cyberpress.org
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-05-29.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-05-29 2026 | Critical Roundcube Flaw Allows Attackers to Inject SQL QueriesSQLi | Writeup detailing critical vulnerabilities in Roundcube Webmail, including a pre-authentication SQL injection flaw in the `virtuser_query` plugin via `preg_replace` backslash escape bypass, allowing arbitrary database queries. The update also addresses code injection via the LDAP `autovalues` option and other issues like stored XSS, CSS injection, SSRF bypass, and session poisoning. These vulnerabilities are patched in versions 1.6.16 and 1.7.1. |
| 2026-05-25 2026 | nginx-poolslip Flaw Enables DoS and Remote Code ExecutionRCE | Analysis of CVE-2026-9256, "nginx-poolslip," reveals a critical heap-based buffer overflow in NGINX Plus and Open Source, exploitable remotely by unauthenticated attackers for denial-of-service or remote code execution. Exploitation involves crafting rewrite directives with overlapping PCRE capture groups and leverages a multi-stage ASLR bypass via heap probing and Heap Feng Shui techniques, ultimately enabling interactive root-level shell access. Mitigation includes patching affected NGINX versions and replacing unnamed PCRE capture groups with named ones in rewrite rules. |
| 2026-05-21 2026 | Critical Drupal Core Vulnerability Exposes Websites to AttacksSQLi | Advisory SA-CORE-2026-004 details CVE-2026-9082, a critical SQL injection vulnerability in Drupal core's database abstraction API affecting PostgreSQL users. This unauthenticated flaw, rated 20/25 on Drupal's scale, allows attackers to bypass sanitization and execute malicious SQL, potentially leading to data disclosure, privilege escalation, or RCE. Supported versions 11.3.x, 11.2.x, 10.6.x, and 10.5.x require immediate updates. Legacy branches and Drupal 8/9 versions have specific patching instructions or manual file applications. |
| 2026-05-21 2026 | Cisco Secure Workload Flaw Enables Unauthorized API AccessAPI Sec | Writeup of CVE-2026-20223 in Cisco Secure Workload, a critical flaw (CVSS 10.0) allowing unauthenticated remote attackers to gain Site Admin privileges via unprotected internal REST API endpoints. Exploitation bypasses all access controls, enabling cross-tenant exposure and configuration changes. Affecting both SaaS and on-premises deployments, remediation requires immediate patching to fixed releases (3.10.8.3 or 4.0.3.17) as no workarounds exist. |
| 2026-05-21 2026 | Chrome Flaw Enable Remote Code ExecutionRCE | Writeup of Chrome vulnerabilities, including two Critical flaws (CVE-2026-9111 Use-After-Free in WebRTC and CVE-2026-9110 Inappropriate Implementation in UI) enabling remote code execution on Windows, macOS, and Linux. Nine High-severity vulnerabilities were also patched, spanning memory corruption in GPU, QUIC, Service Worker, GFX, and XR components, some of which are known to facilitate sandbox escapes and RCE exploit chains. |
| 2026-05-20 2026 | Microsoft DurableTask Python Client Compromised by TeamPCPPython | Analysis of TeamPCP's compromise of Microsoft's DurableTask Python client, detailing the supply chain attack that injected malicious versions (1.4.1–1.4.3) into PyPI. The actor exploited compromised GitHub credentials to obtain a PyPI API token, bypassing Microsoft's CI/CD pipeline to upload tainted packages. The malware, featuring a Python zipapp payload, exfiltrated AWS, Azure, GCP, Kubernetes, HashiCorp Vault, and other credentials, and propagated laterally via AWS SSM and Kubernetes. This incident links to the broader Mini Shai-Hulud campaign. |
| 2026-05-20 2026 | New NGINX Vulnerability Allows Remote Code Execution AttacksRCE | Writeup of CVE-2026-8711, a critical heap buffer overflow in NGINX JavaScript (njs) versions 0.9.4-0.9.8. This vulnerability, triggered by `js_fetch_proxy` with client-controlled variables, can lead to remote code execution (RCE) if ASLR is disabled. The article also discusses the "NGINX Rift" vulnerability chain (CVE-2026-42945), which has seen in-the-wild exploitation. Mitigation involves auditing directives, enabling ASLR, and monitoring logs. |
| 2026-05-19 2026 | Critical PostgreSQL Flaws Enable Code Execution and SQL InjectionSQLi | Library updates for PostgreSQL address 11 CVEs, including stack buffer overflows (CVE-2026-6637), SQL injection, memory disclosure, and denial-of-service vulnerabilities across supported versions 14 through 18. Exploitable flaws allow arbitrary code execution as the OS user running the database server, SQL injection via cascade primary keys, and out-of-bounds writes. Additional issues include data overwrites in client tools like `psql` and `pg_dump` via libpq large-object functions (CVE-2026-6477), and path traversal with symlink following in `pg_basebackup` and `pg_rewind` (CVE-2026-6475). Legacy MD5 authentication is also vulnerable to timing attacks (CVE-2026-6478). |
| 2026-05-19 2026 | Malicious GitHub Action Steals Workflow Credentials In Supply Chain AttackSupply Chain | Library for detecting malicious GitHub Actions, specifically detailing an attack on the `issues-helper` action that manipulates repository tags and commits to exfiltrate workflow credentials. The attack involves downloading the Bun JavaScript runtime, using Python child processes to scrape secrets from runner memory, and exfiltrating data to an attacker-controlled domain. Security measures like Harden-Runner and StepSecurity can block these compromised actions and outbound connections. |
| 2026-05-18 2026 | Marimo Security Flaw Enables remote code execution AttacksRCE | Writeup on CVE-2026-39987, a critical pre-authentication RCE in Marimo, a Python notebook framework, allowing unauthenticated attackers to hijack a live system shell via an unprotected `/terminal/ws` WebSocket endpoint. Exploitation can lead to full system compromise, data exfiltration, and lateral movement, especially in Dockerized AI/ML environments. A Nuclei detection template is available. All Marimo versions ≤ 0.22.x are affected; upgrade to 0.23.0 or later. |
| 2026-05-18 2026 | Hackers Exploit Critical NGINX RCE Vulnerability in the WildRCE | Writeup of CVE-2026-42945, "NGINX Rift," detailing a critical heap buffer overflow in the `ngx_http_rewrite_module`. This vulnerability, affecting numerous NGINX versions, enables remote code execution when ASLR is disabled and a denial-of-service condition via worker process crashes otherwise. Exploitation is actively occurring in the wild, with a proof-of-concept readily available. Patched versions of NGINX are now available, and Cloudflare has released a WAF rule update. |
| 2026-05-18 2026 | SQL Injection File Read Vulnerability Affect 1M Avada WordPress SitesSQLi | Writeup of CVE-2026-4798 and CVE-2026-4782, two critical vulnerabilities in the Avada Builder WordPress plugin. CVE-2026-4798 is a SQL injection flaw allowing unauthenticated attackers to extract database records via time-based blind attacks when WooCommerce is deactivated. CVE-2026-4782 is a file read vulnerability enabling authenticated users with Subscriber-level access to read arbitrary server files, including wp-config.php, by exploiting the fusion_get_svg_from_file() function. Both vulnerabilities affect millions of sites and require immediate updates to Avada Builder version 3.15.3. |
| 2026-05-18 2026 | Claude Code RCE Vulnerability Allow Attackers Execute Commands via Malicious DeeplinksRCE | Writeup of RCE in Anthropic's Claude Code, allowing attackers to execute arbitrary shell commands via crafted `claude-cli://` deeplinks. The vulnerability, disclosed by Joernchen, exploited an `eagerParseCliFlag` function that naively processed `--settings=` flags embedded within deeplink parameters, bypassing workspace trust dialogs on macOS. Anthropic fixed the flaw in version 2.1.118. |
| 2026-05-15 2026 | Amazon Redshift JDBC Driver Flaws Enable Remote Code ExecutionRCE | Library for Amazon Redshift JDBC Driver, specifically addressing CVE-2026-8178, which enables remote code execution. Versions prior to 2.2.2 are vulnerable due to unsafe class loading from connection parameters, allowing attackers to execute arbitrary code within the Java Virtual Machine (JVM) context without authentication. Exploitation can impact confidentiality, integrity, and availability. Users must upgrade to version 2.2.2 or later and review connection URL construction. |
| 2026-05-15 2026 | Critical Next.js Flaw Exposes Cloud Credentials API Keys and Admin PanelsAPI Sec | Library patch addresses CVE-2026-44578, a critical Next.js vulnerability allowing server-side request forgery (SSRF) through malicious WebSocket upgrade requests. Attackers can exploit this unauthenticated flaw to steal cloud credentials, API keys, and access admin panels by targeting internal infrastructure and cloud metadata services. The vulnerability affects Next.js versions 13.4.13 through 16.2.4. Patched versions 15.5.16 and 16.2.5 implement stricter validation for WebSocket requests. Mitigations include avoiding direct internet exposure of origin servers and blocking unnecessary WebSocket requests at reverse proxies. |
| 2026-05-14 2026 | Critical WordPress Plugin Flaw Enables Authentication Bypass AttacksAPI Sec | Writeup of CVE-2026-8181, a critical authentication bypass in Burst Statistics WordPress plugin affecting versions 3.4.0-3.4.1.1, allowing unauthenticated attackers to take administrator control with a single HTTP request by exploiting a flawed return-value check in the `is_mainwp_authenticated()` function. The vulnerability, patched in version 3.4.2, carries a CVSS score of 9.8 and requires only a known administrator username. |
