24h | 7d | 30d

CVE-2026-3888

Overview

  • snapd
17 Mar 2026
Published
18 Mar 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.01%
KEV

Description

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

Statistics

  • 16 Posts
  • 16 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
buherator @buherator
snap-confine + systemd-tmpfiles = root (CVE-2026-3888)

https://www.openwall.com/lists/oss-security/2026/03/17/8

Qualys just can't stop!
  • 4
  • 1
  • 0
  • 21h ago
Profile picture fallback
TechNadu @technadu

Critical Ubuntu flaw (CVE-2026-3888) enables local root escalation via Snap.

Delayed exploit (10–30 days) makes detection harder.

Patch snapd immediately.
technadu.com/critical-cve-2026

  • 1
  • 0
  • 0
  • 5h ago
Profile picture fallback
Ludovic Courtès @civodul

Looks like removing files from /tmp on a running system is racy and risky:
blog.qualys.com/vulnerabilitie

Someone on oss-sec shared a very similar issue from 2002 (‘tmpwatch’ instead of ‘systemd-tmpfiles’):
lcamtuf.coredump.cx/tmp_paper.

  • 0
  • 3
  • 0
  • 20h ago
Profile picture fallback
tomcat @tomcat

🛑 ALERT - A new flaw in 24.04+ lets attackers gain full root access from low privileges.

By timing system cleanup, they replace a snap directory and execute code as root—no user action required.

🔗 Exploit steps and patched versions → thehackernews.com/2026/03/ubun

  • 0
  • 1
  • 0
  • 7h ago
Profile picture fallback
𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

Global tensions heighten as the US-Iran conflict escalates, impacting oil markets via the Strait of Hormuz (March 18). Technology sees continued rapid AI advancement, with OpenAI's GPT-5.4 and Anthropic's Claude Sonnet 4.6 released (March 17). In cybersecurity, the EU sanctioned private cyber offensive groups (March 17), and a critical Ubuntu privilege escalation flaw (CVE-2026-3888) was discovered (March 18). AI-driven threats also increasingly impact M&A security.

#Geopolitics #Cybersecurity #AINews

  • 0
  • 1
  • 0
  • 2h ago
Profile picture fallback
𝕚𝕒𝕞𝕕𝕥𝕞𝕤 @iamdtms

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
thehackernews.com/2026/03/ubun

  • 0
  • 0
  • 1
  • 9h ago
Profile picture fallback
benzogaga33 :verified: @benzogaga33

CVE-2026-3888 : quand le nettoyage système d’Ubuntu offre un accès root it-connect.fr/cve-2026-3888-qu #ActuCybersécurité #Cybersécurité #Vulnérabilité #Linux

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture fallback
Patrick C Miller @patrickcmiller.bsky.social
CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit securityaffairs.com/189614/secur...
  • 2
  • 0
  • 1
  • 6h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CVE-2026-3888 is a high-severity privilege escalation vulnerability in Ubuntu Desktop 24.04+ that allows unprivileged attackers to gain root access through snap-confine and systemd-tmpfiles interaction.
  • 1
  • 1
  • 0
  • 9h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
Good Things Come to Those Who Wait: New Ubuntu ‘Snap’ Exploit Grants Root After 30-Day Countdown (CVE-2026-3888) + Video Introduction: In the world of cybersecurity, patience is a virtue—especially for local attackers targeting Ubuntu Desktop 24.04 and later. A newly disclosed high-severity…
  • 0
  • 1
  • 0
  • 9h ago
Profile picture fallback
buherator @buherator.bsky.social
snap-confine + systemd-tmpfiles = root (CVE-2026-3888) www.openwall.com -> Qualys just can't stop! Original->
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Ninja Owl @ninjaowl.ai
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
TechNadu @technadu.com
Ubuntu vulnerability CVE-2026-3888 allows local users to gain root access. Delayed execution via system cleanup makes it harder to detect. Patch snapd now. #Cybersecurity #Linux
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Attention System Administrators and Ubuntu Users! A new security update (USN-8102-2) has been released for #Ubuntu 24.04 LTS addressing a high-impact privilege escalation vulnerability in snapd (CVE-2026-3888). Read more: 👉 tinyurl.com/htsw4959 #Security
  • 0
  • 0
  • 0
  • 4h ago

CVE-2026-20643

Overview

  • Apple
  • macOS
17 Mar 2026
Published
18 Mar 2026
Updated
CVSS
Pending
EPSS
0.02%
KEV

Description

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2. Processing maliciously crafted web content may bypass Same Origin Policy.

