Last updated: July 6, 2026 at 12:53 AM UTC
All 559 Vulnerability 199 Breach 107 Threat 246 Defense 7

PinTheft Arch Linux LPE: RDS zerocopy double-free turned into io_uring page-cache overwrite, PoC released

The V12 security team has released a working PoC for PinTheft, a Linux kernel local privilege escalation tied to a double-free in the RDS (Reliable Datagram Sockets) zerocopy send path that can be turned into a page-cache overwrite through io_uring fixed buffers. The bug was patched earlier in May but has no assigned CVE yet. Exploitation requires the RDS module to be loaded - default only on Arch Linux among the major distributions - plus io_uring enabled and a readable SUID-root binary. PinTheft joins DirtyDecrypt, Dirty Frag, Fragnesia, and Copy Fail in a recent run of Linux LPE disclosures.

Check
Inventory Arch Linux hosts with `pacman -Q linux`. Check if RDS is loaded via `lsmod | grep rds`. Look for unexpected root shells from low-privilege users in audit logs since 2026-05-20.
Affected
Linux kernels with the RDS module enabled (default only on Arch Linux among common distros) plus io_uring enabled and a readable SUID-root binary. PoC tested on x86_64.
Fix
Apply the latest Arch Linux kernel update. Temporary mitigation: `rmmod rds_tcp rds` and blacklist via /etc/modprobe.d/pintheft.conf. Audit io_uring usage and consider raising its sysctl restrictions.

Microsoft ships mitigation for YellowKey BitLocker bypass (CVE-2026-45585), no patch yet - PoC published, TPM+PIN required

Microsoft has assigned CVE-2026-45585 and shipped mitigation guidance for YellowKey, a Windows BitLocker bypass that anonymous researcher 'Nightmare Eclipse' disclosed last week with a working PoC. The attack places crafted FsTx files on a USB drive or EFI partition, reboots into WinRE, and holds CTRL during boot to drop into a shell with full access to BitLocker-protected drives. Microsoft says no patch is available yet. Mitigations include removing the autofstx.exe entry from Session Manager's BootExecute and reconfiguring BitLocker to require TPM+PIN at startup. Nightmare Eclipse is the same researcher who recently dropped BlueHammer, RedSun, GreenPlasma, UnDefend, and MiniPlasma.

Check
Inventory Windows endpoints with BitLocker enabled. Check whether autofstx.exe is listed in HKLM\System\CurrentControlSet\Control\Session Manager BootExecute. Look for unattended USB media access on shared or kiosk machines.
Affected
Windows endpoints with BitLocker in TPM-only mode (no PIN). YellowKey requires physical access to drop FsTx files on a USB drive or the EFI partition before triggering WinRE boot.
Fix
Remove autofstx.exe from BootExecute and re-establish BitLocker trust for WinRE per CVE-2026-33825 advisory. Reconfigure BitLocker to TPM+PIN. Restrict USB boot and BIOS access on shared endpoints.

SonicWall Gen6 SSL-VPN MFA bypass (CVE-2024-12802) actively exploited - firmware patch alone insufficient, LDAP reconfiguration required

ReliaQuest has documented active in-the-wild exploitation of CVE-2024-12802, a SonicWall Gen6 SSL-VPN MFA bypass that hits Gen6 devices even after they apply the firmware patch. SonicWall's advisory makes clear that on Gen6 hardware, the firmware update alone does not fix it - administrators must also delete the LDAP configuration that uses userPrincipalName, remove cached LDAP users, drop the SSL VPN User Domain back to LocalDomain, reboot, and rebuild the LDAP config without userPrincipalName. Gen7 and Gen8 devices are patched by firmware alone. Intrusions observed between February and March 2026 looked like ransomware initial-access broker activity with 30-60 minute Cobalt Strike and BYOVD attempts.

Check
Inventory SonicWall Gen6 SSL-VPN appliances and confirm the LDAP reconfiguration was done after the firmware patch. Search VPN logs for 30-60 minute logins from new IPs in the last 90 days.
Affected
SonicWall Gen6 SSL-VPN devices running patched firmware but with LDAP still configured to use userPrincipalName in the 'Qualified login name' field. Gen7 and Gen8 are patched by firmware alone.
Fix
On Gen6: delete the existing LDAP config, remove cached LDAP users, drop the SSL VPN User Domain back to LocalDomain, reboot, then rebuild LDAP without userPrincipalName per SonicWall's advisory.

