24h | 7d | 30d

CVE-2026-43284

Overview

  • Linux
  • Linux
08 May 2026
Published
09 May 2026
Updated
CVSS
Pending
EPSS
0.01%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().

Statistics

  • 19 Posts
  • 206 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Jan Schaumann @jschauma

#DirtyFrag status/advisories:

AlmaLinux:
almalinux.org/blog/2026-05-07-

Debian:
security-tracker.debian.org/tr
security-tracker.debian.org/tr

Gentoo:
bugs.gentoo.org/974307

RedHat:
bugzilla.redhat.com/show_bug.c
access.redhat.com/security/cve
nothing yet on CVE-2026-43500

Rocky:
kb.ciq.com/article/rocky-linux

SUSE / OpenSUSE:
suse.com/security/cve/CVE-2026
suse.com/security/cve/CVE-2026
suse.com/c/addressing-copy-fai

Ubuntu:
ubuntu.com/security/CVE-2026-4
ubuntu.com/security/CVE-2026-4
ubuntu.com/blog/dirty-frag-lin

AWS:
aws.amazon.com/security/securi
explore.alas.aws.amazon.com/CV

  • 63
  • 55
  • 0
  • 22h ago
Profile picture fallback
Veronica Olsen @veronica

Just got a kernel update from Debian 13's security channel, which fixes both CVE-2026-43284 and CVE-2026-43500, aka "Dirty Frag".

Debian 12 is not yet patched.

Tracker Links:
security-tracker.debian.org/tr
security-tracker.debian.org/tr

#DirtyFrag #Debian #Linux #Kernel #InfoSec

  • 17
  • 24
  • 0
  • 23h ago
Profile picture fallback
Larvitz :fedora: @Larvitz

CVE-2026-43284 / "Dirty Frag" .. Antoher one of those nasty local-privilege-escallations.

Quickfix for Centos/Fedora based systems:

printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf && rmmod esp4 esp6 rxrpc 2>/dev/null; true

Caution: That also effectively disables IPSEC and AFS client support. But it can easily be reverted by removing the file when a patched kernel arrives.

#dirtyfrag #cve_2026_43284 #security #centos #fedora #redhat

  • 4
  • 5
  • 0
  • 21h ago
Profile picture fallback
CyberNetsecIO @netsecio

📰 Critical Unpatched 'Dirty Frag' Linux Zero-Day Allows Instant Root Access

🚨 CRITICAL ZERO-DAY: 'Dirty Frag' (CVE-2026-43284) vulnerability in Linux kernel disclosed with NO PATCH. Allows immediate root privilege escalation. Flaw has existed for 9 years. Admins must seek mitigations now! 🐧🔥 #Linux #ZeroDay #CyberSecurity

🔗 cyber.netsecops.io

  • 0
  • 0
  • 0
  • 23h ago
Profile picture fallback
benzogaga33 :verified: @benzogaga33

CVE-2026-43284 ("Dirty Frag") Alma Linux almalinux.org/blog/2026-05-07-

  • 0
  • 0
  • 0
  • 1h ago
Profile picture fallback
OSTechNix @ostechnix

Fedora pushed kernel 7.0.4 to stable to fix the Dirty Frag and Copy Fail 2 vulnerabilities. Both CVE-2026-43284 and CVE-2026-43500 Patched.

Full details here: ostechnix.com/fedora-44-kernel

#Fedora44 #Linuxkernel704 #DirtyFrag #CopyFail2 #CVE_2026_43284 #CVE_2026_43500

  • 5
  • 4
  • 0
  • 5h ago
Profile picture fallback
B̷̻̠͊͛̀̽e̷͈̪̮̙͋͌̈́n̵̢̲̥̳̔ :rebel: :donor: :verified_paw: :verified_paw: @aircooledcafe

@Edent In theory yes, if they load one of the vulnerable kernel modules then you could achieve root on them with a compatible exploit.
The vulnerable module in the initial CopyFail exploit was AF_ALG.

