Whoopsie

https://security.paloaltonetworks.com/CVE-2026-0300

...sigh...
<insert HereWeGoAgain.gif meme>

~~~~~~~~~~~

Urgent Palo Alto Networks Security Advisory - Severity 9.3 · CRITICAL

Palo Alto Networks has published one new Security Advisory for a Critical Unauthenticated User initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal. This is available at https://security.paloaltonetworks.com/CVE-2026-0300

We strongly advise PAN-OS customers to read the advisory and take appropriate action immediately to protect their devices.

#PaloAlto #Cybersecurity #SysAdmin #Infosec

So this PAN-OS bug, CVE-2026-0300.

Is there a good reason to expose this User-ID Authentication Portal to the internet in the first place? Yes yes, defend against insider threats and all that, but the opportunistic, across-the-ocean attack seems like it relies more on misconfiguration than anything.

It doesn't seem to be very useful to associate a user identity to an internet-based IP address in the first place, so don't do that? Or am I wildly misunderstanding the utility here? (At first I thought it was like a capture portal like you find on hotel WiFi, but it's more specialized than that I think.)

Regardless, @runZeroInc has a Rapid Response out for it now. No Palo Alto patches available yet.

https://www.runzero.com/blog/palo-alto-networks/

Today in send a packet to a border security appliance and get root.

https://security.paloaltonetworks.com/CVE-2026-0300

📰 Critical Palo Alto Networks Zero-Day (CVE-2026-0300) Actively Exploited for RCE

🚨 CRITICAL ZERO-DAY: Palo Alto Networks warns of an unpatched, actively exploited RCE vulnerability (CVE-2026-0300) in PAN-OS firewalls. The flaw allows root access via the User-ID portal. Mitigate immediately! #CyberSecurity #ZeroDay #PANOS

🔗 https://cyber.netsecops.io

#PaloAlto PAN-OS Vulnerability CVE-2026-0300 Under Active Exploitation - Enables Remote Code Execution (#RCE) - CVSS 9.3 no patch released yet, but expected soon!
👇
https://thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html

PAN-OS zero-day (CVE-2026-0300) exploited.
• Unauth RCE (root)
• Targets exposed portals
• Patches start May 13

https://www.technadu.com/palo-alto-networks-to-patch-exploited-pan-os-zero-day-cve-2026-0300-starting-may-13/627358/

Are you mitigating now?
#InfoSec #CyberSecurity #ZeroDay

CVE Record: CVE-2026-0300 - Title: PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

https://www.cve.org/CVERecord?id=CVE-2026-0300

🚨 CVE-2026-0300: CRITICAL PAN-OS vuln in PA-Series & VM-Series. Buffer overflow in User-ID Auth Portal enables unauth RCE as root. Restrict portal access ASAP. Prisma Access & Cloud NGFW not impacted. Details: https://radar.offseq.com/threat/cve-2026-0300-cwe-787-out-of-bounds-write-in-palo--a6a99009 #OffSeq #PaloAltoNetworks #Vuln

"That 'responsible disclosure' Thing"

A post with the details of CVE-2026-23918, the double free vulnerability fixed in Apache httpd 2.4.67.

#apache
https://eissing.org/icing/posts/responsible-disclosure/

#Debian stable #apache2 package 2.4.66-1~deb13u2 already includes the fix for CVE-2026-23918.

You an verify this by apt-get source apache2 and then checking out apache2-2.4.66/debian/patches/bug1125368.patch

The security tracker at https://security-tracker.debian.org/tracker/CVE-2026-23918 currently has wrong information. This is likely due to automation based on version numbers alone.

#CVE_2026_23918

RE: https://chaos.social/@icing/116526903529846107

Aftermath: people, running Debian httpd 2.4.66, started complaining when they’ll get the 2.4.67 update to fix this RCE vulnerability. Which they already were protected from, but did not know. Because the CVE was not public at the time the fix was shipped.

[...]

Two security researchers found the vulnerability independently. Just scanning the 2.4.66 source code. This means the bad guys can no longer be kept in the dark. Coordinated disclosure no longer works.

#CVE_2026_23918

Yang masih pakai #httpd nya #apache silahkan dicek, kena impact-nya gak

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html

#cve #infosec

Mocne odkrycie - RCE bez uwierzytelnienia w serwerze Apache znalezione przez Bartłomieja Dmitruka ze striga.ai (detektor błędów oparty na AI) oraz Stanisława Strzałkowskiego z ISEC.pl. Na serwerze musi być włączone mod_http2 - ale na wielu jest.

https://www.cve.org/CVERecord?id=CVE-2026-23918
https://httpd.apache.org/security/vulnerabilities_24.html

@tychotithonus I just love the Debian security tracker, they manage the flood so good https://security-tracker.debian.org/tracker/CVE-2026-23918

Faille Apache : deux simples trames suffisent à faire un déni de service (CVE-2026-23918) https://www.it-connect.fr/faille-apache-deux-simples-trames-suffisent-a-faire-un-deni-de-service-cve-2026-23918/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Apache

@Andres4NY Parent post updated, apparently CVE-2026-23918 was fixed much earlier?

