Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2026-40496 — Freescout Freescout: Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable formula: `md5(APP_KEY + attachment_id + size)`. Since attachment_id is sequential and size can be brute-forced in a small range, an unauthenticated attacker can forge valid tokens and download any private attachment without credentials. Version 1.8.213 fixes the issue. CVSSv3.1 9.1 (CRITICAL)
CVE-2026-39866 — Lawnchair Lawnchair: Prior to commit fcba413f55dd47f8a3921445252849126c6266b2, command injection in release_update.yml workflow dispatch input allows arbitrary code
Lawnchair is a free, open-source home app for Android. Prior to commit fcba413f55dd47f8a3921445252849126c6266b2, command injection in release_update.yml workflow dispatch input allows arbitrary code execution. Commit fcba413f55dd47f8a3921445252849126c6266b2 patches the issue. CVSSv3.1 8.8 (HIGH)
CVE-2026-39861 — Anthropic Claude_code: Reliably exploiting this required the ability to add untrusted content into a Claude Code
Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not prevent sandboxed processes from creating symlinks pointing to locations outside the workspace. When Claude Code subsequently wrote to a path within such a symlink, its unsandboxed process followed the symlink and wrote to the target location outside the workspace without prompting the user for confirmation. This allowed a sandbox escape where neither the sandboxed command nor the un CVSSv3.1 10.0 (CRITICAL)
CVE-2026-39386 — M1k1o Neko: This results in a complete compromise of the instance.
Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1, any authenticated user can immediately obtain full administrative control of the entire Neko instance (member management, room settings, broadcast control, session termination, etc.). This results in a complete compromise of the instance. The vulnerability has been patched in v3.0.11 and v3.1.2. If upgrading is not immediately possible, the fol CVSSv3.1 8.8 (HIGH)
CVE-2026-41329 — Openclaw Openclaw: before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via
OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve unauthorized privilege escalation. CVSSv3.1 9.9 (CRITICAL) · EPSS 13th percentile
CVE-2026-41303 — Openclaw Openclaw: before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that
OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. Attackers can send Discord text commands to bypass the channels.discord.execApprovals.approvers allowlist and approve pending host execution requests. CVSSv3.1 8.8 (HIGH) · EPSS 20th percentile
CVE-2026-41296 — Openclaw Openclaw: before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the separate path validation and file read operations to bypass sandbox restrictions and read arbitrary files. CVSSv3.1 8.2 (HIGH) · EPSS 8th percentile
CVE-2026-41294 — Openclaw Openclaw: before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration
OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious .env file in a repository or workspace to override runtime configuration and security-sensitive environment settings during OpenClaw startup. CVSSv3.1 8.6 (HIGH) · EPSS 3th percentile
CVE-2026-35587 — Nicolargo Glances: Prior to version 4.5.4, a Server-Side Request Forgery (SSRF) vulnerability exists in the Glances
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery (SSRF) vulnerability exists in the Glances IP plugin due to improper validation of the public_api configuration parameter. The value of public_api is used directly in outbound HTTP requests without any scheme restriction or hostname/IP validation. An attacker who can modify the Glances configuration can force the application to send requests to arbitrary inte CVSSv3.1 8.8 (HIGH)
CVE-2026-35570 — Gitlawb Openclaude: When the sandbox auto-allow feature is active and no explicit deny rule is configured
OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Versions prior to 0.5.1 have a logic flaw in `bashToolHasPermission()` inside `src/tools/BashTool/bashPermissions.ts`. When the sandbox auto-allow feature is active and no explicit deny rule is configured, the function returns an `allow` result immediately — before the path constraint filter (`checkPathConstraints`) is ever evaluated. This allows commands containing path trav CVSSv3.1 8.4 (HIGH)
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
Void Dokkaebi (Famous Chollima), a North Korea-aligned threat actor, has evolved a self-propagating supply chain worm that spreads malware through compromised developer repositories via two mechanisms: malicious VS Code task configurations (.vscode/tasks.json) and injected obfuscated JavaScript with git history tampering. Analysis identified over 750 infected repositories, 500+ malicious VS Code tasks, and compromises of major organizations including DataStax and Neutralinojs, with payloads staged on blockchain infrastructure (Tron, Aptos, BSC) and delivered as DEV#POPPER RAT variants.
The Cost of Understanding: LLM-Driven Reverse Engineering vs Iterative LLM Obfuscation
Elastic Security Labs benchmarked Claude Opus 4.6's ability to reverse-engineer obfuscated binaries using Tigress, finding the model solved 40% of tasks with costs ranging $0.43–$6+ per attempt. The research then developed LLM-targeting obfuscation techniques exploiting context-window limitations, token budgets, and model shortcut biases, achieving cost/time multipliers up to 4.5x on previously-solved challenges.
