24h | 7d | 30d

CVE-2026-42897

Overview

Microsoft
Microsoft Exchange Server 2016 Cumulative Update 23

14 May 2026

Published

15 May 2026

Updated

CVSS v3.1

HIGH (8.1)

EPSS

0.22%

MITRE

KEV

Description

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Statistics

26 Posts
9 Interactions

Last activity: Last hour

Fediverse

CERT-FR @cert_fr

⚠️Alerte CERT-FR⚠️

La vulnérabilité CVE-2026-42897 affecte Microsoft Exchange et permet une injection de code indirecte à distance (XSS) ainsi qu'un contournement de la politique de sécurité.

Elle est activement exploitée.

https://cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-005/

1
1
1
12h ago

Jeff Hall - PCIGuru :verified: @jbhall56

Microsoft describes this security flaw (CVE-2026-42897) as a spoofing vulnerability affecting up-to-date Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE) software. https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-exchange-zero-day-flaw-exploited-in-attacks/

0
0
1
12h ago

WinFuture.de @WinFuture

Kritische Sicherheitslücke CVE-2026-42897 bedroht Microsoft Exchange Server 2016, 2019 und Subscription Edition. Angreifer können über OWA JavaScript-Code ausführen. #Microsoft #ITSec https://winfuture.de/news,158719.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia

0
0
1
10h ago

benzogaga33 :verified: @benzogaga33

Exchange Server – CVE-2026-42897 : cette faille zero-day est déjà exploitée ! https://www.it-connect.fr/exchange-server-cve-2026-42897-cette-faille-zero-day-est-deja-exploitee/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Microsoft #Exchange

0
0
0
9h ago

Roger A. Grimes @rogeragrimes

High critical cross-site scripting (CSS) vuln in Microsoft Exchange Server 2016 being used in the wild

https://www.cve.org/CVERecord?id=CVE-2026-42897

0
0
0
6h ago

CyberNetsecIO @netsecio

📰 Microsoft Exchange Zero-Day Under Active Attack, Mitigations Deployed Automatically

📢 Microsoft confirms a new Exchange Server zero-day (CVE-2026-42897) is actively exploited! The XSS flaw in OWA affects on-prem servers. Mitigations are being deployed automatically via the EM service. Check your systems! 🛡️ #Exchange #Zeroday

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/microsoft-confirms-actively-exploited-zero-day-in-exchange-server-cve-2026-…

0
0
0
5h ago

Infosec StuC @InfosecStuC

Hups, a new exchange Zero Day just dropped.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42897

Mitigation available. No Patch.

0
0
0
4h ago

Bluesky

Help Net Security @helpnetsecurity.com

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) 📖 Read more: www.helpnetsecurity.com/2026/05/15/e... #cybersecurity #cybersecuritynews #MicrosoftExchange #vulnerability

1
1
0
14h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-42897 enables spoofing via cross-site scripting in on-premises Exchange Server, with active exploitation, mitigated by emergency service or EOMT.

1
0
0
17h ago

Cyber Threat Feeds @montxt.bsky.social

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html

1
0
0
16h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Microsoft warns of CVE-2026-42897, a high-severity Exchange spoofing flaw exploited via crafted emails to run JavaScript in Outlook on the web. Mitigations are available for Exchange Server 2016, 2019, and SE. #Microsoft #ExchangeServer #CVE202642897

1
0
0
12h ago

Undercode Testing @undercode.bsky.social

CISA Issues Urgent Alert: Microsoft Exchange Server Zero-Day (CVE-2026-42897) Under Active Attack – Deploy This Emergency Mitigation Now + Video Introduction: A newly disclosed zero-day spoofing vulnerability, tracked as CVE-2026-42897, is currently being exploited in the wild against on‑premises…

1
0
0
12h ago

MSXFAQ (Frank Carius) @msxfaq.de

#MSXFAQ CVE-2026-42897 EEMS M2.1 OWA CSP www.msxfaq.de/exchange/upd... HTML-Mails mit Schadcode werden beim Zugriff per OWA eventuell ausgeführt. EEMT-Mitigation werden aktiv verteilt. Wer kein EEMT aktiv hat, sollte manuell aktiv werden.

