1 Interaction

Last activity: Last hour

Fediverse

benzogaga33 :verified: @benzogaga33

Palo Alto – CVE-2026-0257 : cette faille dans le VPN est activement exploitée ! https://www.it-connect.fr/palo-alto-cve-2026-0257-cette-faille-dans-le-vpn-est-activement-exploitee/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #PaloAlto

0
0
0
11h ago

CyberNetsecIO @netsecio

📰 Actively Exploited PAN-OS Flaw (CVE-2026-0257) Allows VPN Hijack, CISA Adds to KEV

🚨 ACTIVE EXPLOITATION: A PAN-OS flaw (CVE-2026-0257) in GlobalProtect is being exploited to bypass auth & hijack VPNs. CISA has added it to the KEV catalog. Patch now! #CVE #Vulnerability #PaloAltoNetworks

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/palo-alto-networks-pan-os-vulnerability-under-active-exploitation/?utm_source=mastodon&utm_medium=social&utm_campaign=daily

0
0
0
9h ago

Bluesky

N_{Dario Fadda} @nuke86.rfeed.it

CVE-2026-0257: Palo Alto GlobalProtect sotto attacco — cookies bypassano l’autenticazione VPN il blog: insicurezzadigitale.com/cve-2026-025... #cybersecurity #cisakev #globalprotect #infosec #paloaltonetworks #vpn #zeroday

0
1
0
19h ago

Help Net Security @helpnetsecurity.com

Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257) 📖 Read more: www.helpnetsecurity.com/2026/06/01/h... #cybersecurity #cybersecuritynews #VPN #vulnerability @paloaltonetworks.com @rapid7.com

0
0
0
17h ago

Information Security Briefly @infosecbriefly.bsky.social

Threat actors exploited CVE-2026-0257 in Palo Alto PAN-OS GlobalProtect portals and gateways shortly after disclosure, bypassing restrictions and gaining VPN access.

0
0
0
17h ago

IT-Connect @it-connect.bsky.social

⚠️ Palo Alto – CVE-2026-0257 Cette faille de sécurité dans le VPN GlobalProtect est activement exploitée ! Elle permet de contourner l'authentification... Un patch PAN-OS est disponible. Plus d'infos par ici : - www.it-connect.fr/palo-alto-cv... #paloalto #infosec #cybersecurite

0
0
0
16h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

CVE-2026-0257 in Palo Alto Networks PAN-OS was exploited within 4 days of disclosure, with forged cookies bypassing GlobalProtect auth. Rapid7 and CISA confirmed active attacks. #PaloAlto #PANOS #CISA

0
0
0
15h ago

Information Security Briefly @infosecbriefly.bsky.social

Attackers are exploiting CVE-2026-0257 to bypass GlobalProtect authentication on vulnerable PAN-OS systems, enabling unauthorized VPN access and requiring urgent patching.

0
0
0
15h ago

CyberVeille @cyberveille-ch.bsky.social

📢 Exploitation active de CVE-2026-0257 : contournement d'authentification GlobalProtect VPN 📝 ## 🔍 Contexte Source : BleepingComputer, publié le 3… https://cyberveille.ch/posts/2026-06-01-exploitation-active-de-cve-2026-0257-contournement-d-authentification-globalprotect-vpn/ #CISA_KEV #Cyberveille

0
0
0
11h ago

Red Siege @redsiege.com

Attackers are actively exploiting CVE-2026-0257 in Palo Alto PAN-OS GlobalProtect VPNs to bypass authentication and gain access without valid credentials. CISA has added the flaw to its Known Exploited Vulnerabilities catalog. via @darkreading.bsky.social www.darkreading.com/threat-intel...

0
0
0
7h ago

キタきつね @kitafox.bsky.social

ハッカーがPalo Alto GlobalProtect VPNの認証バイパス脆弱性（CVE-2026-0257）を悪用しています Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257) #HelpNetSecurity (Jun 1) www.helpnetsecurity.com/2026/06/01/h...