There is a good summary of the vulnerable modules for the second two disclosed this week here, there are more, in this post on @ifin
discourse.ifin.network/t/cve-2

  • 4
  • 1
  • 0
  • 8h ago
Profile picture fallback
dragosr @dragosr

"Dirty Frag" status update on the clickbait overhype: ESP half (CVE-2026-43284) now patched: mainline f4c50a4034e6, stable backports in 7.0.5 / 6.18.28 / 6.12.87 / 6.6.138 / 6.1.171 / 5.15.205 / 5.10.255. RxRPC half (CVE-2026-43500) still unpatched upstream. AWS now adds ipcomp4/ipcomp6 to the blacklist alongside esp4/esp6/rxrpc, adjacent xfrm code paths, defense in depth or a hint more is coming. AlmaLinux and CloudLinux shipped both fixes. Ubuntu, Debian, RHEL, Amazon still mitigation only.

  • 2
  • 2
  • 0
  • 19h ago
Profile picture fallback
Cadu :hiddenDisability: @cadusilva

O Debian lançou atualizações de kernel para corrigir o bug #DirtyFrag.

Atualizem imediatamente.

:debian: security-tracker.debian.org/tr
:debian: security-tracker.debian.org/tr

#Debian #DirtyFrag

  • 2
  • 2
  • 0
  • 6h ago
Profile picture fallback
Adhidarma Hadiwinoto :verifyc: @adhisimon

Habis #CopyFail terbitlah #DirtyFrag

  • CVE-2026-43284
  • CVE-2026-43500

Belum coba sih poc-nya, tapi sepertinya simpel juga.

github.com/V4bel/dirtyfrag/blo

#linux #cve #infosec

  • 1
  • 1
  • 0
  • 11h ago
Profile picture fallback
:mastodon: decio @decio

Tour d'horizon du jour :

Bien évidemment Microsoft a sauté sur l'occasion avec un article sur une vuln Linux ...because M love Linux

👇
microsoft.com/en-us/security/b

L'incontournable FAQ Tenable pour ceux comme moi qui aiment lire les CVE comme un mode d'emploi IKEA
👇
tenable.com/blog/dirty-frag-cv

Red Hat a mis à jour sa page RHSB-2026-003 avec mitigations et vérifs, en attendant le patch qui arrive "bientôt™"
👇
access.redhat.com/security/vul

Et chez moi sur ma belle et adorée Debian ? Les canaux security sont patchés pour bullseye, bookworm et trixie.
Bien joué !
👇
security-tracker.debian.org/tr

Cela dit, effectivement avec l'IA qui accélère la découverte + embargos qui tiennent plus = fenêtre d'exposition qui va pas aller en rétrécissant. Les mainteneurs vont devoir trouver de nouveaux tricks. Live-patch, micro-patch, pipelines accélérés... à suivre.

  • 1
  • 0
  • 0
  • 7h ago
Profile picture fallback
Naty @eclecticpassions

Another day, another severe Linux vulnerability / bug: #DirtyFrag

Links:

theregister.com/security/2026/

bleepingcomputer.com/news/secu

Mitigation:

github.com/V4bel/dirtyfrag#mit

CVE:
nvd.nist.gov/vuln/detail/CVE-2

#cve_2026_43500 #cve_2026_43284 #cve #Linux #ZeroDay #infosec #security

  • 0
  • 4
  • 0
  • 13h ago
Profile picture fallback
Capstone Technologies Group @CapTechGroup

Dirty Frag (CVE-2026-43284, CVE-2026-43500) exploits page-cache corruption in IPsec ESP and RxRPC modules, allowing any authenticated user to escalate to root without audit trails. Affects kernels from ~2017...

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
Nicolás Alvarez @nicolas17

Did you update your Linux kernel again to protect against the last privilege escalation bug?

No, not CopyFail (CVE-2026-31431), the new DirtyFrag (CVE-2026-43284, CVE-2026-43500).

