Hackers are actively exploiting a serious SQL injection vulnerability, identified as CVE-2026-42208, in the LiteLLM open-source large-language model gateway. This flaw allows attackers to access sensitive information stored within the system, which could lead to unauthorized data exposure. Users of LiteLLM, particularly those managing sensitive datasets, should be aware that their systems may be at risk. The vulnerability is already being targeted in the wild, making immediate action crucial for those using the affected software. As the situation develops, it is vital for organizations to stay informed about potential exploits and take necessary precautions to protect their data.
Articles tagged "CVE"
Found 341 articles
Researchers have discovered a serious vulnerability in GitHub, identified as CVE-2026-3854, which allows attackers to execute arbitrary code by simply pushing a git command. This flaw affects several GitHub products, including GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, and GitHub Enterprise Cloud with Enterprise. The ability to run code remotely poses significant risks, as it could lead to unauthorized access or manipulation of repositories. Companies using these GitHub services should be vigilant and take immediate action to address this vulnerability, as it could potentially compromise their code and data integrity. Ensuring that all systems are updated and secure is essential to mitigate the risks associated with this exploit.
The Hacker News
Researchers have identified a serious security flaw in GitHub.com and GitHub Enterprise Server, designated CVE-2026-3854, which could enable an authenticated user to execute arbitrary code remotely with just a single 'git push' command. This command injection vulnerability has a CVSS score of 8.7, indicating its severity. If exploited, it could allow attackers with repository push access to take control over affected systems. This issue affects both individual developers and organizations using GitHub for version control, highlighting the need for immediate awareness and action. Users are advised to monitor their repositories closely and apply any recommended patches as they become available.
The Hacker News
A serious security flaw has been identified in LeRobot, Hugging Face's open-source robotics platform, which has garnered nearly 24,000 stars on GitHub. The vulnerability, designated as CVE-2026-25874, has a high severity score of 9.3 and allows attackers to exploit untrusted data deserialization, potentially leading to remote code execution without authentication. This flaw poses a significant risk to developers and organizations using LeRobot, as it could allow unauthorized access and control over their systems. Researchers are urging users to take immediate action to safeguard their implementations, given the potential for widespread exploitation. The details of the flaw emphasize the importance of security diligence in open-source projects.
Security Affairs
A recently discovered vulnerability, tracked as CVE-2026-6770, allowed attackers to track and fingerprint users of Firefox and the Tor Browser, even when they were using Private Browsing mode. This flaw could bypass Tor's New Identity feature, which is designed to enhance privacy. As a result, both Firefox version 150 and Tor Browser version 15.0.10 have released updates to address this issue. This vulnerability is particularly concerning because it compromises the privacy protections that users rely on, especially those using Tor for anonymous browsing. Users are urged to update their browsers promptly to protect against this tracking risk.
A recently discovered vulnerability in Firefox, tracked as CVE-2026-6770, could allow attackers to fingerprint users of the Tor network. This issue primarily affects users who rely on Firefox and Tor for enhanced privacy and anonymity. Fingerprinting techniques can be used to track users across the internet, undermining the very purpose of using Tor, which is designed to protect user identities. The vulnerability has been addressed in the latest updates, specifically Firefox version 150 and Tor version 15.0.10, which users are strongly encouraged to install promptly. By patching this vulnerability, both Mozilla and the Tor Project aim to reinforce the security measures that protect user privacy online.
A vulnerability known as 'Pack2TheRoot,' tracked as CVE-2026-41651, has been identified in Linux systems, allowing local users to gain root privileges without authorization. This flaw has existed for nearly 12 years and has been rated with a high severity score of 8.8. It enables unprivileged users to install or remove system packages, which could lead to complete control over the system. This issue affects any Linux distribution that utilizes PackageKit, making it a significant concern for users and administrators alike. Given the potential for exploitation, it is crucial for affected parties to take immediate action to secure their systems.