Statistics

  • 9 Posts
  • 13 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Jeff Hall - PCIGuru :verified: @jbhall56

The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit's Navigation API that could be exploited to bypass the same-origin policy when processing maliciously crafted web content. thehackernews.com/2026/03/appl

  • 0
  • 0
  • 1
  • 6h ago
Profile picture fallback
GuardingPearSoftware @guardingpearsoftware

Apple has introduced a new update system called Background Security Improvements for delivering faster, lightweight security patches across its platforms.

The first update using this mechanism addressed CVE-2026-20643, a WebKit cross-origin vulnerability that could be exploited through malicious web content.

  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
Kapitän Clownfeuer @rasur

Apparently just affects the 26’s ?support.apple.com/en-us/126604 / CVE-2026-20643

  • 0
  • 0
  • 0
  • 1h ago

Bluesky

Profile picture fallback
BleepingComputer @bleepingcomputer.com
Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.
  • 2
  • 10
  • 1
  • 17h ago
Profile picture fallback
Tech Trending @tech-trending.bsky.social
iPhone/iPad/Macに脆弱性、Appleが「バックグラウンドセキュリティ改善」を実施/クロスオリジン問題「CVE-2026-20643」を解決 https://forest.watch.impress.co.jp/docs/news/2094087.html
  • 1
  • 0
  • 0
  • 4h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
CVE-2026-20643: Apple’s Silent War on Browser Isolation—How a WebKit Flaw Exposes Your Data + Video Introduction: Apple has quietly patched a critical memory corruption vulnerability in WebKit, the browser engine powering Safari. Tracked as CVE-2026-20643, this flaw allowed malicious web content…
  • 0
  • 0
  • 0
  • 11h ago
Profile picture fallback
Bitnewsbot @bitnewsbot.bsky.social
Apple released its first Background Security Improvements to patch a cross-origin vulnerability in WebKit. The flaw, CVE-2026-20643, could bypass the […]
  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-32746

Overview

  • GNU
  • inetutils
13 Mar 2026
Published
18 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.04%
KEV

Description

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

Statistics

  • 11 Posts
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Sam Stepanyan :verified: 🐘 @securestep9

: Yet Another Critical Unauthenticated Root RCE CVE-2026-32746 discovered in legacy inetUtils Telnet - no user interaction and no special network position required.
Telnet is still in use in old switches, routers, ICS/IoT, cameras:
👇
thehackernews.com/2026/03/crit

  • 0
  • 0
  • 1
  • 9h ago
Profile picture fallback
benzogaga33 :verified: @benzogaga33

CVE-2026-32746 : les serveurs Linux menacés par une nouvelle faille Telnet it-connect.fr/cve-2026-32746-l #ActuCybersécurité #Cybersécurité #Vulnérabilité #Linux

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture fallback
softfantw.eurosky.social @softfantw.eurosky.social
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23 thehackernews.com/2026/03/crit...
  • 0
  • 0
  • 4
  • 11h ago
Profile picture fallback
Ninja Owl @ninjaowl.ai
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23 #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
Lead Better Today @lbtoday1.bsky.social
A critical vulnerability has been discovered in the Telnet Daemon (Telnetd), a widely used protocol for remote access to devices. This flaw, identified as CVE-2026-32746, can allow an unauthenticated attacker to execute arbitrary code on affected systems. References: 1. thehackernews.
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
Calimeg @calimegai.bsky.social
🌐 Une faille critique non corrigée (CVE-2026-32746) dans telnetd GNU InetUtils permet une exécution distante de code en root via le port 23. Score CVSS: 9,8/10. #CyberSecurity #Automatisation
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-20131

Overview

  • Cisco
  • Cisco Secure Firewall Management Center (FMC)
04 Mar 2026
Published
05 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.58%
KEV

Description

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.

