cve-2026-21262 – Seite 3 – Wolfinisoftware.de

soc

CVE-2026-23918: Apache HTTP Server HTTP/2 Double Free With Possible RCE

06.05.2026

CVE-2026-23918: Apache HTTP Server HTTP/2 Double Free With Possible RCE CVE-2026-Adresse geschuetzt(httpd) that affects its HTTP/2 implementation and can lead to a double free during an HTTP/2 stream “early reset” condition. Apache describes the impact as “Double Free and possible RCE,” meaning the worst case is remote code […]

Mehr lesen →

soc

CVE-2026-23918: Critical Apache HTTP/2 Flaw Can Trigger DoS and Possible RCE

06.05.2026

Apache has patched CVE-2026-23918, a critical flaw in Apache HTTP Server’s HTTP/2 handling that Apache describes as a “double free and possible RCE.” The issue affects Apache HTTP Server 2.4.66 and was fixed in 2.4.67, released on May 4, 2026. The CVE-2026-Adresse geschuetzt. Public reporting […] The post CVE-2026-23918: Critical Apache HTTP/2 Flaw Can Trigger […]

Mehr lesen →

soc

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation

05.05.2026

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation Progress Software has disclosed and patched two vulnerabilities in MOVEit Automation, its managed file transfer automation and workflow engine. CVE-2026-4670 is an authentication bypass, and CVE-2026-5174 is a privilege escalation issue tied to improper input validation. The issues relate to MOVEit Automation’s service […]

Mehr lesen →

security

CVE-2026-31431: Copy Fail vs. rootless containers

05.05.2026

Comments

Mehr lesen →

soc

CVE-2026-31431: “Copy Fail,” the Nine-Year-Old Linux Bug Introduced in 2017

30.04.2026

CVE-2026-31431: “Copy Fail,” the Nine-Year-Old Linux Bug Introduced in 2017 A vulnerability hiding in plain sight for nearly a decade, capable of granting full root access to almost any Linux server with just a 732-byte Python script. Meet “Copy Fail” (CVE-2026-31431), a critical local privilege escalation flaw in the Linux kernel that affects virtually every […]

Mehr lesen →

soc

CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover

30.04.2026

A newly disclosed CVE-2026-Adresse geschuetzt& WHM has put internet-facing hosting infrastructure under urgent scrutiny. The flaw carries a CVSS score of 9.8 and can let an unauthenticated remote attacker bypass authentication and gain administrative access, while cPanel’s advisory says the issue affects cPanel software, including DNSOnly, across all versions after 11.40. For […] The post […]

Mehr lesen →

security

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

30.04.2026

The critical CVE-2026-Adresse geschuetzt, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. […]

Mehr lesen →

security

Copy Fail – CVE-2026-31431

29.04.2026

Comments

Mehr lesen →

security

Firefox Vulnerability Allows Tor User Fingerprinting

27.04.2026

The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10. The post Firefox Vulnerability Allows Tor User Fingerprinting appeared first on SecurityWeek.

Mehr lesen →

soc

CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data

23.04.2026

Apple has released security updates to address a Notification Services issue in iOS and iPadOS that could cause alerts marked for deletion to remain stored on a device. The fix was delivered in iOS 26.4.2 / iPadOS 26.4.2 and iOS 18.7.8 / iPadOS 18.7.8, where Apple says the problem was resolved through improved data redaction. […]

Mehr lesen →

Tag: cve-2026-21262