Bad Epoll Flaw Gives Attackers Root Access on Linux and Android
Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was missed by AI but found by a security researcher.
20 articles
Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was missed by AI but found by a security researcher.
ModSecurity, a widely used open-source web application firewall (WAF), has multiple security vulnerabilities that allow attackers to bypass detection with sp...
A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46242 and dubbed “Bad Epoll,” exposes a critical race-condition use-after-free (UAF) flaw i...
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It...
Citrix NetScaler appliances have been a constant target for attackers in recent years, most recently through an information leak vulnerability dubbed CitrixB...
A newly disclosed vulnerability in Microsoft Exchange, identified as CVE-2026-45504 (CVSS score: 8.8), exposes a critical server-side request forgery (SSRF) ...
Citrix NetScaler appliances are currently facing significant threats due to the rapid exploitation of a newly disclosed memory disclosure vulnerability, CVE-...
U.S.
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to device information or cause a denia...
Around 950 internet-facing Oracle E-Business Suite (EBS) instances have been identified as exposed following enhanced scanning efforts. At the same time, act...
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a newly discovered vulnerability in Microsoft SharePoint Server, tracked as CV...
CISA says threat actors are exploiting a recently patched SharePoint remote code execution vulnerability (CVE-2026-45659). The post CISA Warns of Actively Ex...
The U.S.
Two significant remote code execution (RCE) vulnerabilities in the widely used Cursor ID expose developers to zero-click attacks driven by prompt injection. ...
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) that can be exploited through p...
Oracle E-Business Suite flaw CVE-2026-46817 is under active attack, with about 950 vulnerable internet-facing instances still exposed. This week, Defused Cyb...
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a develop...
A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire...
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-45659 Microsoft...
The U.S.