Tag

Vulnerability

All articles tagged with #vulnerability

security1 hour ago•5 min saved

Critical Starlette flaw threatens Python AI tooling ecosystem

A critical vulnerability named BadHost (CVE-2026-48710) in Starlette (versions before 1.0.1) can bypass host-header authentication, enabling SSRF and potential remote code execution; it endangers millions of servers and AI tooling that rely on Starlette via FastAPI, including vLLM, LiteLLM, and Text Generation Inference, given Starlette’s ~325 million weekly downloads. Security researchers from X41 D-Sec and Nemesis warn the flaw is widespread, with a scanner available to detect exposed systems. Users should upgrade Starlette and apply recommended mitigations.

via Ars Technica|

#fastapi #open-source #security

technology4 days ago•2 min saved

Nvidia pushes urgent GPU driver updates to fix high-severity flaws

Nvidia disclosed 15 security vulnerabilities across Windows and Linux graphics drivers, with nine rated high-severity that could enable system compromise, data exfiltration, or arbitrary code execution. To mitigate, modern GeForce GPUs should update to driver 596.36 (Windows users may already have 596.49 if prompted), while GTX 10‑series and older GPUs should use 482.53; Linux users should target 590.48 and verify with nvidia-smi or nvidia-settings, updating via the OS package manager. The bulletin also covers non-gaming GPUs like Quadro, NVS, and Tesla.

via Digital Foundry|

#graphics-drivers #linux #nvidia

technology4 days ago•4 min saved

Leak of unfixed Chromium bug enables JavaScript after browser close

Google unintentionally exposed details of an unfixed Chromium vulnerability that can let a Service Worker keep executing JavaScript after the browser is closed, enabling remote code execution and potential botnet-like abuse across all Chromium-based browsers. Despite reports of a fix, researchers found the issue still exploitable in some builds, prompting urgent patching efforts and highlighting that attackers could exploit it with minimal user interaction; Google awarded a bug bounty, and the disclosure raised broad risk though it doesn’t grant access to emails or the host OS.

via BleepingComputer|

#botnet #browser #chromium

security5 days ago•3 min saved

Exposed ChromaDB servers hit by high-severity RCE via post-load authentication bypass

A max-severity vulnerability in ChromaDB’s Python FastAPI server (CVE-2026-45829) lets unauthenticated attackers load a malicious model and run code before authentication, enabling remote code execution on exposed servers. The flaw affects the PyPI package (nearly 14 million monthly downloads); mitigations include using the Rust frontend or restricting network access, and validating models before runtime. Patch status is unclear after version 1.5.9, and Shodan shows about 73% of internet-exposed instances are still vulnerable.

via BleepingComputer|

#ai #chromadb #cve-2026-45829

technology5 days ago•5 min saved

Public exploit for long-unpatched Chromium flaw threatens millions

Google published exploit code for a long-unpatched Chromium vulnerability that uses the Browser Fetch API to trigger a persistent backdoor via malicious sites, potentially turning millions of Chromium-based browsers into a botnet; disclosed in 2022 and rated S1, the flaw remained unfixed for 29 months, affecting Chrome, Edge and other Chromium-based browsers while Firefox and Safari are unaffected.

via Ars Technica|

#chromium #cybersecurity #exploit

technology5 days ago•3 min saved

Drupal unveils urgent core patch to curb high-risk exploit

Drupal has issued a critical core security release to fix a high-exploitation vulnerability affecting Drupal 8 and newer. Administrators should plan to apply the update on May 20 UTC, upgrading to at least Drupal 10.6 or using hotfixes for older 9.x/8.x where available. Patches are released for 11.3.x, 11.2.x, 11.1.x, 10.6.x, 10.5.x, and 10.4.x; Drupal 8/9 are end-of-life and won’t receive patches, though hotfixes will be published for 9.5 and 8.9. Drupal Steward customers are protected but should still update. No technical vulnerability details are disclosed yet; admins should monitor Drupal’s security portal for official guidance.

via BleepingComputer|

#cms #cybersecurity #drupal

cybersecurity7 days ago•57 min saved

Admin Access Wipeout: Burst Statistics Plugin Flaw Exposes WordPress to Takeover

A critical vulnerability in the Burst Statistics WordPress plugin (versions 3.4.0–3.4.1.1, CVE-2026-8181) allows unauthenticated attackers to bypass authentication and impersonate an administrator via crafted REST API requests, potentially creating a new admin account and taking over a site. Discovered May 8, 2026 by Wordfence’s PRISM, it was patched in version 3.4.2 on May 12, 2026. The flaw stems from improper handling of authentication in the MainWP integration, enabling exploitation across REST endpoints. admins should immediate patch to 3.4.2+, audit user accounts, and monitor logs to prevent compromise.

