24h | 7d | 30d

CVE-2026-46331

Overview

  • Linux
  • Linux
16 Jun 2026
Published
28 Jun 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.23%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcf_pedit_act() computes the COW range for skb_ensure_writable() once before the key loop using tcfp_off_max_hint, but the hint does not account for the runtime header offset added by typed keys. This can leave part of the write region un-COW'd. Fix by moving skb_ensure_writable() inside the per-key loop where the actual write offset is known, and add overflow checking on the offset arithmetic. For negative offsets (e.g. Ethernet header edits at ingress), use skb_cow() to COW the headroom instead. Guard offset_valid() against INT_MIN, where negation is undefined.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: Last hour

Fediverse

Profile picture fallback
Dark Web Informer :verified_paw: @DarkWebInformer

‼️ CVE-2026-46331: A Linux kernel vulnerability affecting the act_pedit packet-editing component in the net/sched subsystem.

CVSS: 7.8

Published: June 26th, 2026
PoC: github.com/0xBlackash/CVE-2026

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
365tipu @365tipu.cz
Zjištěna kritická zranitelnost (CVE-2026-46331) v jádru Linuxu umožňující neoprávněným uživatelům získat přístup s právy roota.
  • 0
  • 1
  • 0
  • 8h ago

CVE-2026-58053

Overview

  • Gitea
  • act_runner
28 Jun 2026
Published
28 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
0.26%
KEV

Description

Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-opt unchanged. A user who can run a workflow on a Docker-backed runner can create a job container with host namespaces and broad capabilities and escape to the host as root despite privileged mode being disabled.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 7 hours ago

Fediverse

Profile picture fallback
DragonJAR @dragonjar

Una vulnerabilidad crítica en Gitea act_runner expone sistemas Docker a ataques de escalada de privilegios, urgendo actualización inmediata; mientras, un análisis revela riesgos en WhatsCluster, la plataforma CRM de WhatsApp; EE.UU. limita el acceso al avanzado modelo de IA Mythos 5 para equilibrar innovación y seguridad, y surgen nuevas tendencias y herramientas para fortalecer la ciberdefensa empresarial. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 28/06/26 📆 |====

🔐 VULNERABILIDAD CRÍTICA EN GITEA ACT_RUNNER DETECTADA

Se ha identificado una grave falla de seguridad en Gitea act_runner, versiones hasta la 0.262.0, registrada como CVE-2026-58053. Esta vulnerabilidad afecta la gestión de privilegios en el backend de Docker, poniendo en riesgo la integridad y confidencialidad de los entornos afectados. Se recomienda actualizar de inmediato para proteger infraestructuras críticas y evitar potenciales ataques de escalada de privilegios. Conoce más sobre esta alerta y cómo mitigarla aquí 👉 djar.co/bLnw

📊 ANÁLISIS PROFUNDO DE WHATSCLUSTER, LA PLATAFORMA CRM DE WHATSAPP

MalExt Sentry presenta un informe detallado sobre WhatsCluster, una plataforma CRM que integra 50 extensiones para WhatsApp. Este análisis revela cómo funciona este sistema en el ecosistema de mensajería, destacando posibles riesgos de seguridad y vulnerabilidades que pueden comprometer la privacidad y la gestión de datos corporativos. Descubre las implicaciones y recomendaciones para proteger tus comunicaciones empresariales leyendo el reporte completo 👉 djar.co/sqbe

🤖 EE.UU. APRUEBA LIBERACIÓN LIMITADA DEL MODELO DE IA MYTHOS 5 DE ANTHROPIC

El gobierno estadounidense ha autorizado el acceso controlado al avanzado modelo de inteligencia artificial Mythos 5 desarrollado por Anthropic, permitiendo su uso exclusivo para organizaciones confiables. Esta medida busca equilibrar la innovación tecnológica con la seguridad, minimizando riesgos asociados a la proliferación de IA avanzada que podría ser mal utilizada. Infórmate sobre el impacto de esta decisión y las implicaciones en el ámbito de la ciberseguridad 👉 djar.co/NrcEy

