Cybersecurity researchers have identified a new variant in the DirtyFrag family of Linux local privilege escalation vulnerabilities, named ‘Fragnesia’. Tracked as CVE-2026-46300, successful exploitation of the vulnerability may allow an unprivileged local attacker to modify read-only file contents in the kernel page cache and gain root privileges. The vulnerability has been named Fragnesia because the core bug … Continue reading “Linux Kernel Local Privilege Escalation Vulnerability Exploited in Attacks (Fragnesia) (CVE-2026-46300)”
F5 Nginx Remote Code Execution Vulnerability (CVE-2026-42945)
Threat researchers identified a critical severity vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945. The vulnerability discovered by depthfirst is an 18-year-old memory corruption flaw in NGINX Plus and NGINX Open Source. Successful exploitation of the vulnerability may allow an unauthenticated attacker to cause a denial-of-service (DoS) on the NGINX system or to trigger code execution. NGINX is an open-source, high-performance HTTP web server, reverse proxy, … Continue reading “F5 Nginx Remote Code Execution Vulnerability (CVE-2026-42945)”
Ivanti Addresses Multiple Vulnerabilities Impacting EPM, Xtraction, Secure Access Client, & Virtual Traffic Manager
Ivanti has released its May 2026 security updates, addressing security vulnerabilities across its popular products. The list of vulnerabilities and impacted products includes: Ivanti Xtraction — CVE-2026-8043 Ivanti Virtual Traffic Manager (vTM) — CVE-2026-8051 Ivanti Secure Access Client — CVE-2026-7431 and CVE-2026-7432 Ivanti Endpoint Manager (EPM) — CVE-2026-8109, CVE-2026-8110, CVE-2026-811
Microsoft Patch Tuesday, May 2026 Security Update Review
May 2026’s Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching in an increasingly threat-heavy landscape. Here’s a quick breakdown of what you need to know. This month’s release addresses 137 vulnerabilities, including 30 critical and 103 important-severity vulnerabilities. In this month’s updates, Microsoft has not addressed any publicly disclosed zero-day vulnerability. Microsoft has addressed 128 vulnerabilities in Microsoft … Continue reading “Microsoft Patch Tuesday, May 2026 Security Update Review”
Ollama Heap Out-of-bounds Read Vulnerability Leads to Remote Process Memory Leak (CVE-2026-7482)
Threat researchers have identified a critical severity vulnerability impacting Ollama. Tracked as CVE-2026-7482, successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to leak the entire process memory.
Ivanti Endpoint Manager Mobile Vulnerability Exploited in the Wild (CVE-2026-6973)
Ivanti released security updates to address five high-severity vulnerabilities impacting Endpoint Manager Mobile (EPMM). One of these vulnerabilities, tracked as CVE-20260-6973, is said to be exploited in zero-day attacks. This Improper Input Validation vulnerability in Ivanti EPMM requires Admin authentication for successful exploitation. A remote authenticated user with administrative access may exploit the vulnerability to execute arbitrary code … Continue reading “Ivanti Endpoint Manager Mobile Vulnerability Exploited in the Wild (CVE-2026-6973)”
vm2 Sandbox Escape Vulnerability Allows Attackers to Execute Code (CVE-2026-26956)
Security researchers have identified a critical severity vulnerability impacting the popular Node.js sandboxing library vm2. Tracked as CVE-2026-26956, successful exploitation of the vulnerability allows an attacker to escape the sandbox and execute arbitrary code on the host system. Proof-of-concept code for the vulnerability is publicly available. vm2 is a widely used JavaScript sandbox that can run untrusted code with allowed Node’s built-in modules. Sandboxes are used in modern applications for a variety of functions.
Apache Addresses Multiple Vulnerabilities Impacting the HTTP Server
Apache has released security updates for the HTTP Server, addressing several security vulnerabilities. One of the vulnerabilities, tracked as CVE-2026-23918, can result in remote code execution.
PAN-OS User-ID Authentication Portal Vulnerability Exploited in Attacks (CVE-2026-0300)
Palo Alto has warned its users about the active exploitation of a vulnerability in the Palo Alto User-ID Authentication Portal (aka Captive Portal) service running on PAN-OS. Tracked as CVE-2026-0300, the vulnerability has a critical severity rating with a CVSS score of 9.3. Successful exploitation of the vulnerability can lead to arbitrary code execution. Palo Alto has mentioned in their advisory that they are aware … Continue reading “PAN-OS User-ID Authentication Portal Vulnerability Exploited in Attacks (CVE-2026-0300)”
Linux Kernel Vulnerability Exploited in the Wild (Copy Fail) (CVE-2026-31431)
Threat actors are exploiting a vulnerability in the Linux Kernel tracked as CVE-2026-31431. Named Copy Fail, it’s a critical Linux kernel local privilege escalation vulnerability that allows unprivileged users to gain root by corrupting the page cache of setuid binaries via the AF_ALG crypto API. The vulnerability was discovered and reported by Theori and Xint. CISA also acknowledged the active exploitation of the vulnerability … Continue reading “Linux Kernel Vulnerability Exploited in the Wild (Copy Fail) (CVE-2026-31431)”