CVE-2026-5450 — Gnu Glibc: Calling the scanf family of functions with a %mc (malloc'd character match) in the
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow. CVSSv3.1 9.8 (CRITICAL)
CVE-2026-33432 — Roxy-wi Roxy-wi: An unauthenticated attacker can inject LDAP filter metacharacters into the username field to manipulate
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search filter by directly concatenating the user-supplied login username into the filter string without escaping LDAP special characters. An unauthenticated attacker can inject LDAP filter metacharacters into the username field to manipulate the search query, cause the directory to retur CVSSv3.1 9.1 (CRITICAL) · EPSS 34th percentile
CVE-2026-32613 — Linuxfoundation Spinnaker: This enabled a user to use arbitrary java classes which allow deep access to
Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL (Spring Expression Language) to process information - specifically around expected artifacts. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, unlike orca, it was NOT restricting that context to a set of trusted classes, but allowing FULL JVM access. This enabled a user to use arbitrary java classes which allow deep access to the system. This enabled CVSSv3.1 9.9 (CRITICAL)
CVE-2026-32604 — Linuxfoundation Spinnaker: In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute
Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute arbitrary commands very simply on the clouddriver pods. This can expose credentials, remove files, or inject resources easily. Versions 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2 contain a patch. As a workaround, disable the gitrepo artifact types. CVSSv3.1 9.9 (CRITICAL)
CVE-2026-32311 — Reconurge Flowsint: allows a user to create investigations, which are used to manage sketches and
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Flowsint allows a user to create investigations, which are used to manage sketches and analyses. Sketches have controllable graphs, which are comprised of nodes and relationships. The sketches contain information on an OSINT target (usernames, websites, etc) within these nodes and relationships. The nodes can have automated processes execute on the CVSSv3.1 9.8 (CRITICAL)
CVE-2026-29649 — Xiangshan Nemu: This can lead to incorrect enforcement of virtualization configuration and may cause unexpected traps
NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] (CBIE/CBCFE/CBZE-related fields) is incorrectly masked/updated based on menvcfg[7:4], so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to incorrect enforcement of virtualization configuration and may cause unexpected traps or denial of service when executing cache-block management instructions in virtualized contexts ( CVSSv3.1 9.8 (CRITICAL) · EPSS 5th percentile
v9.0.2-rc2
BloodHound v9.0.2-rc2 release candidate published with routine maintenance updates including PFC checks, OpenHound collector link addition, and a pgx dependency upgrade to remediate two CVEs (CVE-2026-33815 and CVE-2026-33816).
CVE-2026-40488 — Openmage Magento: Files are stored in the publicly accessible `media/custom_options/quote/` directory, which lacks server-side execution restrictions
Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, the product custom option file upload in OpenMage LTS uses an incomplete blocklist (`forbidden_extensions = php,exe`) to prevent dangerous file uploads. This blocklist can be trivially bypassed by using alternative PHP-executable extensions such as `.phtml` CVSSv3.1 8.8 (HIGH)
CVE-2026-30269 — Doorman Doorman: Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update
Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update their own account role to a non-admin privileged role via /platform/user/{username}. The `role` field is accepted by the update model without a manage_users permission check for self-updates, enabling privilege escalation to high-privileged roles. CVSSv3.1 9.9 (CRITICAL) · EPSS 13th percentile
CVE-2026-25524 — Openmage Magento: Prior to version 20.17.0, PHP functions such as `getimagesize()`, `file_exists()`, and `is_readable()` can trigger
Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, PHP functions such as `getimagesize()`, `file_exists()`, and `is_readable()` can trigger deserialization when processing `phar://` stream wrapper paths. OpenMage LTS uses these functions with potentially controllable file paths during image validation and m CVSSv3.1 8.1 (HIGH)
CVE-2026-26944 — Dell Powerprotect_dp_series_appliance: PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a missing authentication for critical function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges. Exploitation requires an authenticated user to perform a specific action. CVSSv3.1 8.8 (HIGH)
CVE-2026-24467 — Filigran Openaev: Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains
OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains multiple security weaknesses that together allow reliable account takeover. The primary issue is that password reset tokens do not expire. Once a token is generated, it remains valid indefinitely, even if significant time has passed or if ne CVSSv3.1 9.0 (CRITICAL) · EPSS 73th percentile
CVE-2026-5760 — SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing
SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment(). CVSSv3.1 9.8 (CRITICAL) · EPSS 59th percentile