  • 1
  • 5
  • 0
  • 21h ago

Bluesky

Profile picture fallback
Eyal Estrin ☁️ @eyalestrin.bsky.social
"Dirty Frag" Linux Kernel LPE Zero-Day (CVE-2026-43284, CVE-2026-43500) #patchmanagement
  • 1
  • 0
  • 0
  • 22h ago
Profile picture fallback
dragosr @dragostech.bsky.social
"Dirty Frag" clickbait update: ESP (CVE-2026-43284) patched in mainline + stable (7.0.5, 6.18.28, 6.12.87, 6.6.138, 6.1.171). RxRPC (CVE-2026-43500) still unpatched upstream. AWS adds ipcomp4/ipcomp6 to the blacklist alongside esp4/esp6/rxrpc. AlmaLinux shipped both. Ubuntu/Debian mitigation only.
  • 0
  • 2
  • 0
  • 19h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ Alert on unpatched Linux LPE flaws (Dirty Frag) with active PoCs, plus Edge & cPanel updates. - IOCs: CVE-2026-43284, CVE-2026-43500 - #Linux #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
DirtyFrag exploits two Linux kernel bugs, CVE-2026-43284 and CVE-2026-43500, enabling local root access on major distros including Ubuntu, RHEL, Fedora, CentOS Stream, AlmaLinux, and openSUSE. #LinuxRoot #KernelExploit #USA
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Tech Trending @tech-trending.bsky.social
Linux KernelのLPE(Local Privilege Escalation)脆弱性(Dirty Frag: CVE-2026-43284, CVE-2026-43500) - SIOS SECURITY BLOG https://security.sios.jp/vulnerability/kernel-security-vulnerability-20260508/
  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-43500

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 16 Posts
  • 192 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
Jan Schaumann @jschauma

#DirtyFrag status/advisories:

AlmaLinux:
almalinux.org/blog/2026-05-07-

Debian:
security-tracker.debian.org/tr
security-tracker.debian.org/tr

Gentoo:
bugs.gentoo.org/974307

RedHat:
bugzilla.redhat.com/show_bug.c
access.redhat.com/security/cve
nothing yet on CVE-2026-43500

Rocky:
kb.ciq.com/article/rocky-linux

SUSE / OpenSUSE:
suse.com/security/cve/CVE-2026
suse.com/security/cve/CVE-2026
suse.com/c/addressing-copy-fai

Ubuntu:
ubuntu.com/security/CVE-2026-4
ubuntu.com/security/CVE-2026-4
ubuntu.com/blog/dirty-frag-lin

AWS:
aws.amazon.com/security/securi
explore.alas.aws.amazon.com/CV

  • 63
  • 55
  • 0
  • 22h ago
Profile picture fallback
Veronica Olsen @veronica

Just got a kernel update from Debian 13's security channel, which fixes both CVE-2026-43284 and CVE-2026-43500, aka "Dirty Frag".

Debian 12 is not yet patched.

Tracker Links:
security-tracker.debian.org/tr
security-tracker.debian.org/tr

#DirtyFrag #Debian #Linux #Kernel #InfoSec

  • 17
  • 24
  • 0
  • 23h ago
Profile picture fallback
AstroBoat @loptimist

security-tracker.debian.org/tr

  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
OSTechNix @ostechnix

Fedora pushed kernel 7.0.4 to stable to fix the Dirty Frag and Copy Fail 2 vulnerabilities. Both CVE-2026-43284 and CVE-2026-43500 Patched.

Full details here: ostechnix.com/fedora-44-kernel

#Fedora44 #Linuxkernel704 #DirtyFrag #CopyFail2 #CVE_2026_43284 #CVE_2026_43500

  • 5
  • 4
  • 0
  • 5h ago
Profile picture fallback
dragosr @dragosr

"Dirty Frag" status update on the clickbait overhype: ESP half (CVE-2026-43284) now patched: mainline f4c50a4034e6, stable backports in 7.0.5 / 6.18.28 / 6.12.87 / 6.6.138 / 6.1.171 / 5.15.205 / 5.10.255. RxRPC half (CVE-2026-43500) still unpatched upstream. AWS now adds ipcomp4/ipcomp6 to the blacklist alongside esp4/esp6/rxrpc, adjacent xfrm code paths, defense in depth or a hint more is coming. AlmaLinux and CloudLinux shipped both fixes. Ubuntu, Debian, RHEL, Amazon still mitigation only.

  • 2
  • 2
  • 0
  • 19h ago
Profile picture fallback
Cadu :hiddenDisability: @cadusilva

O Debian lançou atualizações de kernel para corrigir o bug #DirtyFrag.

Atualizem imediatamente.