0
0
0
2h ago

OpsMatters @opsmatters.com

The latest update for #CyCognito includes "Emerging Threat: (CVE-2026-0257) PAN-OS GlobalProtect Authentication Bypass via Forged Override Cookies". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X

0
0
0
Last hour

boredchilada @boredchilada.bsky.social

~Checkpoint~ Weekly threat intel highlights major data breaches, AI-driven campaigns, and active exploitation of PAN-OS and Ghost CMS vulnerabilities. - IOCs: CVE-2026-0257, CVE-2026-26980, CVE-2026-48131 - #DataBreach #ThreatIntel #Vulnerabilities

0
0
0
11h ago

CVE-2026-8732

Overview

flippercode
WP Maps Pro

29 May 2026

Published

29 May 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.07%

MITRE

KEV

Description

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmp_temp_access_ajax AJAX action being registered with wp_ajax_nopriv_ and protected only by a nonce check using the fc-call-nonce nonce, which is publicly embedded into every frontend page via wp_localize_script as the nonce field of the wpgmp_local JavaScript object, rendering the check ineffective as an access control mechanism. This makes it possible for unauthenticated attackers to invoke the wpgmp_temp_access_support handler with check_temp=false, which unconditionally creates a new WordPress user with the hardcoded role of administrator via wp_insert_user() and returns a magic login URL that, when visited, calls wp_set_auth_cookie() to fully authenticate the attacker as the newly created administrator, resulting in complete site takeover.

Statistics

14 Posts
2 Interactions

Last activity: 2 hours ago

Fediverse

TNW @thenextweb

A WordPress plugin sold to 15,000 sites has a flaw that lets anyone create an admin account, and attackers are already using it
https://thenextweb.com/news/wp-maps-pro-wordpress-vulnerability-admin-accounts-cve-2026-8732?utm_source=flipboard&utm_medium=activitypub

Posted into Sustainability @sustainability-thenextweb

1
0
0
8h ago

RS Web Solutions (RSWEBSOLS) @rswebsols

WP Maps Pro Vulnerability Used to Generate Admin Accounts on WordPress Websites #wordpress

Critical WordPress alert: A vulnerability in WP Maps Pro (CVE-2026-8732) allows unauthenticated creation of admin accounts on affected sites (versions 6.1.0 and earlier). Exploits enable backdoors, content changes, and full site takeover. Update to WP Maps Pro 6.1.1 now. More details: https://ift.tt/rD2835w

Source: https://ift.tt/rD2835w | Image: https://ift.tt/8Bei13V

0
1
0
4h ago

Neo @neo_agent

Ich habe gerade eine aktive Ausnutzung einer kritischen WP Maps Pro Schwachstelle gesehen. CVE-2026-8732 (CVSS 9.8) erlaubt unauthentifizierten Angreifern Admin-Accounts anzulegen und Sites zu kapern. Alle Versionen bis 6.1.0 betroffen.

Update dringend auf 6.1.1!

#WordPress #Security #CVE

0
0
0
13h ago

🔒 Security Cyber @securitycyber

CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password Tracked as **CVE-2026-8732**.
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

- CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts.

https://securitycyber.uk

Resources: https://securitycyber.uk | https://www.hackthebox.com

0
0
0
13h ago

🔒 Security Cyber @securitycyber

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

**Critical Alert:** A severe vulnerability (CVE-2026-8732) has been identified and requires immediate attention from security teams worldwide.

## The Details

https://securitycyber.uk

Resources: https://securitycyber.uk | https://www.hackthebox.com

0
0
3
3h ago

Bluesky

Bitnewsbot @bitnewsbot.bsky.social

A critical vulnerability (CVE-2026-8732) in the WP Maps Pro WordPress plugin allows attackers to create admin accounts. The flaw affects […]

0
0
0
17h ago

EMPIST @empist.bsky.social

CVE-2026-8732 in WP Maps Pro is being actively exploited — 2,858 attacks in 24 hours. Attackers are creating admin accounts on unpatched WordPress sites. Update or disable the plugin now. #WordPress #Cybersecurity snip.ly/cwy2ra

0
0
0
10h ago

CyberVeille @cyberveille-ch.bsky.social

📢 CVE-2026-8732 : faille critique dans WP Maps Pro exploitée pour créer des comptes admin WordPress 📝 ## 🗓️ Contexte Source : Bleeping… https://cyberveille.ch/posts/2026-06-01-cve-2026-8732-faille-critique-dans-wp-maps-pro-exploitee-pour-creer-des-comptes-admin-wordpress/ #CVE_2026_8732 #Cyberveille

0
0
0
10h ago

Information Security Briefly @infosecbriefly.bsky.social

Unauthenticated attackers exploit CVE-2026-8732 in WP Maps Pro to create administrator accounts and gain full site control via a weak nonce-protected AJAX endpoint.

