CVE-2026-26980

Overview

TryGhost
Ghost

20 Feb 2026

Published

26 May 2026

Updated

CVSS v3.1

CRITICAL (9.4)

EPSS

63.49%

MITRE

KEV

Description

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Statistics

7 Posts
2 Interactions

Last activity: 1 hour ago

Fediverse

corq @corq

Hackers Exploit Ghost CMS CVE-2026-26980 to Poison 700 Websites With ClickFix Malware https://cybersecuritynews.com/hackers-exploit-ghost-cms-cve-2026-26980/?utm_source=dlvr.it&utm_medium=%5Binfosec.exchange%5D

0
0
0
4h ago

Bluesky

Ninja Owl @ninjaowl.ai

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

1
1
0
21h ago

CyberVeille @cyberveille-ch.bsky.social

📢 Campagne ClickFix massive exploitant une injection SQL critique dans Ghost CMS (CVE-2026-26980) 📝 ## 🗓️ Contexte Publié le 24 mai 202… https://cyberveille.ch/posts/2026-05-25-campagne-clickfix-massive-exploitant-une-injection-sql-critique-dans-ghost-cms-cve-2026-26980/ #CVE_2026_26980 #Cyberveille

0
0
0
18h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Ghost CMS CVE-2026-26980 was abused in a ClickFix campaign that hit 700+ sites, while FBI flagged Kali365 phishing Microsoft 365. The recap also noted major healthcare breaches and poisoned Laravel-Lang packages. #GhostCMS #Kali365 #HealthcareData

0
0
0
10h ago

ReconBee @reconbee.bsky.social

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks reconbee.com/ghost-cms-cv... #ghostcms #CMS #hijack #clickfixattacks #cybersecurity #cyberattack

0
0
0
9h ago

Sam Stepanyan @securestep9.bsky.social

#GhostCMS: Critical SQL Injection vulnerability impacts #Ghost 3.24.0 through 6.19.0, and allows unauthenticated attackers to read arbitrary data from the website database, including the admin API keys (CVE-2026-26980): 👇

0
0
1
1h ago

CVE-2026-45659

Overview

Microsoft
Microsoft SharePoint Enterprise Server 2016

22 May 2026

Published

26 May 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.50%

MITRE

KEV

Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Statistics

6 Posts

Last activity: Last hour

Fediverse

benzogaga33 :verified: @benzogaga33

Faille RCE dans SharePoint : Microsoft publie un patch pour la CVE-2026-45659 https://www.it-connect.fr/faille-rce-sharepoint-patch-cve-2026-45659/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #SharePoint #Microsoft

0
0
0
1h ago

CyberNetsecIO @netsecio

📰 Microsoft Patches High-Severity SharePoint RCE Vulnerability (CVE-2026-45659)

🚨 Microsoft patches high-severity RCE flaw (CVE-2026-45659, CVSS 8.8) in SharePoint Server. Authenticated attackers with low privileges can execute code remotely. On-premise admins: Patch now! #SharePoint #CyberSecurity #PatchTuesday #RCE

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/microsoft-patches-sharepoint-rce-vulnerability-cve-2026-45659/?utm_source=mastodon&utm_…

0
0
0
Last hour

Bluesky

Help Net Security @helpnetsecurity.com

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659) 📖 Read more: www.helpnetsecurity.com/2026/05/26/s... #cybersecurity #cybersecuritynews #vulnerability #securityupdate #SharePoint

0
0
0
6h ago

Information Security Briefly @infosecbriefly.bsky.social

A SharePoint remote code execution flaw (CVE-2026-45659) can be triggered by authenticated attackers with Site Member permissions and requires no elevated privileges.

0
0
0
4h ago

softfantw.eurosky.social @softfantw.eurosky.social

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions thehackernews.com/2026/05/micr...