0
1
0
7h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-42897 is a spoofing and XSS Exchange zero-day exploited via crafted emails, requiring immediate mitigations until a permanent patch is available.

0
0
0
12h ago

ReconBee @reconbee.bsky.social

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email reconbee.com/on-prem-micr... #microsoftexchangeserver #microsoftexchange #microsoft #cybersecurity #cyberattack #Email

0
0
0
12h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-42897 in on-prem Exchange OWA can enable arbitrary JavaScript execution via crafted emails, with emergency mitigation potentially breaking inline images and calendar printing.

0
0
0
12h ago

Undercode Testing @undercode.bsky.social

CISA Alerts: Urgent CVE-2026-42897 Zero-Day Exploitation Hits On-Prem Exchange Servers—Patch or Mitigate NOW + Video Introduction: A critical security advisory was issued on May 14, 2026, as Microsoft confirmed active exploitation of a zero-day vulnerability in on-premises Microsoft Exchange…

0
0
0
10h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Microsoft disclosed CVE-2026-42897, a zero-day exploited in the wild, affecting Exchange Server Subscription Edition, 2016, and 2019. It can enable spoofing and JavaScript execution in Outlook Web Access. #MicrosoftExchange #ExchangeServer

0
0
0
8h ago

IT-Connect @it-connect.bsky.social

⚠️ Exchange Server – CVE-2026-42897 : cette faille zero-day est déjà exploitée ! Plus d'infos : - www.it-connect.fr/exchange-ser... #microsoft #exchange #infosec

0
0
0
9h ago

Ninja Owl @ninjaowl.ai

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
8h ago

boredchilada @boredchilada.bsky.social

~Cisa~ CISA added an actively exploited Microsoft Exchange Server XSS vulnerability to its KEV catalog. - IOCs: CVE-2026-42897 - #CVE202642897 #Exchange #ThreatIntel

0
0
0
4h ago

Techpresso @techpresso.bsky.social

Microsoft has confirmed that a zero-day vulnerability in Exchange Server, tracked as CVE-2026-42897, is being actively exploited in the wild — and no official patch is available yet.

0
0
0
Last hour

boredchilada @boredchilada.bsky.social

~Cybergcca~ Active exploitation of critical Cisco SD-WAN (CVE-2026-20182) and MS Exchange (CVE-2026-42897) flaws. - IOCs: CVE-2026-20182, CVE-2026-42897 - #CVE202620182 #Exchange #ThreatIntel

0
0
0
8h ago

CVE-2026-42945

Overview

F5
NGINX Plus

13 May 2026

Published

14 May 2026

Updated

CVSS v3.1

HIGH (8.1)

EPSS

0.17%

MITRE

KEV

Description

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR ) disabled, code execution is possible. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Statistics

10 Posts
141 Interactions

Last activity: 7 hours ago

Fediverse

Kevin Beaumont @GossiTheDog

Regarding CVE-2026-42945 in nginx - no modern (or even old) Linux distribution runs nginx without ASLR.

The way the PoC exploit works is they spawn nginx like this:

> exec setarch x86_64 -R /nginx-src/build/nginx -p /app -c /app/nginx.conf

Setarch -R disables ASLR. I've had a look through Github and I can't find any other software which actually does this for nginx either.

So, cool, sweet technical vuln - it's valid - but the RCE apocalypse ain't coming.

45
81
0
14h ago

Foudreclair @foudreclair

Une faille vieille de 18 ans dans Nginx, un PoC public, beaucoup de bruit… mais qui est vraiment concerné ?

https://cryptolab.re/posts/2026/nginx-rift-cve-2026-42945/

#nginx #linux #devops #sysadmin #cybersecurity

6
3
0
17h ago

Bearstech @bearstech

🚨 Nouvelle faille critique sur NGINX : CVE-2026-42945 (Z)

Une vulnérabilité dans ngx_http_rewrite_module peut provoquer un crash des workers NGINX, voire une exécution de code si l’ASLR est désactivé.