0
0
0
8h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

WP Maps Pro CVE-2026-8732 is being exploited to create admin accounts and seize WordPress sites. The flaw scores 9.8 CVSS and was patched in version 6.1.1. #WPMapsPro #CVE20268732 #WordPress

0
0
0
7h ago

キタきつね @kitafox.bsky.social

CVE-2026-8732：WP Maps Proの脆弱性により、誰でもパスワードなしでWordPress管理画面を作成できてしまう CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password #SecurityAffairs (Jun 1) securityaffairs.com/192977/hacki...

0
0
0
2h ago

CVE-2026-48770

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

2 Posts
5 Interactions

Last activity: 12 hours ago

Fediverse

:mastodon: decio @decio

Si vous utilisez Notepad++, pensez à vérifier votre version : la 8.9.6.2 corrige plusieurs vulnérabilités, dont certaines pouvant mener à l’exécution de code arbitraire.
👇
https://notepad-plus-plus.org/news/v8961-released/
⬇️
https://notepad-plus-plus.org/news/v8962-released/

Un attaquant pourrait tirer parti de fichiers de configuration ou de raccourcis spécialement modifiés pour faire exécuter des commandes à notre insu dans certains scénarios

Un PoC public circule déjà, ce qui réduit le délai entre la divulgation et les tentatives d’exploitation opportunistes.
⬇️
https://github.com/atiilla/Notepad-8.9.6-PoC

Dans les news
⬇️
https://thecyberexpress.com/notepad-cve-2026-48770-vulnerability/

#CyberVeille #NotepadPlusPlus

2
3
0
18h ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 Notepad++ 8.9.6.1 corrige trois vulnérabilités dont une RCE critique via config.xml 📝 📰 **Source** : The Cyber Express | **Date de publication** … https://cyberveille.ch/posts/2026-06-01-notepad-8-9-6-1-corrige-trois-vulnerabilites-dont-une-rce-critique-via-config-xml/ #CVE_2026_48770 #Cyberveille

0
0
0
12h ago

CVE-2026-48188

Overview

OTRS AG
OTRS

01 Jun 2026

Published

01 Jun 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.07%

MITRE

KEV

Description

An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X * (OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected

Statistics

2 Posts
1 Interaction

Last activity: 17 hours ago

Fediverse

Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-48188 - Critical SQL injection in OTRS. Unauthenticated attackers can bypass authentication via MySQL/MariaDB with NO_BACKSLASH_ESCAPES mode. CVSS 9.1. No patch available. Disable affected SQL mode immediately. #CVE #OTRS #infosec

https://www.valtersit.com/cve/CVE-2026-48188/

0
0
0
22h ago

Bluesky

BaseFortify.eu @basefortify.bsky.social

🚨 OTRS users should take note of CVE-2026-48188 A critical unauthenticated SQL injection vulnerability may allow authentication bypass under specific MySQL/MariaDB configurations. 🎫 Affects multiple OTRS generations and Community Edition. 🔗 basefortify.eu/cve_reports/... #OTRS #SQLInjection #CVE

0
1
0
17h ago

CVE-2026-10189

Overview

Tenda
W12

31 May 2026

Published

01 Jun 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.09%

MITRE

KEV

Description

A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Statistics

2 Posts

Last activity: 18 hours ago

Fediverse

OffSequence @offseq

⚠️ CVE-2026-10189: HIGH severity stack-based buffer overflow in Tenda W12 (v3.0.0.7). Exploitable remotely, risk of code execution. No patch — restrict access & monitor for updates. https://radar.offseq.com/threat/cve-2026-10189-stack-based-buffer-overflow-in-tend-813ea883 #OffSeq #Vulnerability #Tenda #RouterSecurity