| 2026-05-14 2026 | Critical Windows DNS Client Flaw Enables Remote Code ExecutionRCE | Writeup of CVE-2026-41096, a critical Windows DNS Client heap-based buffer overflow in DNSAPI.dll, allowing attackers to execute arbitrary code remotely without user interaction or prior authentication by returning specially crafted DNS responses. Microsoft released cumulative updates to fix this vulnerability affecting Windows 11, Server 2022, and Server 2025, addressing a significant attack surface and the potential for rapid lateral movement within networks. |
| 2026-05-14 2026 | npm Supply Chain Attack Targets GitHub AWS and Kubernetes CredentialsSupply Chain | Library of techniques for detecting and mitigating the "Shai-Hulud: Here We Go Again" supply chain attack, which compromises npm and PyPI packages to steal GitHub Actions secrets, AWS credentials, Kubernetes service account tokens, and HashiCorp Vault access. The malware self-propagates by injecting malicious code into other packages and features a destructive dead-man's switch that wipes user files if stolen credentials are revoked. |
| 2026-05-14 2026 | TeamPCP and BreachForums Launch $1000 Contest for Supply Chain AttacksSupply Chain | Contest details a $1,000 competition launched by TeamPCP and BreachForums, incentivizing supply chain attacks on open-source packages like npm, PyPI, GitHub Actions, Docker images, and OpenVSX extensions. Participants utilize the Shai-Hulud tool to compromise popular libraries, with scoring based on download counts. This initiative, distinct from previous TeamPCP campaigns targeting AI, manufacturing, and finance, aims to recruit attackers and enhance visibility by gamifying the exploitation of software supply chain trust. |
| 2026-05-14 2026 | New Exim Vulnerability Enables Arbitrary Code Execution AttacksRCE | Writeup of CVE-2026-45185, "Dead.Letter," a critical use-after-free vulnerability in Exim versions 4.97-4.99.2 (GnuTLS builds with STARTTLS and BDAT enabled). This flaw enables unauthenticated remote code execution by corrupting heap memory through a single-byte write primitive, which researchers escalated using glibc heap manipulation or by targeting Exim function pointers. Exploitation is expedited by LLM-assisted exploit generation. Immediate upgrade to Exim 4.99.3 or mitigation by switching to OpenSSL builds or disabling BDAT is recommended. |
| 2026-05-14 2026 | 18-Year-Old NGINX Flaw Enables Remote Code Execution AttacksRCE | Writeup of CVE-2026-42945 (NGINX Rift), an 18-year-old heap buffer overflow in `ngx_http_rewrite_module` enabling unauthenticated RCE. This critical vulnerability, found by AI, affects NGINX versions 0.6.27 through 1.30.0 and various NGINX Plus, Instance Manager, App Protect WAF, and Ingress Controller products. Exploitation involves crafted HTTP requests, and mitigation includes upgrading to NGINX 1.31.0 or 1.30.1 or isolating rewrite and set directives. The analysis also uncovered CVE-2026-42946, CVE-2026-40701, and CVE-2026-42934. |
| 2026-05-14 2026 | New MongoDB Vulnerability Risks Remote Code ExecutionRCE | Library of patches addresses CVE-2026-8053, a critical MongoDB vulnerability enabling remote code execution and potential system compromise. While MongoDB Atlas users are secured, self-hosted deployments running versions 5.0 and later require immediate patching via updated Community and Enterprise builds (7.0.31, 8.0.20, 8.2.7) to prevent data extraction, malware deployment, and network pivoting. |
| 2026-05-13 2026 | Critical Fortinet FortiSandbox Flaw Enables Remote Code ExecutionRCE | Writeup on Fortinet FortiSandbox remote code execution vulnerability, CWE-862. This missing authorization flaw in the web UI allows unauthenticated attackers to execute malicious code on affected on-premises, Cloud, and PaaS environments by sending crafted HTTP requests, bypassing authentication entirely and potentially turning the security appliance into a network intrusion launchpad. |
| 2026-05-13 2026 | Critical Exim GnuTLS Flaw Enables Remote Code ExecutionRCE | Writeup of EXIM-Security-2026-05-01.1, a critical use-after-free vulnerability affecting Exim mail transfer agents compiled with GnuTLS. This flaw allows remote attackers to corrupt server memory and achieve arbitrary code execution by exploiting a specific interaction between the BDAT command and TLS session teardown. The vulnerability, present in Exim versions 4.97 through 4.99.2, is addressed in version 4.99.3. |
| 2026-05-12 2026 | Microsoft Warns Of Compromised mistralai PyPI PackagePython | Library compromise via Mistralai v2.4.6 on PyPI, flagged by Microsoft, demonstrates a sophisticated supply chain attack. This poisoned package executes hidden malicious code upon import, connecting to 83[.]142[.]209[.]194 to download a second-stage payload named transformers.pyz from /tmp, designed to steal credentials and API keys. The malware also installs persistence mechanisms like pgmonitor.py and pgsql-monitor.service. Organizations are urged to isolate affected hosts, block the malicious IP, search for the payload, and rotate credentials immediately. |
| 2026-05-12 2026 | SAP Patches Critical SQL Injection Flaw in SAP S/4HANASQLi | Patching SAP S/4HANA is critical due to CVE-2026-34260, a SQL injection vulnerability allowing attackers to steal, modify, or delete sensitive business records. Another critical flaw, CVE-2026-34263, in SAP Commerce Cloud permits unauthorized access and remote compromise. The May 2026 update also addresses OS command injection (CVE-2026-34259) and other vulnerabilities across SAP Business Objects, NetWeaver, and SAPUI5, emphasizing the need for prompt mitigation to protect enterprise landscapes. |
| 2026-05-12 2026 | Open WebUI File Upload Vulnerability Enables One-Click RCE AttacksRCE | Writeup of Open WebUI file upload vulnerability, detailing a stored XSS flaw enabling 1-click RCE. The vulnerability, discovered by Metin Yunus Kandemir, exploits the backend's failure to validate media types in profile picture uploads, allowing SVG files containing malicious JavaScript. Attackers can craft a payload with a reverse shell, upload it as a profile photo, and then trick users into clicking a malicious link, leading to RCE for privileged users or account takeover for standard users by stealing local storage tokens and chat logs. The vulnerability remains unpatched in version 0.7.2, with mitigation advice including restricting media types in `users.py` and monitoring API activity. |
| 2026-05-12 2026 | Critical Cline AI Agent Vulnerability Enables Remote Code Execution AttacksRCE | Writeup of CVE-2026-44211, a critical vulnerability in the Cline AI Agent's bundled kanban npm package. The flaw, stemming from missing authentication and origin validation in WebSocket endpoints, allows unauthenticated attackers to leak sensitive workspace data, execute arbitrary shell commands via terminal hijack for RCE, and cause denial-of-service by terminating agent sessions. Exploitation is confirmed across multiple operating systems and browsers, with a proof-of-concept available. Mitigation recommendations include Origin header validation, secret token generation, and authentication checks for terminal WebSockets. |
| 2026-05-11 2026 | Critical PHP SOAP Extension Flaw Enables Remote Code Execution AttacksRCE | Writeup detailing critical vulnerabilities in the PHP SOAP extension, including CVE-2026-6722, a Use-After-Free flaw enabling Remote Code Execution by manipulating XML payloads and memory allocation. Additional findings include CVE-2026-7261 (UAF in SoapServer persistence) and CVE-2026-7262 (NULL pointer dereference for DoS). The article also notes out-of-bounds read flaws (CVE-2026-7258, CVE-2026-6104) in PHP core functions, affecting versions before 8.2.31, 8.3.31, 8.4.21, and 8.5.6. |
| 2026-05-11 2026 | New cPanel and WHM Flaws Enable Remote Code Execution and DoS AttacksRCE | Writeup of CVE-2026-29202, CVE-2026-29201, and CVE-2026-29203 impacting cPanel and WHM. The Perl code-injection vulnerability (CVE-2026-29202) allows arbitrary code execution via the create_user API. CVE-2026-29201 enables arbitrary file reads through feature::LOADFEATUREFILE, exposing sensitive data. CVE-2026-29203, a symlink vulnerability, permits local users to execute chmod on arbitrary files, leading to denial-of-service and potential privilege escalation. Emergency patches are available. |
| 2026-05-11 2026 | Python Infostealer Uses GitHub Releases To Bypass Security ToolsPython | Library utilizing GitHub Releases to evade security tools, as seen in Operation HumanitarianBait. This Python infostealer employs social engineering, PowerShell memory execution, PyArmor obfuscation, and fileless operation to harvest browser credentials, keystrokes, and Telegram data. It maintains persistence via scheduled tasks and installs legitimate remote desktop applications for covert access, demanding user vigilance and endpoint monitoring for defense. |
| 2026-05-08 2026 | Multiple Critical Vulnerabilities Patched in Next.js and React Server ComponentsSSRF | Library patches address critical vulnerabilities in Next.js and React Server Components, including CVE-2026-44575 and CVE-2026-44574 for middleware bypasses, CVE-2026-44573 for SSRF in legacy i18n setups, DoS flaws CVE-2026-23870 and CVE-2026-44579, and a critical SSRF in CVE-2026-44578 affecting self-hosted deployments. Developers must update to versions 15.5.16 or 16.2.5. |
