Articles tagged "CVE"

Found 341 articles

A newly discovered vulnerability, identified as CVE-2026-41940, is affecting cPanel and WebHost Manager, allowing attackers to exploit it shortly after it was made public. The threat actor known as Mr_Rot13 has been observed using this flaw to deploy a backdoor known as Filemanager, which can grant unauthorized access to compromised systems. This situation poses serious risks to web hosting providers and their customers, as it could lead to data breaches and unauthorized control over hosted websites. Companies using affected versions of cPanel and WebHost Manager need to take immediate action to secure their systems and protect sensitive data from being exploited. The urgency of addressing this vulnerability cannot be overstated, given the potential for widespread impact on affected users.

Read Original

In May 2026, a significant update was released, addressing 130 Common Vulnerabilities and Exposures (CVEs), including 30 classified as critical. These vulnerabilities impact various software and systems, potentially affecting millions of users and organizations. Notably, the update includes patches for several widely-used products, emphasizing the urgent need for companies to apply these updates to protect their systems from potential exploitation. Researchers warn that failure to address these vulnerabilities could lead to serious security breaches, as attackers often target systems that have not been updated. Users and IT departments should prioritize these patches to enhance their cybersecurity posture and mitigate risks associated with the newly disclosed vulnerabilities.

Read Original
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

The Hacker News

Actively Exploited

A serious security vulnerability in cPanel, identified as CVE-2026-41940, is currently being exploited by a threat actor known as Mr_Rot13. This flaw allows attackers to bypass authentication and gain elevated control over cPanel and WebHost Manager (WHM) environments. The exploitation of this vulnerability has led to the deployment of a backdoor named Filemanager on compromised systems. This incident is particularly concerning because it puts web hosting environments at risk, potentially allowing unauthorized access to sensitive data and control over web applications. Users and administrators of affected cPanel and WHM versions need to be vigilant and take immediate action to secure their systems.

Read Original

A new vulnerability in Linux, referred to as 'Dirty Frag' and tracked under CVE-2026-43284 and CVE-2026-43500, has been disclosed, raising concerns among security researchers and system administrators. This exploit could allow attackers to manipulate memory and potentially execute arbitrary code, impacting a wide range of Linux distributions. The vulnerability was made public before a patch was available, which increases the risk of exploitation by malicious actors. Users of affected systems need to be vigilant, as this vulnerability may already be utilized in attacks. It's crucial for organizations to stay updated and apply any patches as soon as they are released to mitigate potential risks.

Read Original

Apache has addressed a serious vulnerability in its HTTP/2 implementation, identified as CVE-2026-23918, which has a CVSS score of 8.8. This vulnerability is a double-free error that could allow attackers to execute arbitrary code remotely. Any systems using the affected version of Apache's HTTP server could be at risk, which includes a wide range of web applications and services relying on this technology. It's crucial for organizations using Apache to apply the latest updates to prevent potential exploitation of this flaw. Users are advised to check their current versions and ensure they are running the patched releases to mitigate this risk effectively.

Read Original

A new vulnerability in Linux, named 'Dirty Frag', has emerged, specifically affecting the xfrm-ESP and RxRPC modules. One of the flaws, identified as CVE-2026-43284, has already been patched in the Linux kernel, but the second flaw, CVE-2026-43500, remains unpatched. This situation poses a significant risk as attackers can exploit the unpatched vulnerability to gain root access to affected systems. The implications are serious, particularly for organizations using Linux systems that rely on these modules for secure networking. Users and system administrators are urged to apply the latest patches for the patched vulnerability and remain vigilant for updates regarding the unpatched issue.

Read Original
CVE-2025-68670: discovering an RCE vulnerability in xrdp

Securelist

Researchers conducting a security assessment of Kaspersky USB Redirector discovered a critical remote code execution (RCE) vulnerability in the xrdp server component, identified as CVE-2025-68670. This vulnerability allows attackers to execute arbitrary code on affected systems before authentication, which poses a significant risk. Fortunately, project maintainers acted quickly to patch the vulnerability, reducing the potential for exploitation. Users of xrdp should ensure they apply the latest updates to protect their systems. This incident underscores the importance of regular security assessments and timely patch management to defend against emerging threats.

