newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-30 09:40Z
Subscribe to news →
CVE-2026-7424 — Integer: underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows
Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-30893 — Wazuh: From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary files outside the intended extraction directory on other cluster nodes. This can be escalated to code execution in the Wazuh service context by overwriting Python modules loaded by Wazuh components (p CVSSv3.1 9.0 (CRITICAL)
9.0
CVSS v3.1
95
Edit Score
CVE-2026-41940
CVE-2026-41940 is a critical authentication bypass in cPanel and WHM (CVSS 9.8) that allows unauthenticated remote attackers to establish authenticated sessions without valid credentials. The vulnerability impacts the login flow itself and enables full administrative control over hosting environments. cPanel has released patches across multiple version tiers (11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, 11.136.0.5 and later).
92
Edit Score
CVE-2026-5712 — This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-26015 — Arc53 Docsgpt: From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution (RCE). This issue has been patched in version 0.16.0. CVSSv3.1 9.8 (CRITICAL) · EPSS 53th percentile
9.8
CVSS v3.1
99
Edit Score
The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940)
watchTowr Labs disclosed CVE-2026-41940, a critical authentication bypass in cPanel & WHM affecting all supported versions. The vulnerability combines CRLF injection via HTTP Basic auth headers with improper session encoding to forge authenticated sessions and gain root-level access to the control panel. In-the-wild exploitation has been confirmed; patches are available across all release tracks (110.0.x through 136.0.x).
98
Edit Score
CVE-2026-0204 — A vulnerability in the access control mechanism of SonicOS may allow certain management interface
A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-6849 — Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability
Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: from <=0.7.5 before 0.8.0. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-5166 — Limitation: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center: before 1.0.3. CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score
CVE-2026-41940 — WHM: cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 contain
cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-38991 — Cockpit: This allows an authenticated attacker to rename arbitrary files with the .php file extension
Cockpit 2.13.5 and earlier is affected by a misconfiguration within the Bucket component _isFileTypeAllowed function where a specially crafted filename bypasses an extension filter. This allows an authenticated attacker to rename arbitrary files with the .php file extension enabling arbitrary code to be executed on the underlying server. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-7111 — Text: Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the
Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getline_all methods invoke registered callbacks (for example after_parse, before_print, or on_error) and cache the Perl argument stack pointer across the call. If a callback extends the argument stack enough to trigger a reallocation, the return value is written through CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-5161 — Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before v1.2.1. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-5141 — Privilege: Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking a privileged process. This issue affects Pardus Software Center: before 1.0.3. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-38992 — Cockpit: v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter
Cockpit v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter within multiple endpoints. This vulnerability allows an attacker to run system commands on the underlying infrastructure via the MongoLite $func operator. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-36841 — TOTOLINK: N200RE V5 was discovered to contain a command injection vulnerability via the macstr
TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-5140 — CRLF: Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus allows Authentication Bypass. This issue affects Pardus: from <=0.6.4 before 0.8.0. CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score
CVE-2026-42524 — Jenkins: HTML Publisher Plugin 427 and earlier does not escape job name and URL
Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-42523 — Jenkins: GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part
Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling", resulting in a stored cross-site scripting (XSS) vulnerability exploitable by non-anonymous attackers with Overall/Read permission. CVSSv3.1 9.0 (CRITICAL)
9.0
CVSS v3.1
95
Edit Score
CVE-2026-42249 — Ollama Ollama: for Windows contains a Remote Code Execution vulnerability in its update mechanism due
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These values are passed directly to filepath.Join, allowing path traversal sequences (../) to be resolved and enabling files to be written outside the intended update staging directory. An a CVSSv3.1 9.8 (CRITICAL) · EPSS 13th percentile
9.8
CVSS v3.1
99
Edit Score
CVE-2026-42248 — Ollama Ollama: for Windows does not perform integrity or authenticity verification of downloaded update executables.
Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before staging or executing update payloads, enabling attacker‑supplied executables to be accepted and later executed by the application. Critically, Ollama for Windows performs silent automatic CVSSv3.1 9.8 (CRITICAL) · EPSS 1th percentile
9.8
CVSS v3.1
99
Edit Score
Extending Ruzzy with LibAFL
Trail of Bits·blog.trailofbits.com
Trail of Bits documents the integration of LibAFL fuzzing engine into Ruzzy, their coverage-guided fuzzer for Ruby code and C extensions. The post details technical challenges encountered during integration, including ELF binary constraints around .preinit_array sections in shared objects and SanitizerCoverage initialization timing differences between LibAFL and libFuzzer, with solutions provided via linker selection and initialization ordering patches.
68
Edit Score
CI/CD pipeline abuse: the problem no one is watching
Elastic Security Labs released cicd-abuse-detector, an open-source detection tool that uses regex signal extraction and LLM analysis to catch CI/CD pipeline abuse across GitHub Actions, GitLab CI, and Azure DevOps. The tool detects six attack categories: credential harvesting, privileged trigger exploitation, permission escalation, runner targeting, supply chain manipulation, and defense evasion. Detection patterns were validated against real-world incidents (GhostAction, Shai-Hulud, HackerBot-Claw, ArtiPACKED, Contagious Interview) and offensive toolkits (Nord Stream, Gato-X).
92
Edit Score
Kuse Web App Abused to Host Phishing Document
Trend Micro Research·trendmicro.comin the wild
Trend Micro documented a phishing campaign exploiting Kuse.ai, a legitimate AI workplace platform, to host credential-harvesting attacks. Attackers abused Kuse's document-sharing feature to generate URLs under the trusted app.kuse.ai domain, combined with vendor email compromise (VEC) to deliver phishing links that redirected users to fake Microsoft login pages. The attack leveraged Markdown (.md) file extensions and blurred document previews to evade email filters and social-engineer victims into credential disclosure.
68
Edit Score
'Mini Shai-Hulud' supply chain attack targets SAP npm packages
Sophos X-Ops·news.sophos.comin the wild
Sophos researchers disclosed 'Mini Shai-Hulud', a supply chain attack targeting SAP's Cloud Application Programming Model (CAP) npm packages. Compromised packages contained credential-stealing malware that exfiltrated sensitive data via GitHub repositories; maintainers have released patched versions.
78
Edit Score