👉 https://security-tracker.debian.org/tracker/CVE-2026-42945

2
1
1
16h ago

Lukas Rotermund @lukasrotermund

I don't wanna ruin your Friday, but nginx has a serious CVE with a rating of 9.2, and you should patch or mitigate it asap.

The CVE is an unauthenticated http request that can lead to a deterministic buffer overflow and remote code execution.

https://depthfirst.com/nginx-rift

#nginx #cve_2026_42945 #cve202642945

1
0
0
15h ago

FLOSSbOxIN @fbinin

@beyondmachines1
Meanwhile, not completely off the hook people, you can check the vul updates via: https://security-tracker.debian.org/tracker/CVE-2026-42945

0
0
1
7h ago

NWCS @nwcs

CVE-2026-42945 + CVE-2026-43284 = full compromise, hope you guys are patching ;)

#infosec #cybersecurity

0
2
0
17h ago

Bluesky

Hacker News JP @hacker-news-jp.bsky.social

💡 Summary: NGINXのngx_http_rewrite_moduleに起因する深刻なヒープバッファオーバーフローの RCE PoCが公開され、rewriteとsetディレクティブを利用する未認証リモートコード実行が可能となる脆弱性（CVE-2026-42945）の他、同様のメモリ破壊問題が計4件報告された。脆弱性は、2-passのスクリプトエンジンの長さ計算とコピー処理の間でis_argsの扱いが不整合になることで、攻撃者制御のURIデータを用いたヒープ領域の破壊を招き、ngx_pool_cleanup_sを介してsystem()を実行させる流れを利用する。 (1/2)

0
0
0
16h ago

Il Software @mm-ilsoftware-bot.bsky.social

NGINX Rift: il bug rimasto nascosto 18 anni che porta all’esecuzione di codice da remoto La vulnerabilità CVE-2026-42945 è presente in NGINX dal 2008 ma è venuta a galla soltanto o... https://www.ilsoftware.it/nginx-rift-exploit-vulnerabilita-critica/

0
0
0
14h ago

CVE-2026-20182

Overview

Cisco
Cisco Catalyst SD-WAN Manager

14 May 2026

Published

15 May 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

1.56%

MITRE

KEV

Description

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show Control Connections guidance to help with system checks.  A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.

Statistics

23 Posts
12 Interactions

Last activity: 5 hours ago

Fediverse

hrbrmstr 🇺🇦 🇬🇱 🇨🇦 @hrbrmstr

Why are we even bothering, again, if the "giants" of cyber aren't bothering? https://www.rapid7.com/blog/post/ve-cve-2026-20182-critical-authentication-bypass-cisco-catalyst-sd-wan-controller-fixed/

2
4
0
22h ago

Jon Greig @jgreig

CISA said all federal agencies have until Sunday to patch CVE-2026-20182, the latest Cisco SD-WAN bug exploited by nation-state actors.

It was discovered by Rapid7, which said it "behaves like a master key."

https://therecord.media/cisa-orders-all-federal-agencies-to-patch-cisco-sd-wan-bug

0
0
1
10h ago

CyberNetsecIO @netsecio

📰 Cisco Scrambles to Patch Critical 10.0 CVSS Zero-Day in SD-WAN Under Active Attack

🚨 CRITICAL ZERO-DAY: Cisco warns of active exploitation of a 10.0 CVSS auth bypass flaw (CVE-2026-20182) in Catalyst SD-WAN. Attackers can gain full admin access. CISA has issued a directive to patch immediately! ⚠️ #CyberSecurity #ZeroDay #Cisco

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/cisco-warns-of-actively-exploited-zero-day-in-catalyst-sd-wan-cve-2026-201…

0
0
0
5h ago

Bluesky

Ninja Owl @ninjaowl.ai

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

1
1
0
12h ago

ReconBee @reconbee.bsky.social

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits reconbee.com/cisa-adds-ci... #CISA #unitedstates #KEV #vulnerabilities #cisco #cyberattack

0
2
0
12h ago

0xor0ne @0xor0ne.bsky.social

Cisco Catalyst SD-WAN Controller auth bypass in vdaemon DTLS via spoofed vHub device type (CVE-2026-20182) www.rapid7.com/blog/post/ve... #infosec

0
2
0
11h ago

ohhara @shiojiri.com

CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

0
0
1
21h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-20182 in Cisco Catalyst SD-WAN Controller enables unauthenticated remote authentication bypass and administrative access, added to CISA KEV with FCEB remediation by May 17, 2026.

