CVE-2026-40372

Overview

Microsoft
ASP.NET Core 10.0

21 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.04%

MITRE

KEV

Description

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

Statistics

10 Posts
3 Interactions

Last activity: 5 hours ago

Fediverse

Barret @barret

From the .NET blog...

Bluesky

Ninja Owl @ninjaowl.ai

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
11h ago

TechNadu @technadu.com

ASP.NET Core vuln (CVE-2026-40372) → SYSTEM access risk. Crypto validation flaw = forged tokens possible. Patch helps, but key rotation is critical. Follow TechNadu for more. Thoughts? #CyberSecurity #Infosec #Microsoft

0
0
0
6h ago

piggo @pigondrugs.bsky.social

~Cybergcca~ Security updates released for GitLab CE/EE and a critical OOB patch for Microsoft .NET (CVE-2026-40372). - IOCs: CVE-2026-40372 - #GitLab #Microsoft #ThreatIntel

0
0
0
5h ago

rmcholewa.bsky.social @rmcholewa.bsky.social

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug thehackernews.com/2026/04/micr...

0
0
0
5h ago

CVE-2026-32201

Overview

Microsoft
Microsoft SharePoint Enterprise Server 2016

14 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

7.94%

MITRE

KEV

Description

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Statistics

6 Posts

Last activity: Last hour

Fediverse

ekiledjian @edwardk

Over 1,370 Microsoft SharePoint servers are exposed online to a spoofing vulnerability (CVE-2026-32201), which is actively exploited in the wild. This critical flaw, identified by The Shadowserver Foundation, allows unauthorized attackers to bypass security protocols and potentially compromise sensitive corporate data, highlighting a significant patch management problem for many organizations.
https://gbhackers.com/1370-microsoft-sharepoint-servers-at-risk-of-spoofing-attacks/

0
0
0
15h ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 Plus de 1 300 serveurs SharePoint non patchés exposés à CVE-2026-32201, exploitée en zero-day 📝 📰 **Source** : BleepingComputer, article de … https://cyberveille.ch/posts/2026-04-22-plus-de-1-300-serveurs-sharepoint-non-patches-exposes-a-cve-2026-32201-exploitee-en-zero-day/ #CISA_KEV #Cyberveille

0
0
0
11h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Over 1,300 Microsoft SharePoint servers remain unpatched against zero-day spoofing flaw CVE-2026-32201, affecting Server 2016, 2019, and Subscription Edition. Fewer than 200 patched despite active exploitation. #MicrosoftSharePoint #CISA #USA

0
0
0
11h ago

Christina Ayiotis @christinaayiotis.bsky.social

“security flaw tracked as CVE-2026-32201 affects SharePoint Enterprise Server 2016, SharePoint Server 2019 & SharePoint Server Subscription Edition (.. latest on-premises version which uses a ‘continuous update’ model).” www.bleepingcomputer.com/news/securit... @microsoft.com @bleepingcomputer.com

0
0
0
4h ago

Eyal Estrin ☁️ @eyalestrin.bsky.social

Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks (CVE-2026-32201) #patchmanagement

0
0
0
2h ago

Information Security Briefly @infosecbriefly.bsky.social

Over 1,300 internet-exposed Microsoft SharePoint servers remain unpatched against a spoofing flaw, CVE-2026-32201, posing significant security risks.

0
0
0
Last hour

CVE-2026-41651

Overview

PackageKit
PackageKit

22 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

Pending

MITRE

KEV

Description

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5. A local unprivileged user can install arbitrary RPM packages as root, including executing RPM scriptlets, without authentication. The vulnerability is a TOCTOU race condition on `transaction->cached_transaction_flags` combined with a silent state-machine guard that discards illegal backward transitions while leaving corrupted flags in place. Three bugs exist in `src/pk-transaction.c`: 1. Unconditional flag overwrite (line 4036): `InstallFiles()` writes caller-supplied flags to `transaction->cached_transaction_flags` without checking whether the transaction has already been authorized/started. A second call blindly overwrites the flags even while the transaction is RUNNING. 2. Silent state-transition rejection (lines 873–882): `pk_transaction_set_state()` silently discards backward state transitions (e.g. `RUNNING` → `WAITING_FOR_AUTH`) but the flag overwrite at step 1 already happened. The transaction continues running with corrupted flags. 3. Late flag read at execution time (lines 2273–2277): The scheduler's idle callback reads cached_transaction_flags at dispatch time, not at authorization time. If flags were overwritten between authorization and execution, the backend sees the attacker's flags.