| 2026-05-07 2026 | Critical vm2 Vulnerabilities Enable Arbitrary Code Execution AttacksRCE | Library of critical vm2 vulnerabilities enables arbitrary code execution attacks, breaking its sandbox promise. Eleven advisories cover issues up to version 3.11.1, with patches in 3.11.0 and 3.11.1, though two remain unpatched. Exploits leverage internal mechanisms like __lookupGetter__ and WebAssembly's try_table, including CVE-2026-26956 and CVE-2026-43999, allowing attackers to execute host commands via child_process. CVE-2026-44007 allows nested VMs for RCE. Organizations should upgrade and consider alternatives like isolated-vm. |
| 2026-05-07 2026 | Critical Redis Vulnerabilities Enable Remote Code Execution AttacksRCE | Reference of five Redis vulnerabilities, including CVE-2026-23479, CVE-2026-25243, CVE-2026-25588, CVE-2026-25589, and CVE-2026-23631, that enable authenticated attackers to achieve remote code execution. These flaws, primarily in the RESTORE command and impacting modules like RedisTimeSeries and RedisBloom, stem from issues such as use-after-free, double-free, and integer overflows. The article details discovery by Team Xint Code and contributions from researchers like Emil Lerner and Joseph Surin, emphasizing the need for immediate upgrades to patched versions to prevent system compromise. |
| 2026-05-07 2026 | Critical Argo CD Vulnerability Enables Kubernetes Secret ExtractionAPI Sec | Vulnerability in Argo CD (CVE-2026-42880) allows low-privileged users to extract Kubernetes Secrets from etcd by bypassing data-masking in the ServerSideDiff endpoint, especially when compare-options with mutation webhooks are enabled. Exploitation requires minimal skill, with a proof-of-concept script automating the extraction of credentials like service account tokens and API keys. Patched versions 3.3.9 and 3.2.11 are available, and organizations should audit configurations and consider interim mitigations like restricting endpoint access. |
| 2026-05-06 2026 | QLNX Threat Actors Steal Developer Credentials For Supply Chain AttacksSupply Chain | Library that implements Quasar Linux (QLNX) capabilities, a sophisticated Linux remote access trojan targeting developers. QLNX's fileless execution, process spoofing, and credential harvesting—specifically targeting `.npmrc`, `.pypirc`, `.git-credentials`, `.aws/credentials`, `.kube/config`, and `.env` files—facilitate supply chain attacks. It also utilizes a malicious PAM module for password interception and incorporates peer-to-peer networking for resilience. |
| 2026-05-05 2026 | DAEMON Tools Breach Used to Spread Malware in Supply Chain AttackSupply Chain | Writeup detailing a supply chain attack involving trojanized DAEMON Tools installers, signed with legitimate certificates. Attackers compromised core binaries like DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe to deploy a three-stage payload chain: an information collector (envchk.exe), a minimalistic backdoor (cdg.exe), and a sophisticated QUIC RAT implant. The attack leverages typosquatted domains like env-check.daemontools[.]cc and malicious IPs such as 38.180.107[.]76, impacting thousands of users and dozens of organizations globally. |
| 2026-05-05 2026 | Critical Android Zero-Click Vulnerability Grants Attackers Remote Shell AccessMobileRCE | Analysis of CVE-2026-0073, a critical zero-click remote code execution vulnerability in Android System and adbd, allows attackers to gain shell access without user interaction. Exploitation is possible by an attacker within proximity and impacts Android versions 14 through 16, linked to Android bug ID A-469080888. Patches were released by Google in the May 2026 security bulletin, protecting devices with patch level 2026-05-01 or later. |
| 2026-05-05 2026 | Critical Weaver E-cology RCE Flaw Actively Exploited by AttackersRCE | Writeup detailing CVE-2026-22679, a critical RCE vulnerability in Weaver E-cology 10.0 builds before 20260312, actively exploited by attackers. The flaw in a debug endpoint allows unauthenticated remote command execution via improper JSON parameter handling in the Dubbo RPC framework, leading to JVM-level command execution. Exploitation tactics observed include ping.exe callbacks, PowerShell payload delivery (vsgbt.exe, hjchhb.exe disguised as nvm.exe), MSI deployment attempts, and evasion techniques like renamed powershell.exe. The vendor patched the issue by removing the debug endpoint. |
| 2026-05-05 2026 | Critical Qualcomm Chip Flaws Could Allow Remote Code Execution AttacksMobileRCE | Bulletin disclosing critical Qualcomm chip flaws, including CVE-2026-25254 (CVSS 9.8) in the Software Center enabling unauthenticated remote code execution, and CVE-2026-25293 (CVSS 9.6) in powerline communication firmware allowing adjacent network attacks. These vulnerabilities affect smartphones, automotive, and IoT systems, with local flaws like CVE-2026-25262 impacting bootloader integrity. Patches are available but deployment timelines vary, leaving devices exposed. |
| 2026-05-04 2026 | Critical Apache MINA Flaws Enable Remote Code Execution AttacksRCE | Writeup detailing CVE-2026-42778 and CVE-2026-42779, critical vulnerabilities in Apache MINA versions prior to 2.2.7 and 2.1.12. These flaws enable remote code execution through insecure deserialization of untrusted data via the `AbstractIoBuffer.resolveClass()` and `AbstractIoBuffer.getObject()` methods, leading to potential system compromise and data breaches. The Apache MINA Project Management Committee noted these fixes were inadvertently omitted in prior releases. |
| 2026-05-04 2026 | Cybercriminals Abuse Tanstack Package To Target Developer EnvironmentsSupply Chain | Writeup detailing a supply chain attack where cybercriminals registered a malicious npm package named "tanstack," impersonating the legitimate TanStack project. This fake package, updated rapidly through versions 2.0.4 to 2.0.7, contained a postinstall hook that stole sensitive environment files like `.env` and `.env.local`, exfiltrating secrets such as AWS keys and API tokens via Svix webhooks. Immediate credential rotation for any exposed `.env` files is critical. |
| 2026-05-04 2026 | FreeBSD DHCP Client Flaw Allows Remote Code Execution as RootRCE | Advisory on CVE-2026-42511, a critical flaw in FreeBSD's default IPv4 DHCP client, dhclient(8). This vulnerability allows local network attackers to execute arbitrary code as root by crafting malicious DHCP server responses. Exploitation involves injecting directives into network configuration files via improperly handled double quotes in the BOOTP file field, which are then executed by dhclient-script(8) upon lease reprocessing. Attackers can leverage MITRE ATT&CK T1557 (Adversary-in-the-Middle) and T1059 (Command and Scripting Interpreter). Patches are available, and DHCP snooping is recommended as a network-level mitigation. |
| 2026-05-01 2026 | Multiple Wireshark Flaws Allow Remote Code Execution via Malformed PacketsRCE | Writeup on critical Wireshark vulnerabilities, including CVE-2026-5402 (TLS dissector heap overflow), CVE-2026-5403 (SBC audio codec crash), CVE-2026-5405 (RDP dissector crash), and CVE-2026-5656 (profile import code execution). These flaws allow remote code execution via malformed packets in network captures or through crafted PCAP files, posing a significant risk to security professionals analyzing untrusted data. Version 4.6.5 addresses over 40 vulnerabilities, including DoS issues impacting protocols like SMB2 and HTTP. |
| 2026-05-01 2026 | Spyware-as-a-Service Platform Enables Rebranding and Resale Of Android MalwareMobile | Platform offering KidsProtect spyware-as-a-service allows rebranding and resale of Android malware. Security researchers discovered this clear-web hacking forum advertisement, detailing subscription access and a white-label reseller plan. The stealthy spyware can record calls, stream audio, track GPS, read messages, capture notifications from apps like WhatsApp, log keystrokes, access contacts and photos, and remotely activate cameras. It employs a "parental control" disguise, hides with names like "WiFi Service," and features "Impossible Anti-Uninstall" functionality, making it difficult to remove without attacker dashboard access. The reseller model lowers the barrier for entry for cybercriminals, enabling easier scaling and propagation of Android surveillance malware. |
| 2026-05-01 2026 | Supply Chain Attack Targets GitHub Actions via Malicious Ruby Gems and Go ModulesSupply Chain | Analysis of a supply chain attack targeting GitHub Actions via malicious Ruby Gems and Go modules. Threat actors leveraged deceptive packages, such as "knot-activesupport-logger" and "github[.]com/BufferZoneCorp/go-metrics-sdk," to compromise developer machines and CI pipelines by stealing SSH keys and AWS credentials, manipulating environment variables, disabling checksum verification, and establishing persistent backdoor access through SSH authorized_keys manipulation. |
| 2026-05-01 2026 | PoC Released for Critical ASUSTOR ADM Root RCE VulnerabilityRCE | Writeup of CVE-2026-6644, a critical OS command injection vulnerability in ASUSTOR ADM’s PPTP VPN Client, allowing authenticated administrators to achieve root-level command execution. The flaw, present in ADM 4.1.0 through 5.1.2, stems from unsanitized input in the PPTP server address parameter of the `/portal/apis/settings/vpn.cgi` script, leading to pppd configuration file manipulation. Patched versions include ADM 5.1.3.RGO1, and mitigations involve updating firmware, blocking WAN exposure, changing default credentials, and disabling unused services like PPTP VPN. |