The Hacker News
A serious security vulnerability in LMDeploy, a toolkit for managing large language models, has been actively exploited less than 13 hours after being made public. This flaw, designated as CVE-2026-33626, has a CVSS score of 7.5 and involves a Server-Side Request Forgery (SSRF) issue, which attackers can use to gain access to sensitive data. This incident poses significant risks for users and organizations that rely on LMDeploy for deploying and serving machine learning models. Given the rapid exploitation of this vulnerability, companies using LMDeploy should take immediate action to safeguard their systems. The swift response from attackers emphasizes the need for stringent monitoring and prompt patching of critical vulnerabilities.
SCM feed for Latest
A critical vulnerability in Microsoft SharePoint, identified as CVE-2026-32201, is currently being exploited by attackers. Over 1,300 SharePoint servers exposed to the internet remain at risk, with fewer than 200 instances patched since the last Patch Tuesday. This zero-day spoofing flaw allows unauthorized access, which could lead to significant data breaches or further intrusions. Organizations using SharePoint should prioritize applying available updates to mitigate the risk and secure their systems against ongoing attacks. The situation underscores the urgency for users to remain vigilant and proactive in patch management.
A severe vulnerability in Apache ActiveMQ, identified as CVE-2026-34197, has put over 6,400 servers at risk of exploitation. This widely used open-source message broker is utilized globally, with 6,476 instances exposed to the internet. Attackers could potentially execute code remotely, which could lead to significant security breaches. Organizations using ActiveMQ should take immediate action to assess their systems and implement protective measures. The urgency of this situation highlights the need for timely updates and monitoring of server configurations to prevent unauthorized access.
A new campaign linked to the Mirai malware is exploiting a serious command-injection vulnerability in D-Link DIR-823X routers, identified as CVE-2025-29635. This vulnerability allows attackers to take control of the routers and integrate them into a botnet. Users of these routers are at risk as their devices can be hijacked for malicious purposes, including launching distributed denial-of-service (DDoS) attacks. This situation is particularly concerning since the affected routers are at the end of their life cycle, meaning they are unlikely to receive security updates. It’s crucial for users to be aware of this exploit and take necessary precautions to secure their networks.
Security Affairs
The Mirai botnet is exploiting a newly discovered vulnerability in older D-Link routers, identified as CVE-2025-29635. This command injection flaw allows attackers to execute arbitrary commands through specially crafted POST requests. The vulnerability is particularly concerning because it affects discontinued models that many users may still have in operation. With the public disclosure of a proof-of-concept (PoC) exploit, the risk of widespread attacks increases, putting users who have not updated their devices at significant risk. It's crucial for affected users to take immediate action to secure their routers to prevent unauthorized access.
The Hacker News
A serious security flaw has been identified in the Python-based sandbox environment known as Terrarium. This vulnerability, assigned the identifier CVE-2026-5752, has a CVSS score of 9.3, indicating its high severity. Attackers can exploit this flaw to execute arbitrary code with root privileges on the host machine by manipulating the JavaScript prototype chain. This issue is particularly concerning for developers and organizations using Terrarium, as it may allow unauthorized access to sensitive systems and data. Users of this sandbox environment should prioritize addressing this vulnerability to mitigate potential risks.
Security Affairs
For over a year, hackers have aimed to exploit a serious vulnerability known as CVE-2023-33538, affecting older TP-Link routers. This flaw, which has a high CVSS score of 8.8, allows attackers to execute commands remotely on the devices. Despite the ongoing attempts, researchers have not reported any successful exploitation thus far. This situation is concerning for users of these outdated routers, as the vulnerability could potentially expose them to various cyber threats. It serves as a reminder for users to keep their devices updated and secure against known vulnerabilities.
Infosecurity Magazine
FortiGuard Labs has reported that attackers are exploiting a command injection vulnerability (CVE-2024-3721) in TBK DVR devices, utilizing it to deploy a Mirai-based botnet. This vulnerability allows unauthorized commands to be executed on the affected devices, potentially turning them into part of a larger network of compromised devices. Users of TBK DVR systems should be particularly vigilant, as this exploitation could lead to significant disruptions or unauthorized access to their networks. The presence of this botnet in the wild raises concerns about the broader implications for IoT security and the need for manufacturers to address such vulnerabilities swiftly. It’s crucial for users to stay informed and take appropriate action to protect their devices.