:debian: security-tracker.debian.org/tr
:debian: security-tracker.debian.org/tr

#Debian #DirtyFrag

  • 2
  • 2
  • 0
  • 6h ago
Profile picture fallback
Adhidarma Hadiwinoto :verifyc: @adhisimon

Habis #CopyFail terbitlah #DirtyFrag

  • CVE-2026-43284
  • CVE-2026-43500

Belum coba sih poc-nya, tapi sepertinya simpel juga.

github.com/V4bel/dirtyfrag/blo

#linux #cve #infosec

  • 1
  • 1
  • 0
  • 11h ago
Profile picture fallback
:mastodon: decio @decio

Tour d'horizon du jour :

Bien évidemment Microsoft a sauté sur l'occasion avec un article sur une vuln Linux ...because M love Linux

👇
microsoft.com/en-us/security/b

L'incontournable FAQ Tenable pour ceux comme moi qui aiment lire les CVE comme un mode d'emploi IKEA
👇
tenable.com/blog/dirty-frag-cv

Red Hat a mis à jour sa page RHSB-2026-003 avec mitigations et vérifs, en attendant le patch qui arrive "bientôt™"
👇
access.redhat.com/security/vul

Et chez moi sur ma belle et adorée Debian ? Les canaux security sont patchés pour bullseye, bookworm et trixie.
Bien joué !
👇
security-tracker.debian.org/tr

Cela dit, effectivement avec l'IA qui accélère la découverte + embargos qui tiennent plus = fenêtre d'exposition qui va pas aller en rétrécissant. Les mainteneurs vont devoir trouver de nouveaux tricks. Live-patch, micro-patch, pipelines accélérés... à suivre.

  • 1
  • 0
  • 0
  • 7h ago
Profile picture fallback
Naty @eclecticpassions

Another day, another severe Linux vulnerability / bug: #DirtyFrag

Links:

theregister.com/security/2026/

bleepingcomputer.com/news/secu

Mitigation:

github.com/V4bel/dirtyfrag#mit

CVE:
nvd.nist.gov/vuln/detail/CVE-2

#cve_2026_43500 #cve_2026_43284 #cve #Linux #ZeroDay #infosec #security

  • 0
  • 4
  • 0
  • 13h ago
Profile picture fallback
Capstone Technologies Group @CapTechGroup

Dirty Frag (CVE-2026-43284, CVE-2026-43500) exploits page-cache corruption in IPsec ESP and RxRPC modules, allowing any authenticated user to escalate to root without audit trails. Affects kernels from ~2017...

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
Nicolás Alvarez @nicolas17

Did you update your Linux kernel again to protect against the last privilege escalation bug?

No, not CopyFail (CVE-2026-31431), the new DirtyFrag (CVE-2026-43284, CVE-2026-43500).

  • 1
  • 5
  • 0
  • 21h ago

Bluesky

Profile picture fallback
Eyal Estrin ☁️ @eyalestrin.bsky.social
"Dirty Frag" Linux Kernel LPE Zero-Day (CVE-2026-43284, CVE-2026-43500) #patchmanagement
  • 1
  • 0
  • 0
  • 22h ago
Profile picture fallback
dragosr @dragostech.bsky.social
"Dirty Frag" clickbait update: ESP (CVE-2026-43284) patched in mainline + stable (7.0.5, 6.18.28, 6.12.87, 6.6.138, 6.1.171). RxRPC (CVE-2026-43500) still unpatched upstream. AWS adds ipcomp4/ipcomp6 to the blacklist alongside esp4/esp6/rxrpc. AlmaLinux shipped both. Ubuntu/Debian mitigation only.
  • 0
  • 2
  • 0
  • 19h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ Alert on unpatched Linux LPE flaws (Dirty Frag) with active PoCs, plus Edge & cPanel updates. - IOCs: CVE-2026-43284, CVE-2026-43500 - #Linux #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
DirtyFrag exploits two Linux kernel bugs, CVE-2026-43284 and CVE-2026-43500, enabling local root access on major distros including Ubuntu, RHEL, Fedora, CentOS Stream, AlmaLinux, and openSUSE. #LinuxRoot #KernelExploit #USA
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Tech Trending @tech-trending.bsky.social
Linux KernelのLPE(Local Privilege Escalation)脆弱性(Dirty Frag: CVE-2026-43284, CVE-2026-43500) - SIOS SECURITY BLOG https://security.sios.jp/vulnerability/kernel-security-vulnerability-20260508/
  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-31431

Overview

  • Linux
  • Linux
22 Apr 2026
Published
08 May 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
3.91%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Statistics

  • 5 Posts
  • 15 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
M. Grégoire @mpjgregoire

Hmmm. #Debian is stepping on the gas with #Linux kernel updates these days. The obvious explanation is that they're dealing with the copy.fail security hole, but I think that's been mostly resolved ( security-tracker.debian.org/tr ).