Read Original

A newly discovered vulnerability, named Dirty Frag, poses a significant local privilege escalation risk within the Linux kernel, affecting several major distributions. This flaw is considered a successor to another serious vulnerability known as Copy Fail (CVE-2026-31431), which has already seen active exploitation. Dirty Frag allows attackers to gain root access on systems running vulnerable kernel versions. The vulnerability was reported to Linux kernel maintainers, but as of now, it remains unpatched. Users of Linux distributions should be aware of this issue and take necessary precautions to secure their systems, especially since it has been linked to ongoing exploitation in the wild.

Read Original

Cisco has addressed several serious vulnerabilities in its enterprise products, particularly in Unity Connection. These flaws, identified as CVE-2026-20034 and CVE-2026-20035, could allow attackers to execute code, perform server-side request forgery (SSRF), or disrupt services. If exploited, these vulnerabilities could have significant implications for organizations using affected Cisco products, potentially leading to unauthorized access or service outages. Cisco has released patches to fix these issues, urging users to update their systems promptly to mitigate risks associated with these high-severity vulnerabilities.

Read Original
Actively Exploited

A serious vulnerability in MetInfo CMS, labeled CVE-2026-29014, has been discovered that allows unauthenticated attackers to execute arbitrary PHP code remotely. This flaw has a high severity rating of 9.8, indicating a significant risk to users of the platform. Organizations using MetInfo should be particularly vigilant, as this could lead to unauthorized access and control over their websites. As of now, there are concerns that this vulnerability is being actively exploited, which underscores the urgency for users to take action. It is crucial for affected users to apply any available patches and review their security measures to protect against potential intrusions.

Read Original

Apache has released updates to address multiple vulnerabilities in its HTTP Server, including a serious flaw identified as CVE-2026-23918. This vulnerability, which has a CVSS score of 8.8, is a double-free error in the handling of HTTP/2 requests. If exploited, it could allow attackers to execute arbitrary code on affected systems. Organizations using Apache HTTP Server, particularly those enabling HTTP/2, should prioritize updating their software to mitigate this risk. The nature of the flaw makes it critical for system administrators to be proactive in applying the latest patches to safeguard against potential attacks.

Read Original

Palo Alto Networks has issued a warning about a serious vulnerability in its PAN-OS, identified as CVE-2026-0300, which has a high severity score of 9.3. This flaw, a buffer overflow, allows attackers to execute remote code without authentication, making it particularly dangerous. The company reports that this vulnerability is currently being exploited in the wild, putting numerous users at risk. Organizations that rely on PAN-OS should prioritize addressing this vulnerability to prevent unauthorized access and potential system compromise. Immediate action is critical to mitigate the risks associated with this active threat.

Read Original

Palo Alto Networks has announced a patch for a zero-day vulnerability, identified as CVE-2026-0300, that affects the Captive Portal service in its PAN-OS software. This vulnerability impacts both PA and VM series firewalls, allowing attackers to exploit the system and potentially gain unauthorized access. The existence of this zero-day exploit means that it is currently being used in the wild, putting users at risk. Companies using these firewalls should prioritize applying the upcoming patch to safeguard their networks. This incident underscores the need for organizations to stay vigilant and maintain their systems updated to protect against emerging threats.

Read Original

Researchers from Striga have identified two vulnerabilities in Ollama’s Windows auto-updater, designated as CVE-2026-42248 and CVE-2026-42249. When exploited together, these flaws could enable an attacker to install a persistent executable that would run every time a user logs in. Ollama is an open-source tool used for running large language models locally, appealing to users concerned about data privacy and cost. This discovery raises significant security concerns, as it could allow unauthorized access to user systems, potentially compromising sensitive data. Users of Ollama should be particularly vigilant and consider the implications of these vulnerabilities on their security posture.

Read Original

Progress Software has issued a warning about a serious vulnerability in MOVEit Automation, identified as CVE-2026-4670. This flaw impacts several versions of the software, which is widely used for automating file transfers and workflows. Organizations using affected versions should be concerned, as this vulnerability could potentially be exploited by attackers to gain unauthorized access or disrupt operations. It is crucial for companies to assess their systems and apply necessary updates to protect sensitive data. The company has urged users to monitor their systems closely and take immediate action to mitigate any risks associated with this vulnerability.

Read Original
PreviousPage 9 of 23Next