Doubling the Trouble

CVE-2026-23918 double free vulnerability PoC for Apache httpd <=2.4.66. Fixed in >=2.4.67
https://github.com/nflatrea/playground/tree/main/cve/CVE-2026-23918

📰 Critical RCE Flaw in Apache HTTP Server's HTTP/2 Module Patched

🚨 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE

🔗 https://cyber.netsecops.io

Mañana ha sido hoy:

https://voidnull.es/como-comprobar-y-mitigar-la-vulnerabilidad-copy-fail-cve-2026-31431-en-gnu-linux/

Copy Fail CVE-2026-31431

> How they found it
> Taeyang Lee's earlier kernelCTF work had mapped out the AF_ALG attack surface. He realized that AF_ALG + splice creates a path where unprivileged userspace can feed page cache pages directly into the crypto subsystem and suspected that scatterlist page provenance may be an underexplored source of vulnerabilities.

#cve #linux #kernel #security

https://xint.io/blog/copy-fail-linux-distributions#how-we-found-it-9

#OpenShift hosters 🔊 Red Hat has released blocker for copy-fail vulnerability, no reboots needed:

https://access.redhat.com/solutions/7142136

#RedHat #CopyFail #CVE202631431

Cuidado con este fallo que afecta a los sistemas Linux... https://www.adslzone.net/noticias/seguridad/vulnerabilidad-copy-fail-linux-cve-2026-31431/

Cómo comprobar y mitigar la vulnerabilidad Copy Fail (CVE-2026-31431) en GNU/Linux
https://voidnull.es/como-comprobar-y-mitigar-la-vulnerabilidad-copy-fail-cve-2026-31431-en-gnu-linux/

Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years

https://unit42.paloaltonetworks.com/cve-2026-31431-copy-fail/

Read on HackerWorkspace: https://hackerworkspace.com/article/copy-fail-what-you-need-to-know-about-the-most-severe-linux-threat-in-years

#cybersecurity #threatintelligence #vulnerability

#TUTORIALES

📢 Cómo comprobar y mitigar la vulnerabilidad Copy Fail (CVE-2026-31431) en GNU/Linux

Detecta si tu sistema GNU/Linux es vulnerable a Copy Fail (CVE-2026-31431) y aprende a aplicar el fix correctamente.

https://voidnull.es/como-comprobar-y-mitigar-la-vulnerabilidad-copy-fail-cve-2026-31431-en-gnu-linux/

#Linode (#Akamai Cloud) has published documentation on how to mitigate #CopyFail for both new and existing instances running there:

https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/

Copy.fail: a small Linux kernel bug with an unusually big blast radius https://jorijn.com/en/blog/copy-fail-cve-2026-31431-linux-kernel-bug-explained/

Une analyse bien documentée de cette faille, qui est bien complexe, et basée sur une somme de mauvais comportements dans le noyau https://www.linuxtricks.fr/news/10-logiciels-libres/600-copy-fail-cve-2026-31431-synthese-technique-sur-cette-faille-linux/ #linux #sécurité #faille #analyse

Lmaooo
https://github.com/theori-io/copy-fail-CVE-2026-31431/issues/128

CISA warns: CopyFail Linux vuln exploited.
• Privilege escalation → root
• Impacts major distros
• Patch deadline May 15

https://www.technadu.com/cisa-warns-of-severe-copyfail-linux-vulnerability-under-active-exploitation-cve-2026-31431/627365/

Are you patched?
#InfoSec #Linux #CyberSecurity

So, #GitHub is having a rough go of it lately. With significant instability and frequent outages in the last month and platform uptime dropping below 85%.

But the most fun trick? Any authenticated user could execute arbitrary commands on GitHub's backend servers with a single git push command - using nothing but a standard git client. (Because their architecture didn’t sterilize semicolons, thus prompt injection.)

On GitHub Enterprise Server, the vulnerability grants full server compromise, including access to all hosted repositories and internal secrets.

GitHub Enterprise Server customers should upgrade ASAP. Wiz dot io data indicates that 88% of instances were still vulnerable.

https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854

#infosec #live #githubEnterprise #rce

GitHub Enterprise Server: Immediate action required!

Upgrade to #GHES version 3.19.3 or later - this release patches #CVE-2026-3854

https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854

CVE-2026-0073 Android adbd TLS client-authentication bypass

https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/

Read on HackerWorkspace: https://hackerworkspace.com/article/cve-2026-0073-android-adbd-tls-client-authentication-bypass

#cybersecurity #authentication #vulnerability

CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction. https://www.securityweek.com/critical-remote-code-execution-vulnerability-patched-in-android-2/

pyghidra-mcp v0.2.0 is out with new --gui mode. 👀

Your local LLM drives a real Ghidra CodeBrowser, not a plugin.

New blog post shows firmware RE of the CVE-2024-3273 RCE chain with Gemma4.

https://clearbluejar.github.io/posts/pyghidra-mcp-meets-ghidra-gui-drive-project-wide-re-with-local-ai/