🚀 ÚLTIMAS TENDENCIAS EN CIBERSEGURIDAD Y TECNOLOGÍA PARA PROFESIONALES

Descubre los servicios y soluciones más recientes para profesionales y empresas que buscan proteger sus sistemas y datos frente a amenazas crecientes. Esta plataforma ofrece recursos estratégicos para implementar defensa proactiva y asegurar la continuidad operativa en entornos digitales complejos. Explora estas herramientas y mejora tu postura de seguridad aquí 👉 djar.co/vZDeg

  • 0
  • 1
  • 0
  • 7h ago
Profile picture fallback
OffSequence @offseq

CVE-2026-58053 (CRITICAL, CVSS 9.9) in Gitea act_runner: Improper privilege management lets workflow users escape Docker containers to host as root. Restrict workflow rights & watch for patches. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 15h ago

CVE-2026-20230

Overview

  • Cisco
  • Cisco Unified Communications Manager
03 Jun 2026
Published
26 Jun 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
41.69%
KEV

Description

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.

Statistics

  • 2 Posts
Last activity: 4 hours ago

Fediverse

Profile picture fallback
Michael I Ransier @thecybermind

🛡️ The patch window has collapsed. This week's Cyber Mind Brief breaks down CISA's emergency Cisco SSRF (CVE-2026-20230) mandate, the 2026 Verizon DBIR shift to machine-speed exploits, and tactical moves to harden your Zero Trust perimeter. Read the full operational intel: thecybermind.co/5ee6

  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
CyberNetsecIO @netsecio

📰 CISA Adds Actively Exploited PTC and Cisco Flaws to KEV Catalog, Mandates Federal Patching

📢 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! ⚠️ #CyberSecurity #Vulnerability #CI...

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ci

  • 0
  • 0
  • 0
  • 4h ago

CVE-2026-8095

Overview

  • nmedia
  • Frontend File Manager Plugin
27 Jun 2026
Published
27 Jun 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.42%
KEV

Description

The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfm_dir_path parameter sanitization in the wpfm_file_meta_update AJAX handler, where supplying WPFM_DIR_PATH in uppercase evades the unset check and is normalized to wpfm_dir_path by sanitize_key() during update_post_meta(), allowing an attacker to overwrite the stored file path with an arbitrary filesystem path that is then passed directly to unlink() in delete_file_locally() without any directory containment validation. This makes it possible for authenticated attackers with Subscriber-level access to delete arbitrary files on the server, including sensitive files such as wp-config.php, potentially leading to full site takeover.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 18 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

CVE-2026-8095: nmedia Frontend File Manager Plugin (WordPress) HIGH severity vuln (CVSS 8.1) allows Subscriber+ users to delete arbitrary files 🛡️. Patch ASAP and monitor for unauthorized deletions. radar.offseq.com/threat/cve-20

  • 4
  • 0
  • 0
  • 18h ago

CVE-2026-13491

Overview

  • 78
  • xiaozhi-esp32
28 Jun 2026
Published
28 Jun 2026
Updated
CVSS v4.0
MEDIUM (6.3)
EPSS
Pending
KEV

Description

A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodbye Handler. Performing a manipulation of the argument session_id results in denial of service. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit is now public and may be used. The patch is named e182471f8c5a22434346bd98da34d3b66c8c8b3e. It is recommended to apply a patch to fix this issue.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 6 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

CVE-2026-13491: MEDIUM severity DoS flaw in 78 xiaozhi-esp32 (v2.2.0 – 2.2.6) via MQTT Goodbye Handler. Exploitable remotely with public exploit. Patch via commit e182471f8c5a. radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 6h ago

CVE-2026-45408

Overview

  • dokku
  • dokku
26 Jun 2026
Published
26 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.0)
EPSS
0.23%
KEV

Description

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc (<<EOF instead of <<'EOF') in fn-git-create-hook() at plugins/git/internal-functions:378. On git push, bash interprets the semicolon as a command separator, executing arbitrary commands as the dokku user. This vulnerability is fixed in 0.38.2.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-45408 - Critical Command Injection in Dokku. CVSS 9.0. No patch available. Mitigations required. Limit git push access and review app name validation. #CVE #Dokku #infosec

valtersit.com/cve/CVE-2026-454

  • 1
  • 0
  • 0
  • 13h ago

CVE-2024-2658

Overview

  • Flexera
  • FlexNet Publisher
30 Jan 2025
Published
30 Jan 2025
Updated
CVSS v4.0
HIGH (8.5)
EPSS
0.42%
KEV