| 2026-04-30 2026 | Google Gemini CLI Flaw Enables Command Execution on Hosts systemsRCE | Vulnerability in Google Gemini CLI allows unauthenticated remote code execution, enabling supply-chain attacks on CI/CD pipelines. Discovered by Novee Security, this CVSS 10.0 flaw affects the `@google/gemini-cli` package and `google-github-actions/run-gemini-cli` GitHub Action. Attackers can exploit it by submitting crafted configuration files in pull requests, causing the CLI to execute arbitrary commands on the host system without AI model interaction. Patches are available in `@google/gemini-cli` versions 0.39.1 and 0.40.0-preview.3, and `google-github-actions/run-gemini-cli` version 0.1.22. |
| 2026-04-30 2026 | Jenkins Patches High-Severity Plugin Vulnerability Including Path Traversal and Stored XSSXSS | Library update patches Jenkins plugins for critical vulnerabilities including CVE-2026-42520 (path traversal leading to RCE in Credentials Binding Plugin), CVE-2026-42523 (stored XSS in GitHub Plugin), and CVE-2026-42524 (stored XSS in HTML Publisher Plugin). Patched versions and mitigation strategies are detailed for these high-severity flaws. |
| 2026-04-30 2026 | Qinglong Vulnerabilities Enable RCE Exploited in AttacksRCE | Writeup of Qinglong RCE vulnerabilities, CVE-2026-3965 and CVE-2026-4047, detailing authentication bypasses via URL rewriting and case-sensitive path mismatches. Threat actors are actively exploiting these flaws in the open-source task scheduler to deploy cryptomining malware by resetting admin credentials or directly executing commands, leading to widespread infections on exposed servers. Exploitation began prior to official disclosure, with attackers camouflaging malicious binaries as legitimate processes. The writeup highlights the security anti-pattern of middleware and routing disagreement leading to trivial bypasses. |
| 2026-04-30 2026 | Fake TanStack npm Package Exfiltrates Sensitive Developer DataSupply Chain | Library that impersonates the legitimate TanStack npm package and exfiltrates sensitive developer environment variables. This supply-chain attack, detected by the Socket Research Team, involved malicious updates to the unscoped "tanstack" package, targeting files like `.env` and `readme` documents across versions 2.0.4 through 2.0.7, with one variant silently suppressing system logs. The incident also affected the dependent package "portalapp" version 1.0.0. |
| 2026-04-30 2026 | ProFTPD SQL Injection Flaw Enables Remote Code ExecutionRCESQLi | Writeup of CVE-2026-42167, a critical SQL injection flaw in ProFTPD's mod_sql extension enabling remote code execution, authentication bypass, and privilege escalation before authentication. This vulnerability, exploitable via crafted usernames in the USER command by manipulating % expansions in SQL logging, affects numerous internet-exposed ProFTPD instances, many bundled with web hosting control panels like cPanel and Plesk. A patch is available in ProFTPD version 1.3.9a. |
| 2026-04-29 2026 | Critical Cursor Vulnerability Exposes Developer Workstations To Remote Code ExecutionRCE | Vulnerability in Cursor (CVE-2026-26268) allows RCE on developer workstations. Attackers exploit Git Hooks and bare repositories, embedding malicious pre-commit scripts within untrusted repositories. Cursor's AI agent, triggered by repository rules or autonomous Git operations like checkouts, executes these hidden scripts, bypassing traditional human action requirements and expanding the attack surface to include AI-assisted workflows and untrusted code processing. |
| 2026-04-29 2026 | Critical Google Chrome Flaws Allow Remote Code Execution ExploitsRCE | Writeup on critical Google Chrome flaws addressed in version 147.0.7727.137/138, detailing multiple use-after-free vulnerabilities like CVE-2026-7363 in Canvas and CVE-2026-7361 on iOS, alongside memory corruption issues such as heap buffer overflows in Skia (CVE-2026-7353) and type confusion in V8 (CVE-2026-7337). These flaws, discovered using tools like AddressSanitizer and libFuzzer, enable remote code execution through crafted web pages and can be chained for exploit scenarios. |
| 2026-04-28 2026 | Hugging Face LeRobot Vulnerability Enables Unauthenticated Remote Code Execution AttacksRCESupply Chain | Writeup of CVE-2026-25874, a critical RCE vulnerability in Hugging Face's LeRobot framework, enabling unauthenticated attackers to execute arbitrary system commands. The flaw stems from the use of Python's unsafe `pickle.loads()` for deserializing data across gRPC endpoints, compounded by insecure TLS and authentication configurations. Attackers can exploit this by crafting malicious payloads that execute code during deserialization, before validation. Mitigation involves replacing `pickle` with secure alternatives, enabling TLS, and enforcing authentication. |
| 2026-04-28 2026 | Critical LiteLLM SQL Injection Vulnerability Exploited in the WildSQLi | Writeup on CVE-2026-42208, a critical pre-authentication SQL injection vulnerability in the LiteLLM gateway. Threat actors are actively exploiting this flaw to steal API keys and provider credentials by injecting malicious SQL commands due to improper handling of the Authorization header and a failure to use parameterized queries. Exploitation attempts, observed within 36 hours of disclosure, involved column enumeration and IP rotation, targeting tables like LiteLLM_VerificationToken and litellm_credentials to gain access to AI services. Administrators must upgrade to LiteLLM version 1.83.7 and rotate all compromised credentials. |
| 2026-04-28 2026 | ClickUp Hardcoded API Key Exposes 959 Emails from Fortune 500 GiantsAPI SecSecrets | Writeup detailing a hardcoded Split.io SDK token within ClickUp's JavaScript bundle, which allowed an attacker to access 959 employee email addresses from Fortune 500 companies and government organizations. The incident also uncovered a Server-Side Request Forgery (SSRF) vulnerability in ClickUp's webhook functionality, enabling unauthorized internal requests to services like AWS metadata, potentially leading to cloud infrastructure compromise. |
| 2026-04-27 2026 | Nessus Agent Vulnerability on Windows Allows Arbitrary Code Execution as SYSTEMRCE | Writeup of CVE-2026-33694 details a critical vulnerability in Nessus Agent for Windows, allowing local attackers to achieve arbitrary code execution as SYSTEM by exploiting improper link resolution (CWE-59, "Link Following"). Attackers can leverage Windows junctions to trick the agent into deleting critical system files, leading to privilege escalation. Tenable has released version 11.1.3 to address this high-severity flaw, which has a low attack complexity and requires only low-level user privileges. |
| 2026-04-27 2026 | Multiple OpenClaw Vulnerabilities Enable Policy Bypass and Host Override AttacksAPI Sec | Library updates address three moderate-severity vulnerabilities in OpenClaw, an AI agent framework, impacting npm package versions prior to 2026.4.20. Exploits could allow policy bypass via prompt injection to override sandbox policies and filesystem protections, tool bypass by bundled MCP and LSP components despite deny lists, and credential exposure through a malicious .env file that overrides MINIMAX_API_HOST, leading to API key leakage. Administrators must upgrade to version 2026.4.20. |
| 2026-04-27 2026 | Critical Gemini CLI Vulnerability Enables Remote Code Execution AttacksRCE | Library for securing Gemini CLI and its GitHub Action, addressing critical GHSA-wpqr-6v78-jr5g vulnerability. This flaw enables remote code execution by exploiting untrusted workspace auto-trust in headless mode, bypassed tool allowlists in "Yolo" mode, and improper input validation leading to command injection. Updated versions require explicit trust configurations and enforce strict allowlists to protect CI/CD pipelines and software supply chains from malicious code execution and credential theft. |
| 2026-04-27 2026 | PoC Exploit Released for Critical Metabase Enterprise RCE VulnerabilityRCE | Exploit for CVE-2026-33725, a critical Metabase Enterprise RCE vulnerability, is now public. This flaw stems from an H2 JDBC INIT injection during serialization imports, allowing attackers to execute arbitrary code and access files. Researchers at Hakai Security released a Python PoC on GitHub that automates the exploit chain, significantly increasing the risk for unpatched Metabase Enterprise versions 1.47.0 through 1.59.3. Immediate patching to versions 1.59.4, 1.58.10, or 1.57.16 is strongly advised. |
| 2026-04-24 2026 | Critical Python Vulnerability Enables Out-of-Bounds Write on Windows SystemsPython | Analysis of CVE-2026-3298, a critical out-of-bounds write vulnerability in Python's asyncio module on Windows. The flaw in `sock_recvfrom_into()` allows attackers to trigger memory corruption and potential code execution by sending oversized network data. This affects applications using the default `ProactorEventLoop` since Python 3.8. A patch has been submitted to CPython. |
| 2026-04-24 2026 | Bitwarden CLI Hit by Supply Chain Attack Through GitHub ActionsSupply Chain | Writeup detailing a supply chain attack on the Bitwarden CLI, where malicious code was injected into the `@bitwarden/cli` npm package via a compromised GitHub Actions workflow. The payload harvested GitHub tokens, cloud credentials (AWS, Azure, GCP), npm tokens, and SSH keys, communicating with C2 infrastructure linked to prior Checkmarx attacks. The malware exhibited a Russian locale kill switch and exfiltrated data to specially named GitHub repositories, referencing the "Dune" franchise. |