0
0
1
4h ago

CVE-2026-5426

Overview

Digital Knowledge
KnowledgeDeliver

16 Apr 2026

Published

18 Apr 2026

Updated

CVSS

Pending

EPSS

0.08%

MITRE

KEV

Description

Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks

Statistics

5 Posts

Last activity: 1 hour ago

Bluesky

Cybersecurity News Everyday @hendryadrian.bsky.social

Mandiant linked a KnowledgeDeliver breach to shared ASP.NET machine keys, enabling unauthenticated RCE (CVE-2026-5426). Attackers deployed BLUEBEAM and later Cobalt Strike via a fake plugin. #Japan #KnowledgeDeliver #CVE20265426

0
0
0
16h ago

Calimeg @calimegai.bsky.social

Une faille critique (CVE-2026-5426) dans #KnowledgeDeliver LMS, très utilisé au Japon, a permis l’exploitation zero-day pour déployer Godzilla web shell et Cobalt Strike Beacon. Patch disponible ⚠️ #CyberSecurity #Automatisation

0
0
0
10h ago

Bitnewsbot @bitnewsbot.bsky.social

A critical vulnerability (CVE-2026-5426) in the Japanese LMS Digital Knowledge KnowledgeDeliver allowed unauthenticated remote code execution. Attackers exploited this flaw […]

0
0
0
8h ago

CyberVeille @cyberveille-ch.bsky.social

📢 Exploitation zero-day de KnowledgeDeliver via désérialisation ViewState ASP.NET (CVE-2026-5426) 📝 ## 🔍 Contexte Fin 2025, Mandia… https://cyberveille.ch/posts/2026-05-26-exploitation-zero-day-de-knowledgedeliver-via-deserialisation-viewstate-asp-net-cve-2026-5426/ #ASP_NET_MachineKey #Cyberveille

0
0
0
5h ago

NEWSTECNICAS | Tecnología , IA y Gaming @newstecnicas.com

🚨 #Alerta de #Ciberseguridad: Explotación Zero-Day CVE-2026-5426 en #LMS " #KnowledgeDeliver" www.newstecnicas.com/2026/05/aler...

0
0
0
1h ago

CVE-2026-48710

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

2 Posts
11 Interactions

Last activity: 9 hours ago

Fediverse

dragosr @dragosr

🚨 CVE-2026-48710 ("BadHost"): one character in a Host header bypasses path-based auth across most of the internet's Python AI stack.

In Starlette → FastAPI → vLLM, LiteLLM, TGI, MCP servers, agent harnesses. Found by X41 during a vLLM audit.

Patch shipped after 4 months quietly as CVSS 6.5 scoped as a "web framework problem"; but discoverers say critical.

https://secwest.net/starlette

Fix: Starlette 1.0.1.
Scanner: https://badhost.org
Semgrep+CodeQL: https://github.com/x41sec/poc/tree/master/starlette-host-header

Hat Tip: @marver

5
3
0
9h ago

Bluesky

dragosr @dragostech.bsky.social

🚨CVE-2026-48710("BadHost"): one character in a Host header bypasses path-based authorization across most of the Python AI stack. Lives in Starlette, reaches FastAPI and through it: vLLM (where it was discovered), LiteLLM, TGI, MCP servers, agent harnesses, eval dashboards. cc @marver.bsky.social

0
3
0
9h ago

CVE-2026-48095

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

2 Posts
6 Interactions

Last activity: 3 hours ago

Fediverse

N_{Dario Fadda} @nuke

Critical 7-Zip Flaw CVE-2026-48095 (CVSS 8.8) Enables Arbitrary Code Execution via NTFS Vtable Hijack
#CyberSecurity
https://securebulletin.com/critical-7-zip-flaw-cve-2026-48095-cvss-8-8-enables-arbitrary-code-execution-via-ntfs-vtable-hijack/

5
0
0
7h ago

Bluesky

Best of r/cybersecurity @cybersecurity.page

A vulnerability, CVE-2026-48095, affects 7-Zip 26.00 and earlier, allowing a heap overflow through renamed files. Fixed in 26.01, it uses content-based detection on files like renamed NTFS images. Discovered by GitHub Security Lab.

0
1
0
3h ago

CVE-2026-41091

Overview

Microsoft
Microsoft Malware Protection Engine

20 May 2026

Published

26 May 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

5.94%

MITRE

KEV

Description

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Statistics

3 Posts
4 Interactions

Last activity: 6 hours ago

Fediverse

Dr. Christopher Kunz @christopherkunz

The RedSun vulnerability was "officially fixed" on May 19, with the fix being "let's break the PoC by quarantining the affected .exe". The fix is just part of a Defender definition update. So, I guess the Red Sun no longer prevails.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091

0
3
0
6h ago

Dr. Christopher Kunz @christopherkunz

@jhr77 @Hal_9000 Turns out my hunch was right: CVE-2026-41091 is RedSun.