0
0
0
18h ago

ohhara @shiojiri.com

Cisco Catalyst SD-WANの重大な脆弱性、ゼロデイ攻撃で悪用される（CVE-2026-20182） | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45603/

0
0
0
18h ago

Information Security Briefly @infosecbriefly.bsky.social

Cisco released patches for CVE-2026-20182, an exploited SD-WAN authentication bypass that can grant remote attackers admin privileges via crafted packets.

0
0
0
18h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Cisco SD-WAN CVE-2026-20182, a CVSS 10.0 auth bypass, is being exploited in the wild. Attackers linked to UAT-8616 have gained admin access, added SSH keys, and altered NETCONF settings. #Cisco #SDWAN #UAT8616

0
0
0
17h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Cisco fixed CVE-2026-20182 in Catalyst SD-WAN Controller and Manager after active exploitation of an auth bypass that can grant admin access and let attackers alter network configs. #Cisco #CVE2026 #SDWAN

0
0
0
17h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

CISA added CVE-2026-20182 to KEV after active exploitation of Cisco Catalyst SD-WAN. The 10.0 auth bypass is linked to UAT-8616, with attacks using web shells, miners, backdoors, and stealers. #Cisco #UAT8616 #KEV

0
0
0
17h ago

FrauStief @fraustief.bsky.social

🚨Sicherheitslücke CVE-2026-20182 in Cisco Catalyst SD-WAN Controller (früher SD-WAN vSmart) und des Cisco Catalyst SD-WAN Manager (früher SD-WAN vManage) CVSS 10! UND: Die Schwachstelle wird bereits in freier Wildbahn ausgenutzt. 👉 jetzt Handeln: www.cisa.gov/news-events/...

0
0
0
13h ago

PCI Guru @jbhall56.bsky.social

The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. www.securityweek.com/cisco-patche...

0
0
2
12h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-20182 is a max-severity, actively exploited Cisco Catalyst SD-WAN Controller/Manager flaw enabling unauthenticated admin access and NETCONF manipulation.

0
0
0
12h ago

Help Net Security @helpnetsecurity.com

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) 📖 Read more: www.helpnetsecurity.com/2026/05/15/c... #cybersecurity #cybersecuritynews #0day #APT #SDWAN @cisco.com @talosintelligence.com @rapid7.com

0
0
0
11h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Cisco disclosed CVE-2026-20182, a max-severity auth bypass in Catalyst SD-WAN Controller and Manager. Cisco and Rapid7 say limited exploitation is underway, with UAT-8616 linked to admin-level access. #Cisco #CVE2026 #UAT8616

0
0
0
9h ago

boredchilada @boredchilada.bsky.social

~Cybergcca~ Active exploitation of critical Cisco SD-WAN (CVE-2026-20182) and MS Exchange (CVE-2026-42897) flaws. - IOCs: CVE-2026-20182, CVE-2026-42897 - #CVE202620182 #Exchange #ThreatIntel

0
0
0
8h ago

CVE-2026-46333

Overview

Linux
Linux

15 May 2026

Published

15 May 2026

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.

Statistics

7 Posts
118 Interactions

Last activity: 1 hour ago

Fediverse

Harry Sintonen @harrysintonen

Local file exposure #vulnerability in linux kernels (CVE-2026-46333):

https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn

Apparently this issue was already identified in 2020 but wasn't fixed back then.

Mitigation:
- runtime:
sudo sysctl -w kernel.yama.ptrace_scope=2
- To make the mitigation persistent:
echo "kernel.yama.ptrace_scope=2" | sudo tee /etc/sysctl.d/01-harden-ptrace.conf

WARNING: This mitigation may break existing functionality. Test before deploying.

WARNING 2: While this mitigation does block the currently existing PoC, it may not prevent other attack vectors exploiting this vulnerability.

