Skip to main content

cve

Browse all articles, tutorials, and guides about cve

9posts

Posts

Security
|7 min read

Splunk Shipped an Unauthenticated Database Sidecar: CVE-2026-20253

You did not install a PostgreSQL server, but Splunk Enterprise 10 did, and in affected versions its sidecar endpoint had no authentication. The result is a pre-auth, CVSS 9.8 path to writing files on the host as the Splunk user, now on CISA's actively-exploited list. The bug is patched; the broader lesson is about every helper service your tools quietly bundle.

Security
|7 min read

Your Automation Platform Is a Credential Honeypot: Ansible CVE-2026-11807

A missing authorization check in Event-Driven Ansible lets any logged-in user pull plaintext vault passwords, SSH keys, and OAuth tokens out of Ansible Automation Platform. It is a CVSS 9.6, it is patched, and it is a reminder of what your automation control plane really holds.

Security
|8 min read

The gRPC-Go Auth Bypass Hiding in Your Dependency Tree: CVE-2026-33186

A missing leading slash lets requests slip past gRPC-Go authorization rules. It is a CVSS 9.1, it is fixed in 1.79.3, and because gRPC-Go is a transitive dependency in a huge slice of cloud-native Go, you may be shipping it without knowing. Here is how to find out.

Networking
|11 min read

NGINX Rift (CVE-2026-42945): The 18-Year-Old Rewrite Bug That Hands an Attacker Your Worker Process

An autonomous code-audit tool found an 18-year-old heap overflow in NGINX's rewrite module. Affects every release from 0.6.27 through 1.30.0, plus NGINX Plus and the entire F5 product line. Full RCE PoC is public. Here is the one-line config grep that tells you whether you are exposed, the patch matrix, and what to do about the long tail of products that bundle the vulnerable nginx without a vendor patch yet.

Security
|12 min read

Dirty Frag (CVE-2026-43284 + CVE-2026-43500): Local Root on Every Major Linux Distro

A two-bug chain in the Linux kernel networking subsystems lets any unprivileged local user become root in a single command. The PoC is public, the embargo broke, and not all distros have a patch yet.

Security
|11 min read

Next.js 16.2.6 and 15.5.18 Ship 13 Security Fixes: Patch Now

Vercel released back-to-back security updates for Next.js covering 7 high, 4 moderate, and 2 low severity advisories, including an upstream React denial-of-service issue. Here is what is broken, who is exposed, and the rollout path.

Security
|11 min read

Mini Shai-Hulud: PyTorch Lightning Just Stole Your CI Secrets

On April 30 a supply chain worm pushed malicious versions of PyTorch Lightning (10M+ downloads/month), intercom-client, and intercom-php to PyPI, npm, and Packagist in 48 hours. It steals every credential in your CI and propagates through your own GitHub tokens. Here is what to check and what to rotate.

Security
|13 min read

CVE-2026-3854: A Single git push Owned GitHub

A semicolon in a git push option let any authenticated user run code on GitHub.com's backend and on 88% of self-hosted GitHub Enterprise installs. Here is how the bug worked and what to do.

Security
|6 min read

Two Composer Command Injection Flaws Let Attackers Run Arbitrary Code - Even Without Perforce

CVE-2026-40176 and CVE-2026-40261 affect all Composer 2.x versions. A malicious composer.json or crafted package metadata can execute OS commands on your machine. Upgrade to 2.9.6 now.