Drupal ships highly critical PostgreSQL RCE fix across 11.x and 10.x - SA-CORE patches now live, Drupal 7 unaffected

Drupal has shipped the highly critical core security release teased by PSA-2026-05-18. The flaw lets attackers achieve remote code execution on Drupal sites running PostgreSQL backends. Fixed versions are 11.3.10, 11.2.12, 11.1.10, 10.6.9, 10.5.10, and 10.4.10. The releases for supported branches also pull in upstream Symfony and Twig security fixes, making the upgrade essential even on MySQL deployments. Best-effort manual patches are available for end-of-life Drupal 9.5 and 8.9. Drupal 7 is not affected. The Drupal Security Team had warned that working exploits could follow within hours of disclosure, so administrators should patch now.

Check
Inventory Drupal sites, confirm core version, and identify PostgreSQL-backed deployments (highest-impact path). Check for unusual database queries or admin-account changes during the May 20 disclosure window.
Affected
Drupal core 11.3.x, 11.2.x, 11.1.x, 10.6.x, 10.5.x, 10.4.x. Best-effort patches for EOL 9.5 and 8.9. Drupal 7 not affected. PostgreSQL backends face RCE; MySQL deployments still need the upgrade.
Fix
Upgrade Drupal core to 11.3.10, 11.2.12, 11.1.10, 10.6.9, 10.5.10, or 10.4.10 immediately. For EOL 9.5 and 8.9, apply the manual patches and plan migration to a supported branch.

ChromaDB CVE-2026-45829: unauthenticated RCE via pre-auth model load - 73% of internet-exposed servers vulnerable

HiddenLayer has disclosed a maximum-severity unauthenticated remote-code-execution vulnerability, CVE-2026-45829, in ChromaDB's Python FastAPI server. ChromaDB is one of the most popular vector databases backing retrieval-augmented-generation pipelines, with about 14 million monthly PyPI downloads. A vulnerable endpoint marked as authenticated lets an attacker embed model settings before authentication is checked, so a crafted request makes ChromaDB load a malicious model from Hugging Face and execute it locally. The auth check fires only after the payload has already run. The bug was introduced in 1.0.0 and was still present in 1.5.8. HiddenLayer's Shodan sweep shows ~73% of internet-exposed Chroma instances are vulnerable.

Check
List Python ChromaDB deployments and versions. Check whether the FastAPI HTTP server is reachable beyond its host network. Capture access logs to /api/v1/auth endpoints since 2026-02-17.
Affected
ChromaDB Python FastAPI server 1.0.0 through at least 1.5.8 (1.5.9 status unclear) that exposes the HTTP server to the network. Rust frontend and local-only Python deployments are not affected.
Fix
Move to the Rust frontend, or take the Python HTTP server off the network and front it with an authenticated reverse proxy. Restrict the ChromaDB API port to localhost or VPC-only.

Drupal shipping highly critical core security update today (May 20, 17:00-21:00 UTC) - PSA-2026-05-18, severity 20/25, unauthenticated

Drupal is releasing an emergency core security update on May 20 between 17:00 and 21:00 UTC. Pre-disclosure advisory PSA-2026-05-18 rates the issue 'highly critical' (20 of 25 on Drupal's scoring) and notes access complexity 'None' and authentication 'None' - meaning the underlying flaw is unauthenticated and easy to trigger. Patches will land for the supported 11.3.x, 11.2.x, 10.6.x, and 10.5.x branches, plus emergency patches for EOL 11.1.x and 10.4.x. Drupal 7 is not affected. Drupal 8 and 9 will only get best-effort manual patch files. The Drupal Security Team warns working exploits may follow within hours of disclosure.

Check
Inventory all Drupal sites and their exact versions. Flag any site on Drupal 8 or 9 since these need manual best-effort patches and a planned upgrade.
Affected
All supported Drupal core 11.x and 10.x; pre-patched 11.1.x and 10.4.x EOL branches available; Drupal 8/9 best-effort only. Drupal 7 is not affected.
Fix
Pre-upgrade to 11.1.9 or 10.4.9 today before the security release lands. Apply the patch the moment it ships and plan an upgrade to 11.3 or 10.6 within the next quarter.

SEPPmail Secure Email Gateway RCE chain allows attacker to read all mail traffic and persist on the gateway

Researchers have disclosed a chain of vulnerabilities in SEPPmail Secure Email Gateway that lets an attacker turn unauthenticated web requests into remote code execution by inflating the SEPPMaillog file past its 10,000 KB limit, which forces newsyslog to rotate logs and signal syslogd to reload its configuration. Combined with the other flaws in the chain, the attacker reads all mail traffic on the appliance and persists indefinitely. SEPPmail has patched CVE-2026-44128 in version 15.0.2.1, CVE-2026-44126 in 15.0.3, and the rest in 15.0.4. The disclosure follows last month's CVE-2026-27441 (CVSS 9.5) OS command-execution fix in the same appliance.

