Overview
Description
Statistics
- 26 Posts
- 28 Interactions
Fediverse
...sigh...
<insert HereWeGoAgain.gif meme>
~~~~~~~~~~~
Urgent Palo Alto Networks Security Advisory - Severity 9.3 · CRITICAL
Palo Alto Networks has published one new Security Advisory for a Critical Unauthenticated User initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal. This is available at https://security.paloaltonetworks.com/CVE-2026-0300
We strongly advise PAN-OS customers to read the advisory and take appropriate action immediately to protect their devices.
So this PAN-OS bug, CVE-2026-0300.
Is there a good reason to expose this User-ID Authentication Portal to the internet in the first place? Yes yes, defend against insider threats and all that, but the opportunistic, across-the-ocean attack seems like it relies more on misconfiguration than anything.
It doesn't seem to be very useful to associate a user identity to an internet-based IP address in the first place, so don't do that? Or am I wildly misunderstanding the utility here? (At first I thought it was like a capture portal like you find on hotel WiFi, but it's more specialized than that I think.)
Regardless, @runZeroInc has a Rapid Response out for it now. No Palo Alto patches available yet.
📰 Critical Palo Alto Networks Zero-Day (CVE-2026-0300) Actively Exploited for RCE
🚨 CRITICAL ZERO-DAY: Palo Alto Networks warns of an unpatched, actively exploited RCE vulnerability (CVE-2026-0300) in PAN-OS firewalls. The flaw allows root access via the User-ID portal. Mitigate immediately! #CyberSecurity #ZeroDay #PANOS
#PaloAlto PAN-OS Vulnerability CVE-2026-0300 Under Active Exploitation - Enables Remote Code Execution (#RCE) - CVSS 9.3 no patch released yet, but expected soon!
👇
https://thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html
PAN-OS zero-day (CVE-2026-0300) exploited.
• Unauth RCE (root)
• Targets exposed portals
• Patches start May 13
Are you mitigating now?
#InfoSec #CyberSecurity #ZeroDay
CVE Record: CVE-2026-0300 - Title: PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
🚨 CVE-2026-0300: CRITICAL PAN-OS vuln in PA-Series & VM-Series. Buffer overflow in User-ID Auth Portal enables unauth RCE as root. Restrict portal access ASAP. Prisma Access & Cloud NGFW not impacted. Details: https://radar.offseq.com/threat/cve-2026-0300-cwe-787-out-of-bounds-write-in-palo--a6a99009 #OffSeq #PaloAltoNetworks #Vuln
Bluesky
Overview
- Apache Software Foundation
- Apache HTTP Server
Description
Statistics
- 15 Posts
- 113 Interactions
Fediverse
"That 'responsible disclosure' Thing"
A post with the details of CVE-2026-23918, the double free vulnerability fixed in Apache httpd 2.4.67.
#apache
https://eissing.org/icing/posts/responsible-disclosure/
#Debian stable #apache2 package 2.4.66-1~deb13u2 already includes the fix for CVE-2026-23918.
You an verify this by apt-get source apache2 and then checking out apache2-2.4.66/debian/patches/bug1125368.patch
The security tracker at https://security-tracker.debian.org/tracker/CVE-2026-23918 currently has wrong information. This is likely due to automation based on version numbers alone.
RE: https://chaos.social/@icing/116526903529846107
Aftermath: people, running Debian httpd 2.4.66, started complaining when they’ll get the 2.4.67 update to fix this RCE vulnerability. Which they already were protected from, but did not know. Because the CVE was not public at the time the fix was shipped.
[...]
Two security researchers found the vulnerability independently. Just scanning the 2.4.66 source code. This means the bad guys can no longer be kept in the dark. Coordinated disclosure no longer works.
Yang masih pakai #httpd nya #apache silahkan dicek, kena impact-nya gak
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html
Mocne odkrycie - RCE bez uwierzytelnienia w serwerze Apache znalezione przez Bartłomieja Dmitruka ze striga.ai (detektor błędów oparty na AI) oraz Stanisława Strzałkowskiego z ISEC.pl. Na serwerze musi być włączone mod_http2 - ale na wielu jest.
https://www.cve.org/CVERecord?id=CVE-2026-23918
https://httpd.apache.org/security/vulnerabilities_24.html
@tychotithonus I just love the Debian security tracker, they manage the flood so good https://security-tracker.debian.org/tracker/CVE-2026-23918
Faille Apache : deux simples trames suffisent à faire un déni de service (CVE-2026-23918) https://www.it-connect.fr/faille-apache-deux-simples-trames-suffisent-a-faire-un-deni-de-service-cve-2026-23918/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Apache
@Andres4NY Parent post updated, apparently CVE-2026-23918 was fixed much earlier?