0
0
0
10h ago

Bluesky

Dr. Christopher Kunz @christopherkunz.bsky.social

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091 [2/2]

0
1
0
6h ago

CVE-2026-9082

Overview

Drupal
Drupal core

20 May 2026

Published

23 May 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

17.33%

MITRE

KEV

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Statistics

2 Posts

Last activity: 19 hours ago

Fediverse

CyberNetsecIO @netsecio

📰 Critical Unauthenticated SQLi Flaw in Drupal Core Hits PostgreSQL Sites

🚨 CRITICAL vulnerability in Drupal Core (CVE-2026-9082)! Unauthenticated SQL injection affects sites using PostgreSQL, allowing for potential RCE. Patch immediately! #Drupal #CyberSecurity #SQLi #Vulnerability

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/critical-sql-injection-vulnerability-cve-2026-9082-in-drupal-core-for-postgresql/?utm_source=mastodon&utm_medium=social&utm_campaign=daily

0
0
0
23h ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 CVE-2026-9082 : Injection SQL dans Drupal JSON:API ajoutée au catalogue KEV de la CISA 📝 ## 🗓️ Contexte Source : CrowdSec VulnTracking, publié le 25 mai… https://cyberveille.ch/posts/2026-05-25-cve-2026-9082-injection-sql-dans-drupal-json-api-ajoutee-au-catalogue-kev-de-la-cisa/ #CISA #Cyberveille

0
0
0
19h ago

CVE-2026-28952

Overview

Apple
iOS and iPadOS

11 May 2026

Published

12 May 2026

Updated

CVSS

Pending

EPSS

0.02%

MITRE

KEV

Description

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination.

Statistics

3 Posts

Last activity: 16 hours ago

Bluesky

Hacker News Top Stories @hackernewsbot.bsky.social

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude | Discussion

0
0
0
17h ago

Hacker News 20 @betterhn20.e-work.xyz

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude https://support.apple.com/en-us/127115 (https://news.ycombinator.com/item?id=48273169)

0
0
1
16h ago

CVE-2026-45829

Overview

Chroma
ChromaDB
chromadb

18 May 2026

Published

19 May 2026

Updated

CVSS v4.0

CRITICAL (10.0)

EPSS

0.17%

MITRE

KEV

Description

A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint.

Statistics

1 Post
4 Interactions

Last activity: 9 hours ago

Fediverse

Nicola Fabiano @nicfab

NicFab Newsletter #22 is out.

→ Garante fines Ambrosetti €85k for late breach notification (Art. 34 GDPR)
→ Verizon DBIR 2026: vuln exploitation overtakes credentials as #1 vector
→ Commission opens first Article 112(1) AI Act review
→ Colorado CADMA replaces the 2024 AI Act
→ Unpatched RCE in ChromaDB (CVE-2026-45829)

Read: https://www.nicfab.eu/en/newsletter-issues/2026-05-26-issue-22/
Subscribe: https://www.nicfab.eu/en/pages/newsletter/#subscribe-now

#Privacy #AIAct #AI #GDPR #Cybersecurity

3
1
0
9h ago

CVE-2026-40172

Overview

goauthentik
authentik

22 May 2026

Published

22 May 2026

Updated

CVSS v3.1

HIGH (8.1)

EPSS

0.01%

MITRE

KEV

Description

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/{pk}/ API allows a caller with change_user on a target user to assign arbitrary groups through UserSerializer, including groups with is_superuser=True, without requiring enable_group_superuser, leading to privilege escalation. This bypasses the stricter permission model enforced in group-management paths and enables delegated user-management permissions to escalate target users to administrator-equivalent privilege. Users with permissions to update groups or permissions to update users are able to add themselves or other users they have permissions on to users which have superuser permissions. This issue has been fixed in versions 22025.12.5 and 2026.2.3.

Statistics

1 Post
4 Interactions

Last activity: 22 hours ago

Fediverse

Hugo | DevOps | Cybersecurity @hugovalters

Is your self-hosted network actually secure?
A brand new CVE-2026-40172 just dropped for Authentik, targeting Single Sign-On (SSO) gateways. Don't let hackers compromise your Proxmox cluster.More https://ww.valtersit.com/ #infosec #devops #proxmox #valtersit #CVE #CVEAlert #devsecops #hackers #sysadmins #sysadmin #developers

3
1
0
22h ago