#infosec #cybersecurity #CVE_2026_46333

18
19
0
16h ago

AlmaLinux @almalinux

ssh-keysign-pwn is the fourth local-root Linux kernel disclosure in roughly two weeks. (But who's counting?)

AlmaLinux 9 and 10 are both vulnerable. AlmaLinux 8 is not exploitable with the current public PoCs, but is getting the patch as well.

Patched kernel versions are available for testing now: https://almalinux.org/blog/2026-05-15-ssh-keysign-pwn-cve-2026-46333/

17
12
0
9h ago

Harry Sintonen @harrysintonen

#Debian has released kernel update that fixes the CVE-2026-46333 (ssh-keysign-pwn) vulnerability.

Debian stable (trixie) kernel update: https://lists.debian.org/debian-security-announce/2026/msg00185.html

Debian oldstable (bookworm) kernel update: https://lists.debian.org/debian-security-announce/2026/msg00186.html

14
16
0
5h ago

LWN.net @lwn

Seven new stable kernels with patches for CVE-2026-46333

https://lwn.net/Articles/1073060/ #LWN #Linux #kernel

13
4
0
11h ago

kravietz 🦇 @kravietz

What a week… #Linux ssh-keysign-pwn (CVE-2026-46333):

Mitigation (breaks strace, gdb etc)

$ sudo sysctl -w kernel.yama.ptrace_scope=3
$ echo 'kernel.yama.ptrace_scope = 3' | sudo tee /etc/sysctl.d/99-ssh-keysign-pwn.conf

https://nvd.nist.gov/vuln/detail/CVE-2026-46333

3
0
0
5h ago

Paul Wouters 🇪🇺🇨🇦 @letoams

If you are changing sysctl kernel.yama.ptrace_scope because of the ssh-keygen-pwn exploit https://almalinux.org/blog/2026-05-15-ssh-keysign-pwn-cve-2026-46333/ on fedora/rhel, be aware that your sysctl will be competing with /usr/lib/sysctl.d/10-default-yama-scope.conf so better change it in that file.

2
0
0
2h ago

Bluesky

fujiwara @fujiwara.bsky.social

"ssh-keysign-pwn (CVE-2026-46333): Patched kernels available in testing"

0
0
0
1h ago

CVE-2026-46300

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

6 Posts
2 Interactions

Last activity: 6 hours ago

Fediverse

Grub :verified: :linux: :gnu: @Grub_09

Fragnesia: una nuova vulnerabilità di escalation dei privilegi nel kernel Linux

Scoperta una nuova falla di sicurezza nel kernel Linux, chiamata Fragnesia (CVE-2026-46300), che consente a un utente locale non privilegiato di ottenere i privilegi di amministratore (root) su una distribuzione GNU/Linux.

@linux #UnoLinux #gnulinux #linux

#kernellinux #gnulinuxitalia #linuxitalia #fragnesia

#vulnerabilitalinux

https://www.laseroffice.it/blog/2026/05/14/fragnesia-una-nuova-vulnerabilita-di-escalation-dei-privilegi-nel-kernel-linux/

1
1
0
6h ago

Ruarí Ødegaard @ruario

Oh and while we are here, Linux fans, please tell me you have updated your machine for "Fragnesia (CVE-2026-46300)", right… right!?

https://github.com/v12-security/pocs/tree/main/fragnesia

0
0
0
18h ago

GuardingPearSoftware @guardingpearsoftware

Linux distributions are alerting users to a newly disclosed kernel vulnerability that could allow local attackers to escalate privileges to root.

The flaw, dubbed Fragnesia and tracked as CVE-2026-46300, enables unprivileged users to obtain root access by overwriting critical system files.

Most Linux distributions are impacted, and vendors have begun rolling out security patches.

0
0
0
17h ago

Bluesky

Help Net Security @helpnetsecurity.com

Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300) 📖 Read more: www.helpnetsecurity.com/2026/05/14/f... #cybersecurity #cybersecuritynews #containers #Linux #exploit #PoC #vulnerability @vakzz.bsky.social

0
0
0
18h ago

Techpresso @techpresso.bsky.social

A third major Linux kernel vulnerability has been disclosed in just two weeks, with the new flaw dubbed "Fragnesia" (CVE-2026-46300) allowing local attackers to escalate privileges to root.

