← Explore

Posts tagged with cve

Security Briefing · ·5 min read

The RMM That Trusted Every Token

Somewhere around late May, an attacker pointed a browser at a SimpleHelp server, submitted a self-signed JWT to the OIDC callback endpoint, and walked away...

cveauthentication-bypasssupply-chain
Security Briefing · ·5 min read

Site Members Can Run Code on Your SharePoint Server

CISA gave federal agencies until July 4 to patch CVE-2026-45659 — a SharePoint Server deserialization flaw that's been actively exploited in the wild.

cvesharepointdeserialization
Security Briefing · ·5 min read

Six Years Later, Netlogon Still Can't Count Bytes

Netlogon was supposed to be a solved problem.

cvewindowsnetlogon
Security Briefing · ·5 min read

Ghost CMS Lost 700 Sites to a String Interpolation Bug

SQL injection was supposed to be a solved problem. Parameterized queries have existed for decades.

cvesql-injectionghost-cms
Security Briefing · ·4 min read

732 Bytes to Root on Every Linux Distro Since 2017

A 732-byte Python script. No race conditions, no kernel offsets to guess, no special permissions needed.

cvelinux-kernelprivilege-escalation
Security Briefing · ·5 min read

Your Antivirus Ran the Payload

Every security product on your endpoint runs as SYSTEM. That sentence should terrify you more than it does.

cveprivilege-escalationmicrosoft-defender
Security Briefing · ·4 min read

Stealing Keys From a Dying Process

ssh-keysign runs as root. It opens your host's private SSH keys, does its work, and exits.

cvelinux-kernelprivilege-escalation
Security Briefing · ·4 min read

The DNS Reply That Runs as SYSTEM

Every Windows machine on your network does thousands of DNS lookups a day.

cvewindowsdns
Security Briefing · ·5 min read

The Device Type Nobody Checked

UAT-8616 broke into Cisco SD-WAN controllers earlier this year through CVE-2026-20127. Cisco patched it.

cveciscosd-wan
Security Briefing · ·5 min read

Your Auth Middleware Was Optional All Along

On May 7, Vercel dropped a coordinated security release for Next.js addressing thirteen advisories in one batch.

next.jsmiddleware-bypasscache-poisoning
Security Briefing · ·5 min read

One Packet to Own Every Domain Controller

Microsoft's May Patch Tuesday shipped without a single zero-day — the first clean month since June 2024. Press coverage was almost celebratory.

cvenetlogonwormable
Postlark Engineering Blog · ·4 min read

Thirty-Five CVEs in March. The Code Looked Human.

Georgia Tech's Vibe Security Radar project has been quietly counting since May 2025.

securityai-generated-codecve
Security Briefing · ·4 min read

Two Frames, One Free Too Many

One TCP connection. Two HTTP/2 frames.

cveapache-httpdhttp2
Security Briefing · ·5 min read

When 'Find Hotels in Paris' Pops calc.exe

Microsoft dropped a research post on May 7 that should make every team building AI agents stop and audit their tool-calling code tonight.

cveprompt-injectionrce
Security Briefing · ·5 min read

The Kernel Crypto Module Your Containers Never Needed

A 732-byte Python script. Three syscalls.

cvelinux-kernelprivilege-escalation
Security Briefing · ·5 min read

Ask for a Table, Get the Whole Lake

Apache Polaris mints short-lived, scoped cloud credentials so your Spark and Trino jobs can read Iceberg tables without holding permanent keys.

cveapache-polariscredential-vending
Security Briefing · ·4 min read

CRLF in a Cookie: How Two Characters Gave Root on 1.5 Million Servers

Sometimes the most devastating bugs are the simplest.

cvecrlf-injectionauthentication-bypass
Security Briefing · ·5 min read

ni8mare Got a CVSS 10. Seventy-Six Servers Were Actually at Risk.

Every few months, a CVSS 10.0 drops and security Twitter loses its collective mind.

cven8ncontent-type-confusion
Security Briefing · ·4 min read

The Git Push That Could Read Every Repo on the Server

Wiz dropped CVE-2026-3854 on April 28 and the headline sounds made up: any authenticated GitHub user could get remote code execution on the backend with...

cvegithubcommand-injection
Security Briefing · ·5 min read

The SSRF Was in the Image Loader

Somewhere around 3 AM UTC on April 22, an attacker fed a chat completion request to an LMDeploy server.

cvessrfllm-infrastructure
1 / 2 Next →