Statistics

5 Posts
7 Interactions

Last activity: 1 hour ago

Fediverse

Matthias Klumpp @matk

Forgot your root password? No problem! With #PackageKit <= 1.3.4 you can do all the fun root action on any Linux system you have local access to, no privileges required!

Don't like that? Then PLEASE UPDATE your system ASAP to PackageKit >= 1.3.5 or any fixed distro package. Fixes for this vulnerability should already be available everywhere since today.

You can read more about CVE-2026-41651 on the security researcher's blog:
https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html

#pack2theroot #osssecurity

3
3
0
6h ago

Billchenchina 🏳️‍⚧️ @billchenchina

PackageKit GHSA-f55j-vvr9-69xv / "Pack2TheRoot" / CVE-2026-41651
请尽快更新
All PackageKit versions between >= 1.0.2 and <= 1.3.4 are vulnerable.
Debian 12 1.2.6-5+deb12u1
Debian 13 1.3.1-1+deb13u1
上游修复版本 1.3.5

This release fixes a critical security vulnerability that allows unprivileged local users to obtain root privileges on any distribution that uses PackageKit.

0
1
0
7h ago

intuentis0x0 @intuentis0x0

There is a great report out there by @dtcert

Telekom Red Team (great work guys) found a high severity LPE vulnerability in PackageKit daemon. In the report the distros of Ubuntu, Debian and Fedora and some more are mentioned as affected. Some left traces to hunt for the exploitation comes with the report, which is helpful.

edit: now known as CVE-2026-41651

https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html

0
0
0
9h ago

Bluesky

/r/netsec @r-netsec-bot.bsky.social

Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability

0
0
1
1h ago

CVE-2026-34197

Overview

Apache Software Foundation
Apache ActiveMQ Broker
org.apache.activemq:activemq-broker

07 Apr 2026

Published

17 Apr 2026

Updated

CVSS

Pending

EPSS

59.64%

MITRE

KEV

Description

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations on all ActiveMQ MBeans (org.apache.activemq:*), including BrokerService.addNetworkConnector(String) and BrokerService.addConnector(String). An authenticated attacker can invoke these operations with a crafted discovery URI that triggers the VM transport's brokerConfig parameter to load a remote Spring XML application context using ResourceXmlApplicationContext. Because Spring's ResourceXmlApplicationContext instantiates all singleton beans before the BrokerService validates the configuration, arbitrary code execution occurs on the broker's JVM through bean factory methods such as Runtime.exec(). This issue affects Apache ActiveMQ Broker: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ All: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ: before 5.19.4, from 6.0.0 before 6.2.3. Users are recommended to upgrade to version 5.19.4 or 6.2.3, which fixes the issue

Statistics

3 Posts
1 Interaction

Last activity: 1 hour ago

Fediverse

ekiledjian @edwardk

Thousands of Apache ActiveMQ instances remain unpatched weeks after a critical remote code injection vulnerability (CVE-2026-34197) was discovered, highlighting a dangerous lag in security updates. Experts warn that with AI capable of rapidly weaponizing newly found bugs, slow patching cycles are a significant network security risk.
https://www.csoonline.com/article/4161532/thousands-of-apache-activemq-instances-still-unpatched-weeks-after-an-actively-exploited-hole-discovered.html

0
0
0
16h ago

Bluesky

Kees - Nijkerk @keesnk.bsky.social

6000+ Apache ActiveMQ Instances Vulnerable to CVE-2026-34197 exposed Online: cybersecuritynews.com/apache-activ...

1
0
0
16h ago

Idenhaus @idenhaus.bsky.social

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation: CVE-2026-34197 "This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise."

0
0
0
1h ago

CVE-2023-33538

Overview

Pending

07 Jun 2023

Published

20 Dec 2025

Updated

CVSS

Pending

EPSS

89.90%

MITRE

KEV

Description

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .

Statistics

3 Posts
5 Interactions

Last activity: 20 hours ago

Fediverse

Patrick C Miller :donor: @patrickcmiller

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful https://securityaffairs.com/191040/hacking/cve-2023-33538-under-attack-for-a-year-but-exploitation-still-unsuccessful.html

2
3
1
20h ago

Chris Short @ChrisShort

TP-Link router owners beware | A Deep Dive Into Attempted Exploitation of CVE-2023-33538 #devopsish https://unit42.paloaltonetworks.com/exploitation-of-cve-2023-33538/

0
0
0
22h ago

CVE-2026-41285

Overview

OpenBSD
OpenBSD

20 Apr 2026

Published

21 Apr 2026

Updated

CVSS v3.1

MEDIUM (4.3)

EPSS

0.01%

MITRE

KEV

Description

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no preceding check for whether nd_opt_len is zero.

Statistics

2 Posts
3 Interactions

Last activity: 18 hours ago

Fediverse

Nad @Nadsec

Another1 - CVE-2026-41285 - OpenBSD

https://nvd.nist.gov/vuln/detail/CVE-2026-41285

(Project asswing was not involved)

0
0
0
18h ago

Bluesky

Nad @nadsec.online

Another1 - CVE-2026-41285 - OpenBSD nvd.nist.gov/vuln/detail/... (Project asswing was not involved)

2
1
0
18h ago

CVE-2026-5760

Overview

SGLang
SGLang

20 Apr 2026

Published

20 Apr 2026

Updated

CVSS

Pending

EPSS

0.29%

MITRE

KEV

Description

SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().

Statistics

3 Posts
1 Interaction

Last activity: 7 hours ago

Bluesky

Ninja Owl @ninjaowl.ai

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
1
0
21h ago

NEWSTECNICAS | Tecnología , IA y Gaming @newstecnicas.info.ve

⚠️ Manual Técnico: #Reparación del CVE-2026-5760 en el #Framework de IA #SGLang www.newstecnicas.info.ve/2026/04/manu...

0
0
1
7h ago

CVE-2026-33825

Overview

Microsoft
Microsoft Defender Antimalware Platform

14 Apr 2026

Published

22 Apr 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.06%

MITRE

KEV

Description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Statistics

2 Posts

Last activity: Last hour

Fediverse

ekiledjian @edwardk

Three publicly available exploits, BlueHammer, RedSun, and UnDefend, are being used to turn Microsoft Defender into an attacker tool, with two enabling SYSTEM-level access and one disrupting Defender's update mechanism. While a patch exists for BlueHammer (CVE-2026-33825), RedSun and UnDefend exploit separate flaws, allowing attackers to escalate privileges or weaken defenses with minimal modifications.
https://www.darkreading.com/cyberattacks-data-breaches/exploits-turn-windows-defender-attacker-tool

0
0
0
16h ago

Bluesky

Blacky @coldblacksun.bsky.social

CISA has added the Microsoft Defender insufficient granularity of access control vulnerability CVE-2026-33825 to its KEV Catalog www.cisa.gov/known-exploi...

0
0
0
Last hour

CVE-2026-35616

Overview

Fortinet
FortiClientEMS

04 Apr 2026

Published

21 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

35.12%

MITRE

KEV

Description

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Statistics

1 Post
4 Interactions

Last activity: 11 hours ago

Fediverse

N_{Dario Fadda} @nuke

Critical Fortinet FortiClient EMS Zero-Day CVE-2026-35616 Exploited Before Official Patch Was Released
#CyberSecurity
https://securebulletin.com/critical-fortinet-forticlient-ems-zero-day-cve-2026-35616-exploited-before-official-patch-was-released/

4
0
0
11h ago

CVE-2026-6299

Overview

Google
Chrome

15 Apr 2026

Published

16 Apr 2026

Updated

CVSS

Pending

EPSS

0.05%

MITRE

KEV

Description

Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Statistics

2 Posts

Last activity: 10 hours ago

Bluesky

ケイ | 副業Webライター📖 @keiwork35.bsky.social

【脆弱性情報】 CVE-2026-6299 chromeの脆弱性について Google Chrome の 147.0.7727.101 より前のバージョンにおいて、Prerender に解放後使用の脆弱性が存在します。細工された HTML ページを介して、遠隔の攻撃者が任意のコードを実行できる可能性があります。

0
0
0
10h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

Google、Chrome 147で31件の脆弱性を修正、Criticalは5件(CVE-2026-6296、CVE-2026-6297、CVE-2026-6298、CVE-2026-6299、CVE-2026-6358を) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews

0
0
0
23h ago