Check
Inventory SEPPmail Secure Email Gateway appliances and exact versions. Pull web access logs for unusually large or repeated requests that could bloat SEPPMaillog past its rotation threshold.
Affected
SEPPmail appliances on versions earlier than 15.0.4. Last month's CVE-2026-27441 (CVSS 9.5) OS-command-execution flaw in the same product remains relevant if unpatched.
Fix
Upgrade SEPPmail to 15.0.4 immediately. If you cannot, restrict admin and webmail interfaces to a management VLAN behind VPN and monitor log file sizes for unusual growth.

Huawei VRP router zero-day crashed Luxembourg's entire telecom network for 3+ hours (July 2025, disclosed now)

Recorded Future News has connected last summer's three-hour POST Luxembourg outage - which took down landline, 4G, and 5G networks across the country and left residents unable to dial emergency services - to a zero-day in Huawei enterprise routers running VRP. Specially crafted network traffic merely passing through caused the routers to enter a continuous restart loop. Luxembourg's prosecutor concluded no one had targeted Luxembourg specifically; the data was just transit traffic. Huawei has not assigned a CVE for the bug and routes its enterprise advisories through a restricted customer portal rather than publicly, leaving operators with little ability to track exposure.

Check
Inventory Huawei VRP-based routers (NetEngine, AR series, CloudEngine) and software versions. Confirm direct access to Huawei's restricted customer portal so you receive enterprise advisories.
Affected
Huawei enterprise routers running VRP that process untrusted internet traffic. Service providers are most exposed; downstream enterprise customers face transit risk.
Fix
Apply the latest Huawei VRP updates via your customer portal. Where possible, deploy multi-vendor diversity at network borders so a single buggy product cannot take down your entire WAN.

DirtyDecrypt Linux kernel root escalation PoC released - rxgk pagecache write affects Fedora, Arch, openSUSE Tumbleweed

A working proof-of-concept exploit for a recently patched Linux kernel local privilege escalation is now public. Researchers at V12 found the bug in May and were told it had already been fixed in the mainline kernel on April 25, matching CVE-2026-31635 per Tharros analyst Will Dormann. The flaw is a missing copy-on-write check in rxgk_decrypt_skb, the kernel routine that decrypts RxGK packets for the Andrew File System. Exploitation requires CONFIG_RXGK, limiting impact to leading-edge distros like Fedora, Arch Linux, and openSUSE Tumbleweed. DirtyDecrypt joins Dirty Frag, Fragnesia, and Copy Fail in a recent wave of Linux LPE disclosures.

Check
Run 'uname -r' across your Linux fleet, flag hosts on Fedora, Arch, openSUSE Tumbleweed, or any mainline kernel with CONFIG_RXGK. Search audit logs for unexpected setuid execs since 2026-04-25.
Affected
Linux kernels built with CONFIG_RXGK enabled, primarily Fedora, Arch Linux, and openSUSE Tumbleweed. Distributions on long-term stable kernels (RHEL, Debian stable, Ubuntu LTS) are not typically affected.
Fix
Apply your distribution's latest kernel updates. Temporary mitigation (also breaks AFS and IPsec VPNs): blacklist esp4, esp6, and rxrpc via /etc/modprobe.d/, unload with rmmod, drop the page cache.

OpenClaw 'Claw Chain': four sandbox-escape and priv-esc flaws on ~180K public AI agent instances (patched 2026.4.22)

Researchers at Cyera have disclosed a chain of four vulnerabilities in OpenClaw, an open-source autonomous AI agent platform that Nvidia and Tencent have built enterprise products on top of. The chain - CVE-2026-44112 (CVSS 9.6), CVE-2026-44113, CVE-2026-44115, and CVE-2026-44118 - lets an attacker who can influence the agent's input (through a malicious plugin, prompt injection, or compromised tool output) break out of the OpenShell sandbox, read environment-stored API keys, elevate to owner-level privileges, and write persistent backdoors. Each step looks like normal agent behavior. Shodan and Zoomeye between them counted 65,000 to 180,000 public OpenClaw instances earlier in May. All flaws are fixed in OpenClaw 2026.4.22.

Check
Inventory OpenClaw, NemoClaw, and ClawPro deployments. Check installed version via --version or /api/version. Search agent logs for unexpected symlink creation or env-var reads inside heredocs.
Affected
All OpenClaw releases prior to version 2026.4.22 (April 23, 2026). Nvidia NemoClaw and Tencent ClawPro builds derived from older OpenClaw cores inherit the same flaws unless rebased.
Fix
Update to OpenClaw 2026.4.22 or later. Until then, scope the OpenShell sandbox to a read-only filesystem, strip secrets from the agent's environment, and route egress through a logging proxy.