Statistics

  • 4 Posts
  • 5 Interactions
Last activity: Last hour

Bluesky

Profile picture fallback
Ninja Owl @ninjaowl.ai
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 1
  • 2
  • 0
  • 1h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Interlock ransomware exploits critical Cisco Secure Firewall vulnerability CVE-2026-20131 as zero-day since January 26, 2026, enabling unauthenticated remote code execution with root privileges.
  • 0
  • 1
  • 0
  • 1h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Ransomware group Interlock exploited CVE-2026-20131 in Cisco Secure Firewall Management Center for 36 days before Cisco's patch, enabling remote code execution as root on vulnerable devices.
  • 0
  • 1
  • 0
  • Last hour
Profile picture fallback
softfantw.eurosky.social @softfantw.eurosky.social
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access thehackernews.com/2026/03/inte...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2025-15576

Overview

  • FreeBSD
  • FreeBSD
09 Mar 2026
Published
10 Mar 2026
Updated
CVSS
Pending
EPSS
0.01%
KEV

Description

If two sibling jails are restricted to separate filesystem trees, which is to say that neither of the two jail root directories is an ancestor of the other, jailed processes may nonetheless be able to access a shared directory via a nullfs mount, if the administrator has configured one. In this case, cooperating processes in the two jails may establish a connection using a unix domain socket and exchange directory descriptors with each other. When performing a filesystem name lookup, at each step of the lookup, the kernel checks whether the lookup would descend below the jail root of the current process. If the jail root directory is not encountered, the lookup continues. In a configuration where processes in two different jails are able to exchange file descriptors using a unix domain socket, it is possible for a jailed process to receive a directory for a descriptor that is below that process' jail root. This enables full filesystem access for a jailed process, breaking the chroot. Note that the system administrator is still responsible for ensuring that an unprivileged user on the jail host is not able to pass directory descriptors to a jailed process, even in a patched kernel.

Statistics

  • 1 Post
  • 14 Interactions
Last activity: 11 hours ago

Fediverse

Profile picture fallback
Ricardo Martín :bsdhead: @ricardo

Jail chroot escape via fd exchange with a different jail
CVE-2025-15576

"Note that in order to exploit this problem, an attacker requires control over processes in two jails which share a nullfs mount in which a unix socket can be installed."

freebsd.org/security/advisorie

#freebsd #jails #security

  • 5
  • 9
  • 0
  • 11h ago

CVE-2026-32136

Overview

  • AdguardTeam
  • AdGuardHome
11 Mar 2026
Published
12 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.79%
KEV

Description

AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext (h2c). Once the upgrade is accepted, the resulting HTTP/2 connection is handled by the inner mux, which has no authentication middleware attached. All subsequent HTTP/2 requests on that connection are processed as fully authenticated, regardless of whether any credentials were provided. This vulnerability is fixed in 0.107.73.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture fallback
benzogaga33 :verified: @benzogaga33

Votre AdGuard Home est vulnérable à une compromission totale : CVE-2026-32136 it-connect.fr/votre-adguard-ho #ActuCybersécurité #Cybersécurité #Vulnérabilité

  • 2
  • 0
  • 0
  • 7h ago

CVE-2025-43520

Overview

  • Apple
  • macOS
12 Dec 2025
Published
15 Dec 2025
Updated
CVSS
Pending
EPSS
0.02%
KEV

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.

Statistics

  • 2 Posts
  • 3 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
Francesco Marini @fmarini

@agreenberg more in depth analysis from Google.