0
0
0
17h ago

Undercode Testing @undercode.bsky.social

Fragnesia Linux LPE: One Line Roots Your Kernel—Patch Now Before the Page Cache Betrays You + Video Introduction A newly disclosed Linux kernel local privilege escalation (LPE) vulnerability, tracked as CVE-2026-46300 and dubbed “Fragnesia,” allows an unprivileged local attacker to gain immediate…

0
0
0
16h ago

CVE-2026-28993

Overview

Apple
iOS and iPadOS

11 May 2026

Published

12 May 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access user-sensitive data.

Statistics

1 Post
25 Interactions

Last activity: 9 hours ago

Fediverse

Greg Pierce @agiletortoise

NOTICE: Shortcuts broke its x-callback-url implementation.

Seems to be part of the security fix for CVE-2026-28993 included in iOS 26.5/18.7.9, macOS 26.5/15.7.7/14.8.7. On these OSes, it’s no longer possible to get a result from a Shortcut call via `x-success` callback, you will *always* get an x-error.

In theory, per the CVE, Shortcuts should offer a permissions prompt, not just fail.

Apple Folks: FB22785648

9
16
0
9h ago

CVE-2026-33017

Overview

langflow-ai
langflow

20 Mar 2026

Published

26 Mar 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

43.64%

MITRE

KEV

Description

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored flow data from the database. This code is passed to exec() with zero sandboxing, resulting in unauthenticated remote code execution. This is distinct from CVE-2025-3248, which fixed /api/v1/validate/code by adding authentication. The build_public_tmp endpoint is designed to be unauthenticated (for public flows) but incorrectly accepts attacker-supplied flow data containing arbitrary executable code. This issue has been fixed in version 1.9.0.

Statistics

2 Posts

Last activity: 17 hours ago

Bluesky

ohhara @shiojiri.com

Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker https://gbhackers.com/langflow-cve-2026-33017-exploited/

0
0
0
20h ago

Kees - Nijkerk @keesnk.bsky.social

Langflow CVE-2026-33017 exploited to steal AWS Keys and deploy NATS Worker: cybersecuritynews.com/langflow-cve...

0
0
0
17h ago

CVE-2026-41096

Overview

Microsoft
Windows 11 version 22H3

12 May 2026

Published

15 May 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.07%

MITRE

KEV

Description

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.

Statistics

2 Posts

Last activity: 15 hours ago

Fediverse

YDKK @YDKK

CVE-2026-41096 普通に刺さりそうで怖いな
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096

0
0
0
22h ago

Bluesky

Undercode Testing @undercode.bsky.social

Breaking Down CVE-2026-41096: The DNS-Based RCE That Turns svchostexe into a LOLBin Launcher + Video Introduction: A newly disclosed critical vulnerability, CVE-2026-41096, exploits a heap-based buffer overflow in the Windows DNS Client (DNSAPI.dll), enabling remote code execution (RCE) with a…

0
0
0
15h ago

CVE-2026-43898

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

1 Post
4 Interactions

Last activity: 15 hours ago

Fediverse

N_{Dario Fadda} @nuke

CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm
#CyberSecurity
https://securebulletin.com/cve-2026-43898-critical-sandboxjs-escape-cvss-10-0-enables-full-host-takeover-via-npm/

4
0
0
15h ago

CVE-2026-26083

Overview

Fortinet
FortiSandbox Cloud

12 May 2026

Published

13 May 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.04%

MITRE

KEV

Description

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests.

Statistics

1 Post
4 Interactions

Last activity: 15 hours ago

Fediverse

N_{Dario Fadda} @nuke

CVE-2026-26083: Critical Fortinet FortiSandbox Flaw Allows Unauthenticated Remote Code Execution — Patch Now
#CyberSecurity
https://securebulletin.com/cve-2026-26083-critical-fortinet-fortisandbox-flaw-allows-unauthenticated-remote-code-execution-patch-now/

4
0
0
15h ago

Showing 1 to 10 of 55 CVEs