| 2026-04-23 2026 | New LMDeploy Vulnerability Exploited in the Wild Just 12 Hours After Public AdvisoryAPI Sec | Writeup of CVE-2026-33626, a Server-Side Request Forgery (SSRF) vulnerability in LMDeploy, which was weaponized in the wild just 12 hours after its GitHub advisory. The flaw in the `load_image()` function allows attackers to coerce LMDeploy servers to make HTTP requests to internal networks, cloud metadata services, or other protected endpoints, as demonstrated by attempts to exfiltrate AWS IAM credentials and probe internal services like Redis and MySQL. Exploitation occurred rapidly without public proof-of-concept code, highlighting a growing trend in AI infrastructure attacks. |
| 2026-04-23 2026 | Xinference PyPI Package Compromised With Malicious Code to Steal Cloud CredentialsSupply Chain | Library compromise impacting Xinference versions 2.6.0 through 2.6.2 on PyPI, discovered after a user reported suspicious behavior. Malicious code, obfuscated and executed upon import, acts as an infostealer targeting cloud credentials (AWS, Google Cloud), Kubernetes tokens, SSH keys, API keys, database credentials, cryptocurrency wallets, and more, exfiltrating data to `whereisitat[.]lucyatemysuperbox[.]space`. The attack leveraged a hijacked account named "XprobeBot" and potentially impersonates "TeamPCP." Developers are advised to downgrade to 2.5.0, rotate credentials, enable MFA, and audit access logs. |
| 2026-04-22 2026 | Firefox 150 Released With Fixes for Multiple Code Execution VulnerabilitiesRCE | Release of Firefox 150, patching 41 vulnerabilities including high-severity flaws CVE-2026-6746 (DOM) and CVE-2026-6747 (WebRTC), which enable remote code execution through use-after-free and uninitialized memory bugs. This update also addresses memory corruption in Web Codecs, Canvas2D, WebRender, and privilege escalation flaws. AI tools assisted in identifying some of these vulnerabilities. |
| 2026-04-22 2026 | Critical Spring Authorization Server Flaw Enables XSS Privilege Escalation and SSRFSSRF | Vulnerability CVE-2026-22752 in Spring Authorization Server, specifically affecting deployments with Dynamic Client Registration enabled, allows attackers to register malicious OAuth clients. This flaw can lead to stored XSS, privilege escalation, and SSRF attacks by exploiting improperly validated client metadata, with a high CVSS score indicating significant remote exploitability and impact. Affected versions include Spring Security 7.0.0-7.0.4 and Spring Authorization Server 1.3.0-1.3.10, 1.4.0-1.4.9, and 1.5.0-1.5.6. |
| 2026-04-21 2026 | Lovable AI App Builder Reportedly Exposes Thousands of Project Data via API FlawAPI Sec | Analysis of an API flaw in the Lovable AI app builder reveals potential exposure of sensitive project data, including source code, credentials, and user information. The vulnerability, reportedly exploitable by free account users, stems from inconsistent API security implementation that fails to protect projects created before November 2025. Researchers demonstrated that older projects return "200 OK" responses for unauthorized access attempts, whereas newer projects correctly return "403 Forbidden." Exposed data can include AI conversation histories containing technical details and customer information, potentially impacting employees from major technology companies like Nvidia, Microsoft, Uber, and Spotify. |
| 2026-04-21 2026 | Hackers Could Weaponize GGUF Models to Achieve RCE on SGLang Inference ServersRCE | Writeup of CVE-2026-5760 in SGLang, detailing how attackers can achieve Remote Code Execution (RCE) by weaponizing malicious GGUF model files. The vulnerability stems from Server-Side Template Injection (SSTI) in SGLang's reranking functionality, exploiting an insecure Jinja2 configuration to execute arbitrary Python code within the inference server. This flaw, similar to "Llama Drama" (CVE-2024-34359) and vLLM vulnerabilities, highlights supply chain risks in AI and emphasizes treating model files as untrusted input. |
| 2026-04-21 2026 | CISA Warns Axios npm Package Was Compromised in Major Supply Chain AttackSupply Chain | Warning from CISA detailing a major supply chain attack on the Axios npm package, versions 1.14.1 and 0.30.4, which contained a malicious dependency, plain-crypto-js v4.2.1. This injected malware, a remote access trojan (RAT), allowing attackers to steal sensitive data and gain persistent access to compromised systems. Recommendations include downgrading Axios, removing the malicious `node_modules/plain-crypto-js/` directory, revoking and rotating exposed credentials, and implementing security controls like `ignore-scripts=true` and `min-release-age=7` in `.npmrc`. |
| 2026-04-20 2026 | iTerm2 Flaw Abuses SSH Integration Escape Sequences to Turn Text Into Code ExecutionRCE | Library that details a vulnerability in iTerm2, enabling arbitrary code execution by abusing SSH integration and terminal escape sequences. Attackers can embed malicious sequences in text files or server responses, impersonating the SSH conductor. When iTerm2 blindly trusts this output, it attempts to send commands back via the local pseudoterminal, which the local shell interprets as direct commands, potentially executing malicious executables at crafted `sshargs` file paths. This flaw, tracked by commit `a9e74599`, exploits trust assumptions in terminal emulators. |
| 2026-04-20 2026 | Critical Anthropic MCP Vulnerability Enables Remote Code Execution AttacksAI | Writeup of critical Anthropic MCP vulnerabilities, identified by OX Security, enabling remote code execution and data exfiltration. The flaws, present across MCP SDKs for Python, TypeScript, Java, and Rust, affect over 150 million downloads and 200,000 servers. Exploitation paths include unauthenticated UI injection in AI frameworks, security hardening bypasses in platforms like Flowise, zero-click prompt injection targeting AI IDEs like Windsurf and Cursor, and malicious payload distribution through MCP registries, with CVE-2026-30615 and CVE-2026-30623 being notable examples. OX Security has developed detection capabilities for insecure MCP configurations. |
| 2026-04-17 2026 | PoC Exploit Released for FortiSandbox Vulnerability that Allows attacker to execute commandsRCE | Writeup detailing CVE-2026-39808, a critical Fortinet FortiSandbox vulnerability. This flaw allows unauthenticated remote command execution with root privileges by manipulating the `jid` GET parameter on the `/fortisandbox/job-detail/tracer-behavior` endpoint. A publicly released PoC exploit leverages this input validation issue to inject commands, exfiltrate output to the web root, and execute arbitrary system commands. Exploitable versions include FortiSandbox 4.4.0 through 4.4.8, with active exploitation anticipated due to the readily available exploit code. |
| 2026-04-17 2026 | Hugging Face Abused To Spread Blockchain-Based Backdoor In CVE-2026-39987 AttacksRCE | Library for detecting and analyzing CVE-2026-39987 exploits, which target the Marimo Python notebook platform for remote code execution. Attackers leverage this vulnerability to deploy a variant of the NKAbuse malware, hosted on Hugging Face Spaces, to perform credential harvesting, lateral movement through database enumeration and Redis scanning, and DNS exfiltration. The malware utilizes the NKN blockchain for resilient command-and-control. |
| 2026-04-16 2026 | Critical Cisco ISE Vulnerabilities Let Remote Attackers Execute Malicious CodeRCE | Advisory on CVE-2026-20147 and CVE-2026-20148, critical vulnerabilities in Cisco Identity Services Engine (ISE) and ISE-PIC. CVE-2026-20147, a critical RCE flaw with CVSS 9.9, allows authenticated attackers to execute arbitrary commands and gain root privileges via improper HTTP request input validation. CVE-2026-20148, a medium path traversal flaw (CVSS 4.9), permits authenticated attackers to read sensitive system files. Exploitation impacts network access policy enforcement and authentication. Cisco urges immediate software updates for affected versions. |
| 2026-04-16 2026 | Critical Chrome Vulnerabilities Let Attackers Execute Arbitrary CodeRCE | Advisory about 31 Chrome vulnerabilities, including five critical ones, patched in version 147.0.7727.101/102. These flaws, primarily memory safety bugs like use-after-free and heap buffer overflows in components such as ANGLE (CVE-2026-6296, $90,000 bounty) and Proxy (CVE-2026-6297, $10,000 bounty), allow arbitrary code execution via crafted HTML. Users should update immediately. |
| 2026-04-15 2026 | Windows Active Directory Vulnerability Allows Attackers to Execute Malicious CodeRCE | Writeup detailing CVE-2026-33826, a critical Windows Active Directory vulnerability allowing authenticated attackers to remotely execute malicious code. This flaw, stemming from improper input validation (CWE-20), offers low complexity exploitation via crafted RPC calls within adjacent networks, granting system-level execution. Microsoft has released patches, including KB5082063 and KB50820142, and recommends monitoring RPC traffic and auditing access logs for remediation. |
| 2026-04-14 2026 | Critical etcd Auth Bypass Flaw Lets Attackers Access Sensitive Cluster APIs Without AuthorizationAuthZ | Library for etcd, the distributed key-value store powering Kubernetes, addresses CVE-2026-33413, an 8.8 CVSS critical authentication bypass. Discovered by the AI security agent Strix, this flaw allows unauthorized users to invoke sensitive cluster management APIs like Maintenance.Alarm, KV.Compact, and Lease.LeaseGrant without valid credentials, potentially leading to data loss, denial of service, or system compromise. The vulnerability was fixed in etcd's March 2026 security update. |