It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

wired.com/story/hundreds-of-mi

  • 1
  • 1
  • 0
  • 2h ago
Profile picture fallback
Francesco Marini @fmarini

As usual, Wired is… not great 🙄

Regarding DarkSword, the latest objectively bad exploit affecting iOS and Safari, Google has a more in depth analysis, with a lot more informations on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

wired.com/story/hundreds-of-mi

  • 0
  • 1
  • 0
  • 2h ago

CVE-2026-31938

Overview

  • parallax
  • jsPDF
18 Mar 2026
Published
18 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.6)
EPSS
0.04%
KEV

Description

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of the `options` argument of the `output` function allows attackers to inject arbitrary HTML (such as scripts) into the browser context the created PDF is opened in. The vulnerability can be exploited in the following scenario: the attacker provides values for the output options, for example via a web interface. These values are then passed unsanitized (automatically or semi-automatically) to the attack victim. The victim creates and opens a PDF with the attack vector using one of the vulnerable method overloads inside their browser. The attacker can thus inject scripts that run in the victims browser context and can extract or modify secrets from this context. The vulnerability has been fixed in jspdf@4.2.1. As a workaround, sanitize user input before passing it to the output method.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CRITICAL XSS (CVE-2026-31938) in parallax jsPDF <4.2.1 allows attackers to inject scripts via PDF options — exploited when victims open crafted PDFs. Upgrade to 4.2.1+ ASAP! radar.offseq.com/threat/cve-20

  • 1
  • 1
  • 0
  • 13h ago

CVE-2026-25750

Overview

  • langchain-ai
  • helm
04 Mar 2026
Published
05 Mar 2026
Updated
CVSS v4.0
HIGH (8.5)
EPSS
0.06%
KEV

Description

Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studio that could allow unauthorized access to user accounts through stolen authentication tokens. The vulnerability affected both LangSmith Cloud and self-hosted deployments. Authenticated LangSmith users who clicked on a specially crafted malicious link would have their bearer token, user ID, and workspace ID transmitted to an attacker-controlled server. With this stolen token, an attacker could impersonate the victim and access any LangSmith resources or perform any actions the user was authorized to perform within their workspace. The attack required social engineering (phishing, malicious links in emails or chat applications) to convince users to click the crafted URL. The stolen tokens expired after 5 minutes, though repeated attacks against the same user were possible if they could be convinced to click malicious links multiple times. The fix in version 0.12.71 implements validation requiring user-defined allowed origins for the baseUrl parameter, preventing tokens from being sent to unauthorized servers. No known workarounds are available. Self-hosted customers must upgrade to the patched version.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 3 hours ago

Fediverse

Profile picture fallback
InfoSecSherpa @InfoSecSherpa

"Hack the Brain: Uncovering an Account Takeover Vulnerability in LangSmith" Miggo Security discovered a critical account takeover vulnerability (CVE-2026-25750) in LangSmith. Learn how this flaw exposed proprietary AI data. api.cyfluencer.com/s/hack-the-

  • 1
  • 0
  • 0
  • 3h ago

CVE-2026-0723

Overview

  • GitLab
  • GitLab
22 Jan 2026
Published
26 Feb 2026
Updated
CVSS v3.1
HIGH (7.4)
EPSS
0.01%
KEV

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an individual with existing knowledge of a victim's credential ID to bypass two-factor authentication by submitting forged device responses.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 10 hours ago

Fediverse

Profile picture fallback
Saphire Lattice @saphire

Oh no/lmao

I've just seen the GitLab's CVE-2026-0723 - January vuln with 2FA bypass involving FIDO2. So that applies to passkey login and 2FA with a security key. Given it's open source I've checked for the commit and uh. They ran the check for "hey is passkey response valid" and then just ignored the result

The fix changes it to check the return and throw. Wonder if someone thought the function would throw inside of it or something? Hmmmm

Really just doing everything right except for the last little bit x3

#infosec #passkeys #fido2

  • 0
  • 3
  • 0
  • 10h ago
Showing 1 to 10 of 43 CVEs