Possibly copy.fail is the first of many security problems being discovered and patched.

1/3

  • 1
  • 1
  • 0
  • 3h ago
Profile picture fallback
Golem.de @Golemde

Was Sysadmins zu CVE 2026 31431 wissen müssen
golem.de/news/732-bytes-bis-ro

Gepostet in GOLEM @golem-Golemde

  • 1
  • 0
  • 0
  • 9h ago
Profile picture fallback
Nicolás Alvarez @nicolas17

Did you update your Linux kernel again to protect against the last privilege escalation bug?

No, not CopyFail (CVE-2026-31431), the new DirtyFrag (CVE-2026-43284, CVE-2026-43500).

  • 1
  • 5
  • 0
  • 21h ago

Bluesky

Profile picture fallback
Microsoft Threat Intelligence @threatintel.microsoft.com
Similar to the previously disclosed Copy Fail vulnerability (CVE-2026-31431), the exploit attempts to manipulate Linux page cache behavior to achieve privilege escalation. However, Dirty Frag introduces additional attack paths that expand exploitation opportunities and improve reliability.
  • 0
  • 5
  • 0
  • 23h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
@elastic.co Copy Fail and DirtyFrag are actively exploited Linux kernel bugs allowing local privilege escalation to root. - IOCs: CVE-2026-31431 - #CVE202631431 #Linux #ThreatIntel
  • 0
  • 1
  • 0
  • 4h ago

CVE-2026-31717

Overview

  • Linux
  • Linux
01 May 2026
Published
03 May 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.04%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to hijack an orphaned durable handle by predicting or brute-forcing the persistent ID. According to MS-SMB2, the server MUST verify that the SecurityContext of the reconnect request matches the SecurityContext associated with the existing open. Add a durable_owner structure to ksmbd_file to store the original opener's UID, GID, and account name. and catpure the owner information when a file handle becomes orphaned. and implementing ksmbd_vfs_compare_durable_owner() to validate the identity of the requester during SMB2_CREATE (DHnC).

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 12 hours ago

Fediverse

Profile picture fallback
SNeela @vmcall

Davide Ornaghi and Giuseppe Caruso found a very interesting bug in 's in-kernel Samba3 server from 6.12 to 6.19.x. Essentially, from the commit message and description:

> Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to hijack an orphaned durable handle by predicting or brute-forcing the persistent ID.

Very interesting stuff! The kernel let's users resume their connection to an open file even after WiFi drops (durable handle), and a bug in this code let another authenticated user become this WiFi-dropped user, letting the hijacker access all files.

github.com/TurtleARM/CVE-2026-

CVE-2026-31717

  • 1
  • 2
  • 0
  • 12h ago

CVE-2026-42560

Overview

  • go-pkgz
  • auth
09 May 2026
Published
09 May 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.07%
KEV

Description

auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the same local user.ID, instead of deriving a unique ID from the Patreon account returned by Patreon. In practice, this means all Patreon-authenticated users of an application using this library are collapsed into a single local identity. Any application that trusts token.User.ID as the stable account key can end up mixing or fully merging unrelated Patreon users, which can lead to cross-account access, privilege confusion, and subscription-state leakage. This issue has been patched in versions 1.25.2 and 2.1.2.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 11 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

🔴 CRITICAL: go-pkgz auth (1.18.0 – 1.25.1, 2.0.0 – 2.1.1) has a major Patreon OAuth flaw (CVE-2026-42560) — all users merged as one! Patch to 1.25.2/2.1.2 to prevent cross-account access & data leaks. Details: radar.offseq.com/threat/cve-20

  • 1
  • 1
  • 0
  • 11h ago

CVE-2026-4747

Overview

  • FreeBSD
  • FreeBSD
26 Mar 2026
Published
02 Apr 2026
Updated
CVSS
Pending
EPSS
0.09%
KEV