| 2026-04-14 2026 | Critical ShowDoc RCE Vulnerability Actively Exploited in the WildRCE | Writeup of CNVD-2020-26585, a critical unauthenticated remote code execution vulnerability in ShowDoc versions prior to 2.8.7. Attackers can exploit an unrestricted file upload mechanism by sending crafted POST requests to the `/index.php?s=/home/page/uploadImg` path, uploading arbitrary files disguised as test.<>php to bypass filters. Successful exploitation allows arbitrary command execution, data exfiltration, lateral movement, and further malware deployment, with proof-of-concept exploits demonstrating successful code execution. |
| 2026-04-14 2026 | SAP Patch Day Fixes Critical SQL Injection DoS and Code Injection FlawsSQLi | Notes detail critical SQL injection (CVE-2026-27681, CVSS 9.9) in SAP Business Planning and Consolidation and SAP Business Warehouse, along with missing authorization (CVE-2026-34256) in SAP ERP and S/4HANA. Medium-severity flaws include denial of service (CVE-2025-64775) in SAP BusinessObjects and code injection (CVE-2026-27674) in SAP NetWeaver AS Java. Administrators must apply Security Note 3719353 and other patches to mitigate these risks. |
| 2026-04-14 2026 | CISA Warns of Fortinet SQL Injection Flaw Actively Exploited in AttacksSQLi | Advisory on CVE-2026-21643, a critical unauthenticated SQL injection (CWE-89) vulnerability affecting Fortinet's FortiClient Enterprise Management Server, is actively exploited in real-world attacks. CISA has added this flaw to its Known Exploited Vulnerabilities catalog, mandating immediate patching or mitigation for organizations to prevent unauthorized code execution and system compromise. |
| 2026-04-14 2026 | SAP Patch Day Fixes Critical SQL Injection DoS and Code Injection FlawsSQLi | Library of SAP security notes addressing critical flaws including CVE-2026-27681, a SQL injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse, and CVE-2026-34256, an authorization bypass in SAP ERP and SAP S/4HANA. Further patches mitigate denial of service via CVE-2025-64775 in SAP BusinessObjects, code injection in SAP NetWeaver Application Server Java (CVE-2026-27674) and SAP Landscape Transformation (CVE-2026-27675), and cross-site scripting in SAP Supplier Relationship Management (CVE-2026-0512). |
| 2026-04-13 2026 | Critical Axios Vulnerability Allows Remote Code ExecutionRCE | Library vulnerability CVE-2026-40175 in Axios, versions prior to 1.13.2, allows for Remote Code Execution and infrastructure compromise. This flaw stems from unrestricted header handling and lack of input sanitization (CWE-113) within `lib/adapters/http.js`. Exploitation requires JavaScript prototype pollution, often in conjunction with SSRF (CWE-918) and HTTP Request Smuggling (CWE-444), to bypass AWS IMDSv2 protections, exfiltrate credentials, and gain full cloud environment control. Upgrading to Axios 1.15.0 or later is essential. |
| 2026-04-13 2026 | Marimo RCE Vulnerability Exploited Within 10 Hours of Public DisclosureRCE | Writeup detailing the rapid exploitation of Marimo's RCE vulnerability (CVE-2026-39987, CVSS 9.3) occurring less than 10 hours after public disclosure. This critical flaw in the Python notebook platform allows unauthenticated attackers to gain a full interactive shell via the /terminal/ws endpoint in versions prior to 0.20.4. Attackers were observed exfiltrating sensitive data like AWS credentials by simply establishing a WebSocket connection, demonstrating the increasing speed of weaponized exploits, potentially accelerated by AI automation, without needing public proof-of-concept code. |
| 2026-04-11 2026 | Single Line of Code Can Jailbreak 11 AI Models Including ChatGPT, Claude, GeminiAI | Technique for jailbreaking 11 AI models including ChatGPT, Claude, and Gemini, dubbed "sockpuppeting," exploits assistant prefill API features. This attack injects a fake response prefix, tricking models into generating prohibited content and even revealing system prompt leakage, with Google's Gemini 2.5 Flash showing a 15.7% success rate. While some providers have implemented protections, self-hosted environments using frameworks like Ollama and vLLM remain vulnerable without explicit API-level validation. |
| 2026-04-10 2026 | GitLab Fixes Critical Bugs Allowing DoS and Code Injection AttacksAPI Sec | Library updates from GitLab address critical vulnerabilities, including CVE-2026-5173 enabling code injection by bypassing WebSocket access controls, and denial-of-service flaws like CVE-2026-1092 in the Terraform state lock API and CVE-2025-12664 in the GraphQL API. Additional fixes target CVE-2026-1516 for code injection in Code Quality reports, CVE-2026-4332 for XSS in analytics, and information disclosure issues, urging immediate patching of self-managed instances. |
| 2026-04-10 2026 | Critical Python PLY Library Vulnerability Enables RCEPython | Writeup of CVE-2025-56005 in Python PLY, detailing how an undocumented `picklefile` parameter in `ply.yacc.yacc()` allows remote code execution. This vulnerability, discovered by Ahmed Abd, leverages Python's `pickle.load()` to deserialize untrusted `.pkl` files, executing arbitrary code during parser initialization. The exploit involves crafting a malicious pickle payload that runs an OS command via `__reduce__()` when `yacc(picklefile='exploit.pkl', ...)` is invoked. Risk is elevated in environments caching, sharing, or auto-generating parser tables, and mitigation involves avoiding the `picklefile` parameter and treating all pickle files as untrusted. |
| 2026-04-10 2026 | 50,000+ WordPress Sites at Risk from Critical Ninja Forms RCERCE | Writeup of CVE-2026-0740, a critical RCE vulnerability in the Ninja Forms File Upload plugin affecting over 50,000 WordPress sites. The flaw allows unauthenticated attackers to upload and execute malicious PHP scripts by bypassing file type validation and exploiting path traversal techniques. A partial fix was released in version 3.3.25, with a full patch in 3.3.27. |
| 2026-04-09 2026 | Multiple SonicWall Vulnerabilities Enable SQL Injection and Privilege EscalationSQLi | Writeup detailing multiple SonicWall vulnerabilities, including SQL injection (CVE-2026-4112) enabling privilege escalation for authenticated users, credential enumeration (CVE-2026-4113), and Unicode encoding flaws (CVE-2026-4114, CVE-2026-4116) permitting Time-based One-Time Password bypass. These issues affect SMA1000 series appliances and require immediate patching by upgrading to platform-hotfix 12.4.3-03387 or 12.5.0-02624 and later releases. |
| 2026-04-08 2026 | Claude Discovers 13-Year-Old RCE Vulnerability in Apache ActiveMQ Within MinutesRCE | Library for Apache ActiveMQ Classic that details CVE-2026-34197, a 13-year-old remote code execution vulnerability. The flaw leverages the Jolokia REST API interface to expose JMX operations, allowing attackers to abuse the `addNetworkConnector` function with a crafted `vm://` URI to load and execute malicious remote configuration files. Exploitation typically requires administrative access, but CVE-2024-32114 in specific versions removes this authentication requirement, enabling unauthenticated RCE. Recommendations include upgrading to fixed versions, changing default credentials, and monitoring logs for suspicious patterns. |
| 2026-04-07 2026 | Critical CUPS Vulnerability Chain Allows Remote Code Execution as RootRCE | Writeup on CVE-2026-34980 and CVE-2026-34990, a critical vulnerability chain in the Common Unix Printing System (CUPS) that allows unauthenticated remote code execution and subsequent local privilege escalation to root. The first flaw enables RCE via improper input sanitization on PostScript print queues, while the second leverages a race condition to overwrite system files with root privileges. Mitigations include disabling network access, enforcing authentication, and deploying AppArmor or SELinux. |
| 2026-04-07 2026 | Critical Flaw in Windmill Developer Platform Allows Remote Code ExecutionRCE | Writeup of Windmill RCE vulnerabilities CVE-2026-29059 and an authenticated SQL injection flaw, alongside a misconfiguration in Nextcloud Flow, enabling unauthenticated attackers to achieve RCE and full system control. The "Windfall" exploit framework, developed by Chocapikk, automates these attacks and features a "Ghost Mode" to evade detection. Related vulnerabilities CVE-2026-23695, CVE-2026-23696, CVE-2026-23697, and CVE-2026-23698 are also mentioned. |
| 2026-04-07 2026 | Poisoned Axios Package Linked To Cross-Platform Malware Delivery CampaignSupply Chain | Library for identifying software supply chain attacks, detailing the malicious Axios versions (1.14.1, 0.30.4) that delivered a cross-platform Remote Access Trojan via a phantom dependency technique (plain-crypto-js) and an obfuscated setup.js script. The attack leveraged compromised package manager accounts and bypassed GitHub Actions, highlighting the risks of dynamic version ranges and the importance of strict version pinning and ignoring automated installation scripts. |
| 2026-04-06 2026 | Researchers Uncover 36 Rogue npm Packages Delivering Redis RCE and Persistent MalwareSupply Chain | Library of 36 malicious npm packages targeting Strapi content management systems, employing sophisticated supply-chain attacks. These packages, mimicking legitimate plugins, use “postinstall” scripts for automatic execution, enabling remote code execution (RCE) via Redis exploits and Docker container escapes. Variants deployed diverse malware, searched for sensitive data including .env files and wallet information, and established persistent command-and-control infrastructure through cron jobs and background processes. |
