A significant security vulnerability has been identified in Ghost CMS, specifically a SQL injection flaw labeled CVE-2026-26980. Attackers are exploiting this weakness to inject harmful JavaScript code, which activates ClickFix attack flows across numerous websites utilizing this content management system. This exploitation poses a serious risk to users by potentially compromising their data and functionality of affected sites. Ghost CMS users, particularly those running outdated versions, should take immediate action to secure their systems. This incident highlights the ongoing need for vigilance in web security and the importance of keeping software up to date.
Articles tagged "CVE"
Found 341 articles
The Hacker News
A severe security vulnerability has been discovered in the LiteSpeed User-End cPanel Plugin, identified as CVE-2026-48172, which has a maximum CVSS score of 10.0. This flaw allows attackers to exploit incorrect privilege assignments, enabling them to execute arbitrary scripts with root privileges. As a result, any cPanel user, including potential attackers or compromised accounts, can take advantage of this vulnerability. The ongoing exploitation of this flaw poses significant risks to server security and data integrity, making it crucial for affected users to take immediate action. The situation emphasizes the need for vigilance among web hosts and cPanel users to prevent unauthorized access and maintain secure environments.
Ubiquiti has patched three serious vulnerabilities in its UniFi OS, labeled CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. These flaws could allow unauthorized users to make system changes, access sensitive system files through path traversal, and execute commands remotely via command injection. This is a significant concern for users of UniFi OS, as it could lead to unauthorized access and control over network devices. Ubiquiti is urging all users to apply the updates as soon as possible to protect their systems from potential exploitation. Given the nature of these vulnerabilities, companies using UniFi OS should prioritize updating their systems to ensure their networks remain secure.
TrendAI has addressed a serious vulnerability in its Apex One security software, identified as CVE-2026-34926. This flaw is a directory traversal issue that could be exploited by attackers to gain unauthorized access to files on the system. The vulnerability specifically affects the on-premise version of Apex One, which is used by various organizations for endpoint security. Given that this vulnerability has been exploited in the wild, it poses a significant risk to users who have not yet applied the necessary updates. Companies using Apex One should prioritize applying the latest patches to safeguard their systems against potential breaches.
A newly discovered vulnerability, identified as CVE-2024-12802, affects SonicWall Gen6 SSL-VPN appliances. This security flaw allows attackers to bypass multi-factor authentication (MFA) by using a specific user principal name (UPN) login format. Organizations using these appliances could be at risk, as this vulnerability may enable unauthorized access to sensitive systems. Companies that rely on SonicWall for secure remote access should take immediate action to assess their exposure to this threat. Given the critical role of MFA in securing remote connections, this issue underscores the need for vigilance and prompt remediation.
Microsoft has reported that two vulnerabilities in its Defender software are currently being exploited. The first, identified as CVE-2026-41091, is a privilege escalation flaw that has a CVSS score of 7.8, meaning it poses a significant risk. If successfully exploited, attackers could gain SYSTEM privileges, which would allow them to control the affected systems. The second vulnerability is a denial-of-service flaw, though specific details about its CVE designation weren't provided. These vulnerabilities affect Microsoft Defender, and users of the software should be vigilant as attackers are actively exploiting these flaws in the wild. It's crucial for individuals and organizations to take immediate action to secure their systems.
Researchers have revealed a vulnerability in the Linux kernel, identified as CVE-2026-46333, which has remained unnoticed for nine years. This flaw involves improper privilege management, allowing unprivileged local users to access sensitive files and execute commands with root privileges on default installations of several major Linux distributions. The vulnerability has a CVSS score of 5.5, indicating a moderate severity level. Affected users include those running various Linux distributions, which could expose them to significant risks if exploited. It's crucial for system administrators and users to be aware of this vulnerability and take appropriate action to secure their systems.
Drupal has issued urgent security updates to address a serious vulnerability in Drupal Core, identified as CVE-2026-9082. This flaw can allow attackers to execute malicious code remotely, escalate privileges, or disclose sensitive information on PostgreSQL sites. With a CVSS score of 6.5, the vulnerability affects users relying on Drupal's database abstraction API. This issue is particularly concerning for organizations using Drupal for their web applications, as the potential for exploitation could lead to significant data breaches or system compromises. Users are strongly advised to apply the available security updates promptly to mitigate the risk.