Description

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 13 hours ago

Bluesky

Profile picture fallback
Philippe Vynckier @pvynckier.bsky.social
CVE-2024-2658 vulnerability in Schneider Electric software: risks to industrial control systems | Securelist securelist.com/tr/schneider...
  • 0
  • 1
  • 0
  • 13h ago

CVE-2026-13482

Overview

  • skypilot-org
  • skypilot
28 Jun 2026
Published
28 Jun 2026
Updated
CVSS v4.0
MEDIUM (6.3)
EPSS
0.19%
KEV

Description

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure.

Statistics

  • 1 Post
Last activity: 11 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

CVE-2026-13482 affects skypilot-org skypilot ≤0.12.0: MEDIUM severity due to weak hash in username.encode (User ID Handler). Remote attack possible, exploit is public, but complex. Review exposure. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 11h ago

CVE-2026-10643

Overview

  • zephyrproject
  • zephyr
  • zephyr
27 Jun 2026
Published
27 Jun 2026
Updated
CVSS v3.1
HIGH (8.7)
EPSS
0.12%
KEV

Description

Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg_controllen < pktinfo_len) before writing a full control message consisting of an aligned cmsg header plus the payload. Because the check omitted the cmsg header size, a control buffer whose length falls in the under-checked window (e.g. 16-27 bytes for IPv4 IP_PKTINFO on a 64-bit target, where a single element actually occupies 28 bytes) passes the guard yet causes a fixed-size out-of-bounds write of up to one cmsg header (~12 bytes) past the end of the buffer. Under CONFIG_USERSPACE the recvmsg verifier allocates a kernel-heap copy of the control buffer sized to msg_controllen and runs the implementation against it, so the overflow corrupts kernel heap memory and is triggerable from an unprivileged userspace thread; in supervisor mode it corrupts the caller's buffer. The path is reachable on a UDP/IP socket with IP_PKTINFO/IPV6_RECVPKTINFO (or hoplimit/timestamping) enabled when the application calls recvmsg() with an undersized control buffer and a datagram is received; part of the overwritten bytes (the destination IP in ipi_addr) is influenced by the received packet. The fix makes the capacity check use NET_CMSG_SPACE(pktinfo_len) (aligned header + aligned data) and returns -ENOMEM when the buffer is too small. Affected: v3.6.0 through v4.4.0.

Statistics

  • 1 Post
Last activity: 17 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

CVE-2026-10643: Zephyr (3.6.0 – 4.4.0) HIGH severity bug enables out-of-bounds kernel heap writes via recvmsg() with IP_PKTINFO. Local users can exploit for memory corruption or escalation. Patch pending — check advisories. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 17h ago

CVE-2026-55441

Overview

  • jdx
  • mise
26 Jun 2026
Published
26 Jun 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
0.18%
KEV

Description

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (mise.toml, .tool-versions) through trust_check, but task-include files are loaded on a path that never reaches it. When a directory has a task-include dir (mise-tasks/, .mise/tasks/, …) but no config file, mise falls back to the default includes and renders each task's tera fields — and that tera environment has exec() registered. A {{ exec(command='…') }} in any rendered field runs arbitrary commands the moment the tasks are merely listed. There's no config file to gate on, so no trust prompt ever appears. Read-only commands trigger it: mise tasks, mise task ls, mise run, mise tasks --usage (the query shell completion runs on Tab). The victim only has to cd into a cloned repo and list or tab-complete a task. This vulnerability is fixed in 2026.6.4.

Statistics

  • 1 Post
Last activity: 6 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-55441 - Critical RCE in Mise. Trust bypass via task-include files allows tera exec() before trust_check. CVSS 8.6. No patch yet. Disable task-includes or block untrusted dirs. #CVE #Mise #infosec

valtersit.com/cve/CVE-2026-554

  • 0
  • 0
  • 0
  • 6h ago
Showing 1 to 10 of 30 CVEs