| 2026-04-02 2026 | Critical Cisco Smart Software Manager Vulnerability Enables Arbitrary Command ExecutionRCE | Writeup on CVE-2026-20160, a critical unauthenticated remote code execution vulnerability in Cisco Smart Software Manager On-Prem. This flaw, with a CVSS score of 9.8, allows attackers to gain root privileges on enterprise license management infrastructure by sending specially crafted HTTP requests to an exposed internal service. Exploitation requires no authentication and enables arbitrary command execution, posing an extreme risk for lateral movement, data exfiltration, and network takeover. Administrators must immediately upgrade to SSM On-Prem version 9-202601, as no workarounds are available. |
| 2026-03-30 2026 | Stored XSS Flaw in Jira Work Management Could Enable Full Org CompromiseXSS | Writeup detailing a Stored XSS vulnerability in Atlassian Jira Work Management. Researchers discovered that a Product Admin can inject JavaScript into the custom issue priority's Icon URL field, as no backend validation or sanitization is performed. This allows attackers to persistently store malicious code that executes when administrators view the Issues settings page, potentially enabling full organization takeover by silently inviting attacker-controlled users. The writeup highlights the dangers of Stored XSS when combined with administrative workflows and the importance of robust backend validation and access control scrutiny. |
| 2026-03-20 2026 | Russian APT Exploits Zimbra XSS In GhostMail Attacks On Ukrainian GovernmentXSS | Writeup of Operation GhostMail, a campaign targeting the Ukrainian State Hydrology Agency by exploiting CVE-2025-66376, a stored XSS vulnerability in Zimbra Collaboration Suite. The attack, attributed to APT28, leverages specially crafted HTML tags to bypass Zimbra's AntiSamy filter and execute a JavaScript payload within the victim's browser, leading to data exfiltration via Zimbra's SOAP API and DNS queries. |
| 2026-03-17 2026 | Angular XSS Vulnerability Puts Thousands of Web Apps at RiskXSS | Writeup on CVE-2026-32635, a high-severity cross-site scripting vulnerability in Angular's core framework and compiler components. The flaw, also identified as GHSA-g93w-mfhg-p222, arises from a bypass of Angular's sanitization mechanisms when internationalization attributes are used with security-sensitive HTML bindings like href, src, and formaction. This allows attackers to inject arbitrary JavaScript, leading to session hijacking, data exfiltration, and unauthorized actions. Affected Angular versions include 17 through 22 pre-release builds, with patches available for some but not older LTS branches. Developers should upgrade, avoid binding untrusted input to sensitive attributes with i18n attributes, or use DomSanitizer. |
| 2026-03-03 2026 | Severe XSS Vulnerability in Angular i18n Enables Malicious Script InjectionXSS | Writeup of CVE-2026-27970, a severe XSS vulnerability in Angular's i18n system, allowing attackers to inject malicious JavaScript via tampered translation files (.xliff, .xtb). This flaw bypasses Angular's sanitization, enabling upstream supply-chain attacks that can lead to data theft or app sabotage. Recommendations include immediate patching to Angular versions 19.2.19 or later, manual vetting of translations, and implementing defenses like CSP headers, Trusted Types, and Angular's DomSanitizer. |
| 2026-03-02 2026 | Angular SSR Flaw Lets Attackers Trigger Unauthorized Server-Side RequestsSSRF | Library patch addressing CVE-2026-27739, a critical SSRF vulnerability in Angular SSR, allowing attackers to trigger unauthorized requests to arbitrary servers. The flaw, rooted in unvalidated user-controlled headers like Host and X-Forwarded-*, enables header injection and internal network attacks. Affected versions require immediate upgrade to patched releases, with workarounds including switching to absolute URLs and implementing middleware validation for headers. |
| 2026-02-28 2026 | Stored XSS Flaw in RustFS Console Leaks Admin S3 CredentialsXSS | Writeup on GHSA-v9fg-3cr2-277j, a stored XSS vulnerability in RustFS Console affecting versions before 1.0.0-alpha.82. Attackers can upload crafted HTML files disguised as PDFs to steal admin S3 credentials stored in localStorage via the preview modal, leading to full account takeover. The vulnerability exploits the lack of origin isolation and content-type validation. Mitigation involves upgrading RustFS, separating S3 and console origins, implementing Content-Security-Policy and X-Content-Type-Options headers, and server-side validation. |
| 2026-02-26 2026 | Mozilla Releases Firefox 148 With New Sanitizer API to Block XSS AttacksXSS | Library of standardized Sanitizer API introduced in Firefox 148, offering developers a built-in tool to combat Cross-Site Scripting (XSS) vulnerabilities. This API replaces the vulnerable `innerHTML` with a `setHTML()` method, parsing untrusted content and stripping dangerous elements like `<script>` and event attributes. Developers can define custom allowlists with `SanitizerOptions` and integrate it with Trusted Types for layered defense, providing immediate XSS protection with minimal code changes and negligible performance overhead. |
| 2026-02-17 2026 | LangChain Community Flaw Allows SSRF Bypass to Access Internal InfrastructureSSRF | Writeup of CVE-2026-26019 in LangChain Community, a Server-Side Request Forgery (SSRF) vulnerability in the RecursiveUrlLoader. Attackers could exploit weak URL validation, bypassing `preventOutside` checks by using a prefix trick, to access internal networks or cloud metadata endpoints. This flaw, fixed in version 1.1.14, allowed potential credential theft by fetching data from AWS, Google Cloud, or Azure metadata services. Developers are urged to upgrade to the patched version. |
| 2026-02-13 2026 | Critical Zimbra Vulnerabilities Fixed: XSS XXE and LDAP Injection Risks MitigatedXSS | Writeup detailing critical vulnerabilities fixed in Zimbra 10.1.16, including Cross-Site Scripting (XSS) in Webmail and Briefcase, an authenticated LDAP injection flaw, and an XML External Entity (XXE) issue in the EWS SOAP endpoint. These high-severity flaws, similar to those found in VMware NSX and WordPress plugins, could lead to session hijacking, credential theft, data exfiltration, unauthorized directory access, and server-side request forgery. The update also addresses a medium-severity CSRF bypass. |
| 2026-02-11 2026 | GitLab Patches Multiple Vulnerabilities Enabling DoS and Cross-Site Scripting AttacksXSS | Patches address critical vulnerabilities in GitLab CE and EE versions 18.8.4, 18.7.4, and 18.6.6, including CVE-2025-7659 for unauthenticated token theft via the Web IDE, CVE-2025-8099 and CVE-2026-0958 for denial-of-service attacks via GraphQL introspection and middleware flaws, CVE-2025-14560 for cross-site scripting in Code Flow, and CVE-2026-0595 for HTML injection in test case titles. Additional DoS and SSRF vulnerabilities were also resolved. |
| 2026-02-04 2026 | CISA Warns of Actively Exploited GitLab SSRF Vulnerability in Community and Enterprise EditionsSSRF | Writeup of CVE-2021-39935, an actively exploited GitLab SSRF vulnerability allowing unauthenticated remote attackers to perform unauthorized server-side requests via the CI Lint API. CISA's warning highlights the risk of exposing sensitive internal systems, credential leakage, and exploitation in cloud-hosted deployments. Organizations are urged to upgrade GitLab to patched versions and restrict API exposure to mitigate this threat. |
| 2026-02-03 2026 | Foxit PDF Editor Vulnerability Allows Attackers to Execute Arbitrary JavaScriptXSS | Writeup of CVE-2026-1591 and CVE-2026-1592 in Foxit PDF Editor Cloud, and CVE-2025-66523 in Foxit eSign, detailing cross-site scripting vulnerabilities that allow arbitrary JavaScript execution. These flaws arise from insufficient input validation and improper output encoding in file attachment and layer name fields, enabling attackers to steal session tokens, harvest sensitive data, or redirect users. Patches were released by Foxit Software in early 2026. |
| 2026-01-17 2026 | Exploiting XSS in Meta Conversion API for Zero-Click Account TakeoverXSS | Writeup detailing zero-click account takeover via XSS in Meta's Conversion API Gateway. The flaws in the `capig-events.js` script allow attackers to exploit unvalidated `postMessage` origins and backend JavaScript string concatenation. Bypass techniques for CSP and COOP are discussed, alongside an Android WebView exploitation method leveraging `window.name` reuse. This vulnerability, present in potentially millions of third-party deployments, could allow attackers to inject arbitrary JavaScript by manipulating user-configurable parameters. |
| 2026-01-14 2026 | FortiSandbox SSRF Vulnerability Allows Attackers to Proxy Internal Traffic via Crafted HTTP RequestsSSRF | Writeup of CVE-2025-67685, an SSRF vulnerability in FortiSandbox allowing authenticated attackers to proxy internal traffic via crafted HTTP requests. This flaw, classified under CWE-918, impacts multiple FortiSandbox versions, requiring upgrades to 5.0.5+ for version 5.0, and migration to fixed releases for versions 4.4, 4.2, and 4.0. The vulnerability, with a CVSS v3.1 score of 3.4, is limited to plaintext endpoints. |
| 2026-01-13 2026 | Critical Apache Struts 2 Vulnerability Allows Attackers to Steal Sensitive DataSSRF | Writeup of CVE-2025-68493 in Apache Struts 2, detailing an XML External Entity (XXE) injection vulnerability within the XWork component. This flaw allows attackers to exfiltrate sensitive data, perform server-side request forgery (SSRF), and cause denial-of-service. The vulnerability affects multiple Struts 2 versions, including unsupported ones. Patches are available for Struts 6.1.1 and later, with temporary mitigations including hardening XML parsing or setting JVM properties. The issue was reported by ZAST.AI. |