via CyberSecurityNews|

#authentication-bypass #burst-statistics #cve-2026-8181

technology8 days ago•38 min saved

Active 0-Day Exploit Prompts Urgent Microsoft Mitigations

Microsoft has confirmed an active zero-day exploit is being used to attack Windows systems and has issued emergency mitigations. Admins should promptly apply the available patches, enable the recommended mitigations, and monitor for indicators of compromise.

via Forbes|

#microsoft #patch #security

security9 days ago•5 min saved

Azure AKS Backup Privilege Flaw: Silent Patch Suspected, No CVE Issued

Security researcher Justin O'Leary alleges a critical privilege-escalation flaw in Azure Backup for AKS could let a low-privileged user become cluster-admin via Trusted Access; Microsoft rejected the report as expected behavior with no product changes and blocked CVE issuance, while CERT/CC independently validated the bug and assigned VU#284781. After disclosure, Microsoft reportedly changed behavior and added permission checks, suggesting a silent patch; no public advisory or CVE was issued, leaving defenders with limited visibility into exposure and remediation timelines.

via BleepingComputer|

#azure #cve #disclosure

technology10 days ago•4 min saved

New Linux kernel flaw lets unprivileged users steal SSH host keys

A Linux kernel information-disclosure flaw, CVE-2026-46333 dubbed ssh-keysign-pwn, lets unprivileged users read sensitive files such as SSH host keys and the shadow password file by abusing the ptrace check logic and the ssh-keysign helper. Patches have been released across multiple stable branches, but many distros haven’t rolled them out yet. Workarounds include tightening Yama ptrace restrictions or disabling host-based SSH authentication, though both can disrupt admin workflows. Users should update to patched kernels (e.g., 7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, 5.10.256) as soon as feasible; this is the fourth major Linux kernel flaw reported in recent weeks.

via ZDNET|

#cve-2026-46333 #linux-kernel #ptrace

security11 days ago•5 min saved

18-year-old NGINX flaw raises DoS risk and possible RCE in certain configs

An 18-year-old heap buffer overflow in NGINX's rewrite_module (CVE-2026-42945) can cause denial of service and, under specific rewrite configurations, unauthenticated remote code execution. Patches are available in NGINX Open Source 1.31.0 and 1.30.1 and related F5 products; real-world exploitability is debated, but the DoS risk makes patching or applying mitigations urgent, especially where ASLR is disabled to enable RCE in PoC tests.

via BleepingComputer|

#cve-2026-42945 #dos #nginx

technology11 days ago•2 min saved

Patch Fixes ssh-keysign-pwn: Linux Kernel Corrects Root File Access by Unprivileged Users

A Linux kernel vulnerability named ssh-keysign-pwn allowed unprivileged users to read root-owned files; a mainline patch adjusting ptrace behavior has been released to fix all affected kernel releases.

via Phoronix|

#kernel #linux #privilege-escalation

security13 days ago•2 min saved

Fragnesia Emerges as New Linux Local Privilege Escalation, Patch Pending

Fragnesia has been disclosed as a new Linux kernel local privilege escalation vulnerability, mirroring the Dirty Frag issue. It stems from a logic bug in the ESP/XFRM code that allows arbitrary writes into the kernel page cache of read-only files. A two-line patch in skbuff.c exists to fix it, but it has not yet been mainlined or included in mainline releases; more details are available on the oss-security list.

via Phoronix|

#cybersecurity #linux #linux-kernel

technology14 days ago•3 min saved

AI-Driven Zero-Day Attack Could Evade 2FA, Google Warns

Google researchers revealed an AI-powered zero-day attack that identified and weaponized a previously unknown flaw in a popular open-source tool, potentially bypassing two-factor authentication; thwarted by proactive discovery, it’s the first zero-day exploit known to be developed with AI and underscores rising cybersecurity risks as AI capabilities grow.

via Futurism|

#ai #cybersecurity #google

security14 days ago•5 min saved

Linux Faces Second Major Kernel Flaw in Weeks: Dirty Frag Escalates Root Access Risk

Linux is hit by a second major kernel vulnerability in weeks, dubbed Dirty Frag, which chains two flaws to allow untrusted users to gain root access by manipulating page caches. Patches are rolling out from Debian, AlmaLinux, and Fedora, but many distributions haven’t yet applied fixes and a reboot may be required. The exploits target esp4/esp6 and rxrpc paths, with public PoCs and signs of limited in-the-wild activity. Administrators should apply patches and mitigations promptly, especially in shared environments or virtual machines, to prevent potential root compromise.

via Ars Technica|

#kernel #linux #patching