newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-09 22:41Z
Subscribe to news →
CVE-2026-5241 — LightGlue: A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an
A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code during model initialization. The issue arises because the `trust_remote_code` parameter, intended to prevent remote code execution, is overridden by untrusted serialized configuration data in a nested code path. Specifically, when loading a LightGlue model using `AutoModel.from_pretrained()` with `trust_remote_c CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-35085 — A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig
A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-35084 — A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig
A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-35083 — A remote attacker with user privileges can exploit a stack buffer overflow to gain
A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-35082 — The ugw-logread method allows a remote attacker with user privileges to access arbitrary local
The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-35081 — The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-35080 — The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local
The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-35079 — The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local
The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-35078 — The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local
The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-35077 — The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local
The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-35076 — The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local
The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-35075 — An unauthenticated remote attacker can recover a default, hard coded password from a firmware
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
Otto Support - Testing MCP Servers
Bishop Fox Labs·bishopfox.com
Bishop Fox demonstrates a complete attack chain against MCP (Model Context Protocol) servers, using nmap and Nuclei for discovery, then MCP Inspector to enumerate and exploit an authorization bypass in otto-support that allows unprivileged users to delete other users' tickets. The research illustrates that MCP servers, despite being AI-native, remain subject to traditional web application security flaws—specifically missing server-side authorization controls on privileged operations.
72
Edit Score
CVE-2026-47065 — ZDRES: ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessment: Fully addressed.
ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessment: Fully addressed. When the serialised stream contains a TC_PROXYCLASSDESC (the marker for a java.lang.reflect.Proxy ), JDK’s ObjectInputStream.readProxyDesc() is dispatched. JDK then calls the default ObjectInputStream.resolveProxyClass(interfaces) implementation, which performs Class.forName(intf, false, latestUserDefinedLoader()) for EACH interface name CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2025-15656 — Incorrect: Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation.
Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2025-14773 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2025-14772 — Authorization: bypass through User-Controlled key vulnerability in ABB T-MAC Plus.
Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2025-14771 — Files: or directories accessible to external parties vulnerability in ABB T-MAC Plus.
Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. CVSSv3.1 9.9 (CRITICAL)
9.9
CVSS v3.1
100
Edit Score
The sorry state of skill distribution
Trail of Bits·blog.trailofbits.com
Trail of Bits demonstrated critical bypasses of multiple AI skill marketplace scanners (ClawHub, Cisco skill-scanner, skills.sh integrations) using simple techniques: newline padding, .pyc bytecode poisoning, .docx indirection, and prompt injection. The research reveals that static scanning approaches cannot reliably detect malicious skills, and LLM-based analyzers are easily fooled by social engineering and misdirection embedded in skill documentation.
88
Edit Score
CVE-2026-4035 — A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment
A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlled endpoint. This issue arises because the `api_key` field in gateway secrets can accept `$ENV_VAR` references, which are resolved against the MLflow server's environment during runtime. The resolved secrets are then sent in provider authenti CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
Argamal: Malware hidden in hentai games
Kaspersky Securelist·securelist.comin the wild
Kaspersky discovered Argamal, a previously unknown RAT distributed via trojanized hentai games since at least 2024. The malware uses COM hijacking for persistence, multi-stage PowerShell delivery, and provides full remote control capabilities including file operations, surveillance, and command execution. Hundreds of victims identified primarily in Russia, Brazil, Germany, and Vietnam.
78
Edit Score
FSB’s matryoshka #2/3 – Gamaredon’s gifts that keeps unpacking – GammaLoad
Sekoia.io·sekoia.ioin the wild
Sekoia's TDR team published a deep technical analysis of GammaLoad, the intermediary loader component in Gamaredon's (FSB-operated) 2026 infection chain targeting Ukraine. The analysis documents a three-stage multi-loader architecture using VBScript and PowerShell, leveraging Dead Drop Resolvers (Telegraph, Telegram, Check-Host) to fetch C2 infrastructure, registry-based persistence via scheduled tasks, and in-memory execution to evade detection. The report includes 70+ recovered artifacts, live C2 interaction data, and IOCs, establishing a unified taxonomy (GammaPhish, GammaLoad, GammaWorm, GammaSteel, GammaWipe) to clarify Gamaredon's decade-long malware evolution.
92
Edit Score
CVE-2026-44654 — Librechat Librechat: In versions up to and including 0.8.3, a shared-agent editor can delete file records
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, a shared-agent editor can delete file records through `DELETE /api/files` that the owner has reused across multiple agents. The deletion removes the file globally — not just from the shared agent — breaking the owner's other private agents that reference the same `file_id`. The private agent retains a stale `file_id` reference that no longer resolves. A shared-ag CVSSv3.1 8.1 (HIGH) · EPSS 12th percentile
8.1
CVSS v3.1
91
Edit Score
CVE-2026-35482 — Prior to version 2.0-M5-2606, a sandbox escape vulnerability in the alf.io extension script engine
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, a sandbox escape vulnerability in the alf.io extension script engine allows an authenticated administrator to execute arbitrary operating system commands on the server. The extension system is intended to execute restricted JavaScript in a sandboxed Rhino environment; however, a combination of an unguarded injected Java object (`returnClass`) CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-32625 — LibreChat: This enables full compromise of the installation's cryptographic materials and database credentials without requiring
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, the Model Context Protocol (MCP) server integration resolves ${VAR} placeholders against the server's process.env during Zod schema validation of user-supplied MCP server URLs. Any authenticated user can create a malicious MCP server configuration with a URL pointing to an attacker-controlled domain containing environment variable references, causing the LibreCha CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score