| 2026-01-13 2026 | New Angular Vulnerability Enables Attackers to Execute Malicious PayloadsXSS | Writeup of CVE-2026-22610, a High severity XSS vulnerability in Angular’s Template Compiler allowing malicious JavaScript execution. The flaw stems from improper sanitization of href and xlink:href attributes within SVG script elements, enabling attackers to inject data URIs or external script URLs via template bindings. Exploitation requires specific preconditions, including the use of SVG script elements and untrusted data sources. Angular has released patched versions (19.2.18, 20.3.16, 21.0.7, 21.1.0-rc.0) to address this critical issue. |
| 2026-01-09 2026 | OWASP CRS Vulnerability Allows Attackers to Bypass Charset ValidationXSS | Writeup of CVE-2026-21876 in OWASP CRS, a CRITICAL vulnerability allowing attackers to bypass charset validation by exploiting ModSecurity's chained rule processing. The flaw, present in rule 922110, enables UTF-7 encoded XSS payloads by only validating the final multipart part of a request, leaving earlier, malicious parts uninspected. Patches are available in CRS 4.22.0 and CRS 3.3.8, addressing the bypass by validating all charset parameters. |
| 2026-01-09 2026 | Hackers Actively Exploit AI Deployments as 91000 Attack Sessions Are DetectedSSRF | Analysis of 91,000+ attack sessions against AI deployments reveals two primary threat campaigns. One exploits server-side request forgery (SSRF) against Ollama's model pull functionality and Twilio SMS webhooks, utilizing ProjectDiscovery's OAST infrastructure. The second campaign targets 73+ large language model endpoints, including GPT-4o, Claude, and Llama, using reconnaissance probes against misconfigured proxy servers to identify commercial AI APIs. Defense strategies include model pull restrictions, egress filtering, rate-limiting, DNS blocking of OAST callback domains, and alerts for multi-endpoint probing. |
| 2025-12-21 2025 | Roundcube Vulnerabilities Allow Attackers to Execute Malicious ScriptsXSS | Library updates for Roundcube webmail address two critical vulnerabilities in versions 1.6 and 1.5 LTS. A Cross-Site Scripting (XSS) flaw, exploitable via SVG's animate tag, allows script injection. An Information Disclosure vulnerability in the HTML style sanitizer enables bypass of security controls. These issues, discovered by "somerandomdev", could lead to stolen credentials, phishing, or access to sensitive data. Users should update to secure versions 1.6.12 or 1.5.12. |
| 2025-12-10 2025 | Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSSXSS | Writeup of CVE-2025-10573 details a critical stored XSS vulnerability in Ivanti Endpoint Manager (EPM) allowing unauthenticated attackers to hijack administrator sessions. Exploitation involves injecting JavaScript via the 'incomingdata' web API's processing of device scan data, leading to full administrative control. Versions prior to Ivanti EPM 2024 SU4 SR1 are affected, with a patch released December 9, 2025. This vulnerability, identified by Rapid7, requires immediate patching due to its ease of exploitation and severe impact on remote endpoint management. |
| 2025-12-03 2025 | Angular Platform Vulnerability Allows Malicious Code Execution via Weaponized SVG Animation FilesXSS | Writeup detailing a stored XSS vulnerability in Angular's template compiler, allowing arbitrary code execution via weaponized SVG animation files. Attackers can bypass sanitization by injecting `javascript:` URLs into attributes like `href` and `xlink:href` within SVG and MathML elements, particularly when combined with `<animate>` tags and attribute binding. This enables session hijacking and data exfiltration. Patches are available in Angular versions 19.2.17, 20.3.15, and 21.0.2, with workarounds including avoiding untrusted data binding and implementing strict CSP headers. |
| 2025-11-27 2025 | Apache SkyWalking Vulnerability Lets Attackers Expose Users to XSS AttacksXSS | Writeup on CVE-2025-54057, a stored XSS vulnerability in Apache SkyWalking versions up to 10.2.0. The flaw allows attackers to inject malicious scripts into the web interface, enabling the execution of unauthorized code in users' browsers. Exploitation can lead to the theft of sensitive information, impersonation of users, and compromise of application data. Apache released version 10.3.0 as a patch, making immediate upgrade the sole mitigation strategy. |
| 2025-11-16 2025 | Cross-Site Scripting Vulnerability Discovered in Citrix NetScaler ADC and GatewayXSS | Writeup of CVE-2025-12101, a cross-site scripting vulnerability impacting Citrix NetScaler ADC and Gateway, which is actively being weaponized. This flaw enables attackers to inject malicious scripts, leading to session hijacking, credential theft, and malware deployment. Organizations running vulnerable versions, including FIPS and end-of-life deployments, face significant risk, particularly with specific virtual server configurations. Immediate patching to version 14.1-56.73 or 13.1-60.32 is critical. |
| 2025-11-13 2025 | Kibana Flaws Could Allow Server-Side Request Forgery and Cross-Site Scripting AttacksSSRF | Library update addressing CVE-2025-37734, an origin validation error in Kibana's Observability AI Assistant. This flaw allows Server-Side Request Forgery (SSRF) by crafting forged Origin HTTP headers, potentially leading to data exfiltration and unauthorized internal access. Vulnerable versions include 8.12.0-8.19.6, 9.1.0-9.1.6, and 9.2.0. Elastic recommends immediate upgrades to 8.19.7, 9.1.7, or 9.2.1, or temporarily disabling the AI Assistant as a mitigation. |
| 2025-11-13 2025 | Multiple GitLab Vulnerabilities Allow Malicious Prompt Injection and Data TheftXSS | Writeup detailing multiple GitLab vulnerabilities, including CVE-2025-6945 (prompt injection in Duo allowing confidential issue data theft), CVE-2025-11224 (XSS in Kubernetes proxy), and CVE-2025-2615/CVE-2025-7000 (information disclosure via GraphQL and branch names). The report emphasizes the risk of AI features and access control gaps, urging immediate upgrades to patched versions. |
| 2025-11-12 2025 | Nagios XSS Flaw Allows Remote Execution of Arbitrary JavaScriptXSS | Writeup of Nagios XI 2024R2.1 detailing the closure of a cross-site scripting (XSS) vulnerability in the Graph Explorer feature, which allowed for remote JavaScript execution. The update also enhances SNMP management capabilities, introduces new license levels for granular control, and removes support for Ubuntu 20.04. Nagios Core is updated to 4.5.9, with improvements for large-scale network monitoring and distributed checks. |
| 2025-11-12 2025 | Custom GPTs Exploit SSRF in ChatGPT to Expose SecretsSSRF | Writeup of SSRF vulnerability in ChatGPT Custom GPTs, allowing exposure of Azure cloud credentials. Attackers exploited insufficient URL validation in the "Actions" feature to trick ChatGPT servers into requesting data from Azure's metadata service at 169.254.169.254. The technique involved using HTTP 302 redirects to bypass HTTPS restrictions and manipulating authentication headers to extract valid Azure Management API access tokens. OpenAI patched the high-severity flaw via their Bugcrowd bug bounty program. |
| 2025-10-26 2025 | Multiple GitLab Flaws Could Allow Account Takeover and Stored XSS AttacksXSS | Patches address 15 SAP vulnerabilities, including three critical code injection flaws enabling arbitrary code execution and sensitive data access. These injection vulnerabilities, potentially leading to SQL injection, LDAP injection, or command injection, pose a severe risk to organizational infrastructure. Additional flaws include cross-site scripting (XSS), privilege escalation, authentication bypass, and information disclosure. Organizations should prioritize applying these updates via SAP's standard mechanisms. |
| 2025-10-24 2025 | CISA Alerts on Active Exploitation of Oracle EBS SSRF FlawSSRF | Analysis of CVE-2025-61884, a critical Oracle E-Business Suite server-side request forgery vulnerability, details its active exploitation. Remote, unauthenticated attackers can leverage this CWE-918 flaw within Oracle Configurator's Runtime component to make unauthorized requests, bypass network controls, and potentially exfiltrate sensitive data. CISA's inclusion of this vulnerability in its Known Exploited Vulnerabilities catalog mandates federal agencies to patch by November 10, 2025, underscoring the urgency for all organizations to apply vendor patches and implement mitigations. |
| 2025-09-10 2025 | GitLab Patches Vulnerabilities Allowing Denial of Service and SSRF AttacksSSRF | Patches for GitLab Community Edition and Enterprise Edition address critical vulnerabilities including SSRF (CVE-2025-6454) in Webhook custom headers, and high-severity DoS flaws (CVE-2025-2256, CVE-2025-1250) related to SAML responses and user-controllable fields. Medium-severity DoS and information disclosure issues are also fixed. Administrators must upgrade to specific patch versions (18.3.2, 18.2.6, 18.1.6) to prevent unauthorized internal requests and resource exhaustion. |
| 2025-08-11 2025 | Xerox FreeFlow Flaws Enable SSRF and Remote Code ExecutionSSRF | Writeup of CVE-2025-8355 and CVE-2025-8356 in Xerox FreeFlow Core, detailing an XML External Entity (XXE) vulnerability leading to Server-Side Request Forgery (SSRF) and a Path Traversal vulnerability enabling Remote Code Execution (RCE). Discovered by Jimi Sebree of Horizon3.ai, these flaws affect version 8.0.4, with Xerox recommending immediate upgrade to version 8.0.5 to address these critical threats. |