0
0
0
20h ago

Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-10189 - Critical stack buffer overflow in Tenda W12 3.0.0.7(4763). Remote attack possible via /bin/httpd cgiSysTimeInfoSet. CVSS 8.8. Unpatched. Isolate affected devices immediately. #CVE #Tenda #infosec

https://www.valtersit.com/cve/CVE-2026-10189/

0
0
0
18h ago

CVE-2024-21182

Overview

Oracle Corporation
WebLogic Server

16 Jul 2024

Published

01 Jun 2026

Updated

CVSS v3.1

HIGH (7.5)

EPSS

87.67%

MITRE

KEV

Description

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Statistics

2 Posts

Last activity: 3 hours ago

Bluesky

boredchilada @boredchilada.bsky.social

~Cisa~ CISA added Oracle WebLogic Server vulnerability CVE-2024-21182 to its KEV catalog due to active exploitation. - IOCs: CVE-2024-21182 - #CVE202421182 #ThreatIntel #WebLogic

0
0
0
7h ago

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Jun 1) CVE-2024-21182 Oracle WebLogic Serverの特定されていない脆弱性 www.cisa.gov/news-events/...

0
0
0
3h ago

CVE-2026-0073

Overview

Google
Android

04 May 2026

Published

05 May 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as the shell user with no additional execution privileges needed. User interaction is not needed for exploitation.

Statistics

1 Post
7 Interactions

Last activity: 17 hours ago

Fediverse

Deepfield @deepfield

#TerraBot: first #DDoS botnet we've seen carrying a working exploit for CVE-2026-0073 (Critical ADB auth bypass, patched May 2026).

Every other ADB botnet needs auth disabled; this one doesn't. Comes with 30+ methods + dual APK/ELF cross-platform worming.

C2: terrabot.qzz[.]io:69
Staging: 140.233.190[.]47 (AS214209)
hash: a532a072687f5bd6f8f4c2fb1ce899a5d3c4264453fe2e7bafc270e83661c893

#threatintel

4
3
0
17h ago

CVE-2026-26980

Overview

TryGhost
Ghost

20 Feb 2026

Published

26 May 2026

Updated

CVSS v3.1

CRITICAL (9.4)

EPSS

56.66%

MITRE

KEV

Description

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Statistics

2 Posts

Last activity: 11 hours ago

Fediverse

🔒 Security Cyber @securitycyber

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

A new vulnerability has landed and it deserves attention. CVE-2026-26980: SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99 SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99 Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

## Th...

https://securitycyber.uk

Resources: https://securitycyber.uk | https://www.hackthebox.com

0
0
0
19h ago

Bluesky

boredchilada @boredchilada.bsky.social

~Checkpoint~ Weekly threat intel highlights major data breaches, AI-driven campaigns, and active exploitation of PAN-OS and Ghost CMS vulnerabilities. - IOCs: CVE-2026-0257, CVE-2026-26980, CVE-2026-48131 - #DataBreach #ThreatIntel #Vulnerabilities

0
0
0
11h ago

CVE-2026-45250

Overview

FreeBSD
FreeBSD

21 May 2026

Published

22 May 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capacity of that buffer, a stack buffer overflow occurs. Because the bounds check on the supplementary groups list occurs after the kernel stack buffer has already been written, an unprivileged local user may trigger the overflow without holding any special privilege. Successful exploitation may allow an attacker to execute arbitrary code in the context of the kernel, allowing an unprivileged local user to gain elevated privileges on the affected system.

Statistics

2 Posts
19 Interactions

Last activity: 21 hours ago

Fediverse

buherator @buherator

An AI audit of FreeBSD - 15 kernel bugs, including 3 RCEs, 5 LPEs, and 1 bhyve escape.

https://blog.calif.io/p/an-ai-audit-of-freebsd

CVE-2026-45250, CVE-2026-45253, CVE-2026-45251

15
4
0
21h ago

Bluesky

buherator @buherator.bsky.social

An AI audit of FreeBSD - 15 kernel bugs, including 3 RCEs, 5 LPEs, and 1 bhyve escape. blog.calif.io -> CVE-2026-45250, CVE-2026-45253, CVE-2026-45251 Original->

0
0
0
21h ago