Doubling the Trouble
CVE-2026-23918 double free vulnerability PoC for Apache httpd <=2.4.66. Fixed in >=2.4.67
https://github.com/nflatrea/playground/tree/main/cve/CVE-2026-23918
📰 Critical RCE Flaw in Apache HTTP Server's HTTP/2 Module Patched
🚨 CRITICAL APACHE FLAW: A double-free bug (CVE-2026-23918) in Apache HTTP Server's http2 module allows for DoS and potential RCE. A PoC exploit exists. Upgrade to version 2.4.67 immediately! #Apache #CyberSecurity #Vulnerability #RCE
Bluesky
Overview
Description
Statistics
- 16 Posts
- 32 Interactions
Fediverse
Copy Fail CVE-2026-31431
> How they found it
> Taeyang Lee's earlier kernelCTF work had mapped out the AF_ALG attack surface. He realized that AF_ALG + splice creates a path where unprivileged userspace can feed page cache pages directly into the crypto subsystem and suspected that scatterlist page provenance may be an underexplored source of vulnerabilities.
https://xint.io/blog/copy-fail-linux-distributions#how-we-found-it-9
#OpenShift hosters 🔊 Red Hat has released blocker for copy-fail vulnerability, no reboots needed:
Cuidado con este fallo que afecta a los sistemas Linux... https://www.adslzone.net/noticias/seguridad/vulnerabilidad-copy-fail-linux-cve-2026-31431/
Cómo comprobar y mitigar la vulnerabilidad Copy Fail (CVE-2026-31431) en GNU/Linux
https://voidnull.es/como-comprobar-y-mitigar-la-vulnerabilidad-copy-fail-cve-2026-31431-en-gnu-linux/
Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
https://unit42.paloaltonetworks.com/cve-2026-31431-copy-fail/
Read on HackerWorkspace: https://hackerworkspace.com/article/copy-fail-what-you-need-to-know-about-the-most-severe-linux-threat-in-years
📢 Cómo comprobar y mitigar la vulnerabilidad Copy Fail (CVE-2026-31431) en GNU/Linux
Detecta si tu sistema GNU/Linux es vulnerable a Copy Fail (CVE-2026-31431) y aprende a aplicar el fix correctamente.
#Linode (#Akamai Cloud) has published documentation on how to mitigate #CopyFail for both new and existing instances running there:
https://www.linode.com/docs/guides/cve-2026-31431-copy-fail-mitigation/
Copy.fail: a small Linux kernel bug with an unusually big blast radius https://jorijn.com/en/blog/copy-fail-cve-2026-31431-linux-kernel-bug-explained/
Une analyse bien documentée de cette faille, qui est bien complexe, et basée sur une somme de mauvais comportements dans le noyau https://www.linuxtricks.fr/news/10-logiciels-libres/600-copy-fail-cve-2026-31431-synthese-technique-sur-cette-faille-linux/ #linux #sécurité #faille #analyse
CISA warns: CopyFail Linux vuln exploited.
• Privilege escalation → root
• Impacts major distros
• Patch deadline May 15
Are you patched?
#InfoSec #Linux #CyberSecurity
Bluesky
Overview
- ollama
- ollama
- ollama/ollama
Description
Statistics
- 4 Posts
- 1 Interaction
Fediverse
https://www.cyera.com/research/bleeding-llama-critical-unauthenticated-memory-leak-in-ollama
Bluesky
Overview
Description
Statistics
- 3 Posts
- 1 Interaction
Bluesky
Overview
- GitHub
- Enterprise Server
Description
Statistics
- 2 Posts
- 13 Interactions
Fediverse
So, #GitHub is having a rough go of it lately. With significant instability and frequent outages in the last month and platform uptime dropping below 85%.
But the most fun trick? Any authenticated user could execute arbitrary commands on GitHub's backend servers with a single git push command - using nothing but a standard git client. (Because their architecture didn’t sterilize semicolons, thus prompt injection.)
On GitHub Enterprise Server, the vulnerability grants full server compromise, including access to all hosted repositories and internal secrets.
GitHub Enterprise Server customers should upgrade ASAP. Wiz dot io data indicates that 88% of instances were still vulnerable.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
GitHub Enterprise Server: Immediate action required!
Upgrade to #GHES version 3.19.3 or later - this release patches #CVE-2026-3854
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Overview
Description
Statistics
- 2 Posts
Bluesky
Overview
Description
Statistics
- 3 Posts
Fediverse
CVE-2026-0073 Android adbd TLS client-authentication bypass
https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/
Read on HackerWorkspace: https://hackerworkspace.com/article/cve-2026-0073-android-adbd-tls-client-authentication-bypass
CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction. https://www.securityweek.com/critical-remote-code-execution-vulnerability-patched-in-android-2/
Overview
Description
Statistics
- 1 Post
- 7 Interactions
Overview
Description
Statistics
- 1 Post