Vulnerabilities
55 articles RSS
SAP Issues 15 May Security Notes With Two 9.6 CVEs: a Read-Only SQL Injection in S/4HANA Enterprise Search and an Unauthenticated Commerce Cloud Bypass
SAP's May 12 Patch Day fixes CVE-2026-34260 in S/4HANA's Enterprise Search for ABAP and CVE-2026-34263 in Commerce Cloud, plus a high-severity OS command injection in Forecasting & Replenishment.
PgBouncer 1.25.2 Patches Four CVEs Including a Pre-Auth SCRAM Crash That Hits Every Currently Shipping Debian Release
An integer overflow in PgBouncer's SCRAM packet parser lets unauthenticated attackers crash the pooler, and three more flaws ship in the same release. Debian stable, testing, and pre-release archives are all still vulnerable.
Dirty Frag: A Second Linux Kernel Zero-Day in Five Weeks Hands Root via Chained ESP and rxrpc Page-Cache Bugs
CVE-2026-43284 and CVE-2026-43500 chain two page-cache write primitives in IPsec ESP and rxrpc to give unprivileged users root on every major Linux distribution shipped in the last nine years.
Vim Patches CVE-2026-44656, a Modeline-Triggered Shell Injection in :find Completion Affecting All Versions Up Through 9.2.0435
Vim 9.2.0435 fixes an OS command injection in :find completion where backtick-enclosed shell commands inside the path option ran during Tab completion, with a modeline-set path enabling exploitation by simply opening a malicious file.
Ivanti Patches CVE-2026-6973 Zero-Day in EPMM as CISA Adds Authenticated Admin RCE Bug to KEV
Ivanti disclosed an actively exploited authenticated RCE in Endpoint Manager Mobile alongside four other high-severity flaws. CISA added it to KEV on May 7 with a May 10 federal patch deadline.
Apache patches a double-free in HTTP/2 that crashes workers with two frames and one TCP connection
Apache HTTP Server 2.4.67 fixes CVE-2026-23918, a double-free in mod_http2 that triggers on early stream reset and may enable remote code execution on Debian-default builds.
Palo Alto Networks Discloses CVE-2026-0300, a 9.3 PAN-OS Captive Portal RCE Exploited Since April 9 With Patches Starting May 13
Palo Alto Networks disclosed CVE-2026-0300, a critical buffer overflow in PAN-OS that grants unauthenticated root code execution and has been exploited in the wild since April 9. CISA added it to KEV on May 6 with a May 9 federal deadline; first fixes ship May 13.
Critical cPanel Authentication Bypass CVE-2026-41940 Exploited as Zero-Day for Two Months Before April 28 Patch
A CVSS 9.8 CRLF-injection bug in cPanel and WHM let unauthenticated attackers gain root, exploited since February 23 against roughly 1.5 million exposed servers and now weaponized against governments in Southeast Asia.
OpenSSH Patches a 15-Year-Old Comma-Parsing Bug That Could Promote Certificate Holders to Root
CVE-2026-35414 lets a comma in an SSH certificate principal slip past authorized_keys access controls, granting root on vulnerable servers. OpenSSH 10.3 ships the fix.
PyTorch Lightning Compromised on PyPI as Attackers Push Two Malicious Versions Designed to Harvest Cloud Credentials
Attackers published lightning 2.6.2 and 2.6.3 to PyPI on April 30, executing an obfuscated JavaScript payload to harvest cloud credentials from anyone who imported the package. Maintainers quarantined the malicious builds within 42 minutes.
Copy Fail: A 732-Byte Python Script Gives Local Root on Every Major Linux Distro Since 2017, and CISA Orders Federal Agencies to Patch by May 15
CVE-2026-31431, discovered by Theori using its AI scanner Xint Code, lets unprivileged users root Ubuntu, Amazon Linux, RHEL, and SUSE through a logic flaw in the kernel's crypto subsystem.
GitHub Discloses Critical Git Push RCE That Could Have Exposed Millions of Private Repositories, With 88 Percent of Self-Hosted Servers Still Unpatched
CVE-2026-3854 let any authenticated user run code on GitHub's backend with a single git push. GitHub patched github.com in two hours on March 4; public disclosure on April 28 found most Enterprise Server instances still vulnerable.