Description

Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can trigger a stack overflow. Notably, this does not require the client to authenticate itself first. As kgssapi.ko's RPCSEC_GSS implementation is vulnerable, remote code execution in the kernel is possible by an authenticated user that is able to send packets to the kernel's NFS server while kgssapi.ko is loaded into the kernel. In userspace, applications which have librpcgss_sec loaded and run an RPC server are vulnerable to remote code execution from any client able to send it packets. We are not aware of any such applications in the FreeBSD base system.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
Davi Ottenheimer @flyingpenguin

(UPDATED) FreeBSD CVE-2026-4747 Log Suggests Mythos is a Marketing Trick flyingpenguin.com/freebsd-cve-

  • 1
  • 1
  • 0
  • 9h ago

CVE-2026-42041

Overview

  • axios
  • axios
24 Apr 2026
Published
24 Apr 2026
Updated
CVSS v3.1
MEDIUM (4.8)
EPSS
0.09%
KEV

Description

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution to silently suppress all HTTP error responses (401, 403, 500, etc.), causing them to be treated as successful responses. This completely bypasses application-level authentication and error handling. The root cause is that validateStatus is the only config property using the mergeDirectKeys merge strategy, which uses JavaScript's in operator — an operator that inherently traverses the prototype chain. When Object.prototype.validateStatus is polluted with () => true, all HTTP status codes are accepted as success. This vulnerability is fixed in 1.15.1 and 0.31.1.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 5 hours ago

Bluesky

Profile picture fallback
Lambda Watchdog @lambdawatchdog.bsky.social
🚨 New MEDIUM CVE detected in AWS Lambda 🚨 CVE-2026-42041 impacts axios in 3 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/509 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless
  • 0
  • 2
  • 0
  • 5h ago

CVE-2013-10075

Overview

  • CHORNY
  • Apache::Session
  • Apache-Session
08 May 2026
Published
08 May 2026
Updated
CVSS
Pending
EPSS
0.01%
KEV

Description

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

RE: infosec.exchange/@nyanbinary/1

Oh god...
nvd.nist.gov/vuln/detail/CVE-2

2013
Published 2026-05-08

Edit: Hm, apparently the year-field doesn't actually relate to the date it was reserved, TIL

  • 0
  • 2
  • 0
  • 7h ago

CVE-2026-42040

Overview

  • axios
  • axios
24 Apr 2026
Published
27 Apr 2026
Updated
CVSS v3.1
LOW (3.7)
EPSS
0.04%
KEV

Description

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode() function in lib/helpers/AxiosURLSearchParams.js contains a character mapping (charMap) at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent('\x00') correctly produces the safe sequence %00, the charMap entry '%00': '\x00' converts it back to a raw null byte. Primary impact is limited because the standard axios request flow is not affected. This vulnerability is fixed in 1.15.1 and 0.31.1.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 5 hours ago

Bluesky

Profile picture fallback
Lambda Watchdog @lambdawatchdog.bsky.social
🚨 New LOW CVE detected in AWS Lambda 🚨 CVE-2026-42040 impacts axios in 3 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/512 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless
  • 0
  • 2
  • 0
  • 5h ago

CVE-2026-42044

Overview

  • axios
  • axios
24 Apr 2026
Published
24 Apr 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
0.10%
KEV

Description

Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical, invisible modification of all JSON API responses — including privilege escalation, balance manipulation, and authorization bypass. The default transformResponse function at lib/defaults/index.js:124 calls JSON.parse(data, this.parseReviver), where this is the merged config object. Because parseReviver is not present in Axios defaults, not validated by assertOptions, and not subject to any constraints, a polluted Object.prototype.parseReviver function is called for every key-value pair in every JSON response, allowing the attacker to selectively modify individual values while leaving the rest of the response intact. This vulnerability is fixed in 1.15.2.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 5 hours ago

Bluesky

Profile picture fallback
Lambda Watchdog @lambdawatchdog.bsky.social
🚨 New MEDIUM CVE detected in AWS Lambda 🚨 CVE-2026-42044 impacts axios in 3 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/511 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless
  • 0
  • 2
  • 0
  • 5h ago
Showing 1 to 10 of 48 CVEs