Researchers have identified a vulnerability in ExifTool, a widely used tool for reading and writing metadata in image files, that could allow attackers to compromise macOS systems through malicious images. This vulnerability, tracked as CVE-2026-3102, poses a significant risk to users who handle image files, as it enables the execution of harmful code when a malicious image is processed. Users running macOS could be particularly affected, especially those who frequently use ExifTool or similar applications. The implications are serious, as attackers could exploit this flaw to gain unauthorized access to systems, potentially leading to data breaches or other malicious activities. It’s crucial for users to stay informed about this issue and take appropriate steps to protect their systems.
The Hacker News
Microsoft has addressed a significant vulnerability in its BitLocker encryption feature, identified as YellowKey and tracked under the CVE-2026-45585 designation. This security flaw, which has a CVSS score of 6.8, allows attackers to bypass key protections, potentially exposing sensitive data on affected systems. The issue was publicly disclosed last week, prompting Microsoft to issue a mitigation to protect users. This vulnerability primarily affects Windows operating systems that utilize BitLocker for disk encryption. Given that BitLocker is widely used by businesses and individuals to secure data, the implications of this flaw are serious, making it crucial for users to implement the provided mitigation as soon as possible.
A newly discovered vulnerability, identified as CVE-2026-8153, poses a significant risk to Universal Robots' PolyScope 5 software used in industrial robot fleets. This flaw allows attackers to exploit the system through OS command injection, potentially compromising the operation of robotic systems. Organizations using these robots could face unauthorized access and manipulation of their automated processes, leading to operational disruptions or safety hazards. The issue highlights the need for companies to assess their systems and take proactive measures to safeguard their robotic operations. Immediate attention to this vulnerability is crucial for maintaining security in environments that rely on industrial automation.
A newly discovered zero-day vulnerability in Microsoft Exchange, tracked as CVE-2026-42897, poses a significant risk as it allows attackers to exploit cross-site scripting (XSS) to compromise Outlook Web Access (OWA) mailboxes. This vulnerability is reportedly under active attack, meaning that malicious actors are currently trying to exploit it in the wild. Organizations using Microsoft Exchange should be particularly vigilant, as the absence of an available patch leaves their systems exposed. Without immediate remediation, users could face unauthorized access to sensitive email communications. Companies are advised to implement security measures, such as input validation and monitoring for suspicious activity, until an official patch is released.
Help Net Security
A serious vulnerability in NGINX, identified as CVE-2026-42945 and nicknamed NGINX Rift, is currently being exploited by attackers. Disclosed last week, this flaw allows attackers to send specially crafted HTTP requests to vulnerable NGINX servers, potentially leading to denial-of-service conditions and even unauthenticated remote code execution. NGINX is the most widely used web server, meaning a large number of websites and applications could be at risk. Security researcher Patrick Garrity highlighted the urgency of addressing this vulnerability as it poses significant risks to web services that rely on NGINX. It's crucial for administrators to take immediate action to protect their systems from these exploits.
A researcher has released an exploit called MiniPlasma that targets a Windows vulnerability from 2020, identified as CVE-2020-17087, which remains unpatched. This exploit uses the original proof-of-concept code, and it has raised concerns among security experts about its potential use in real-world attacks. The vulnerability affects various versions of Windows, making a significant number of users and organizations vulnerable if they have not applied necessary updates. The release of this exploit could lead to increased risks for those systems still running the affected versions, as attackers may use it for unauthorized access or other malicious activities. Companies and users are urged to check their systems and apply any available patches to protect against potential exploitation.
Security Affairs
A security researcher known as Chaotic Eclipse has disclosed a serious zero-day vulnerability in Windows called MiniPlasma, which allows attackers to gain SYSTEM privileges on fully updated Windows 11 systems. This flaw, affecting the 'cldflt.sys' file, was believed to have been patched back in 2020 under the CVE-2020-17103 designation, but it appears that the fix was either incomplete or not properly implemented. The existence of a proof-of-concept exploit for this vulnerability raises significant concerns for users and organizations, as it could allow malicious actors to escalate their privileges and potentially take control of affected systems. This issue affects all patched versions of Windows 11, meaning a wide range of users are at risk. Companies should prioritize reviewing their security protocols and consider additional monitoring to mitigate potential exploitation.