News Updated 3 days ago
Windows BitLocker Bypassed in Minutes via WinRE: CVE-2026-45585 (YellowKey) — Apply the June Update
LinuxSecurity
A flaw (CVE-2026-45585, 'YellowKey') abuses the Windows recovery environment WinRE to defeat BitLocker disk encryption and the UEFI/BIOS password in minutes with physical access and one USB stick. It breaks the 'encrypted, so safe' premise for lost or stolen PCs. Microsoft fixed it in the June 2026 update — apply it now.
2026.06.239 views
News Updated 4 days ago
Ubuntu's AD Tool ADSys Trusts Forged Certificates: CVE-2026-12249 (CVSS 9.0) — Update Now
LinuxSecurity
ADSys, the official tool for managing Ubuntu under Windows Active Directory, has a critical flaw (CVSS 9.0, CVE-2026-12249). Because certificate auto-enrollment ran over plain HTTP, an attacker on the network can make endpoints trust forged certificates, enabling interception and impersonation. Fixes are out for each Ubuntu release; update now.
2026.06.232 views
News
Acer, ASUS, Toshiba and More: Secure Boot Bypass Risks a Malware That Won't Wipe (JVNVU#93024090)
LinuxSecurityInfrastructure
PCs from several makers—Acer, ASUS, GIGABYTE, Toshiba and more—have a weakness that lets attackers slip past Secure Boot, the startup safety check (JVNVU#93024090). If abused, malware that survives an OS reinstall and evades antivirus can be planted deep in the machine. The attack needs admin rights or physical access; fix it with maker firmware updates and DBX updates.
2026.06.1914 views
News Updated 6 days ago
Is SignalRGB Safe? Update to 1.3.7 to Fix Its Kernel Driver Flaws (CVE-2026-8049/8050)
SecurityLinux
Two flaws in the kernel driver that SignalRGB installs — CVE-2026-8049, where any local user can reach admin-level hardware operations, and CVE-2026-8050, which can repeatedly crash the PC — were disclosed via JVN and CERT/CC. Both are local but usable for privilege escalation, and because the driver is signed it can be carried onto other machines as a BYOVD tool. WhirlwindFX fixed them in 1.3.6 / 1.3.7.0. Here is how to update and what to check.
2026.06.186 views
News
Flaw in Pi-hole, the Popular Ad Blocker: Someone on Your Network Can Hijack the Admin Panel Without a Password, CVE-2026-44693, Update to v6.6.1
LinuxInfrastructureSecurity
A flaw in FTL, the core engine of Pi-hole, the ad blocker widely used in homes and offices (CVE-2026-44693, CVSS 8.8): a third party on the same network can flood it while an admin is active, steal the session ID, and hijack the admin panel without a password — enabling DNS rewrites and browsing-history access. It affects v6.0 to v6.6.0; update to v6.6.1 or later now.
2026.06.114 views
News
Flaw in Dracut, a Core Linux Boot Tool: A Rogue Device on Your Network Can Hijack the System at Boot, CVE-2026-6893
InfrastructureSecurityLinux
A flaw in Dracut, the tool that handles the boot entry point for much of the Linux world (CVE-2026-6893, CVSS 8.8): a rogue server on the same network can hijack a machine with root privileges the moment it boots, striking the defenseless earliest boot stage. It affects network-boot (PXE, etc.) setups. Apply each distro's update and isolate the network.
2026.06.114 views
News
Linux container-escape flaw CVE-2022-0492 exploited; CISA orders a fix
InfrastructureSecurityLinux
Linux cgroups v1 flaw CVE-2022-0492 is being exploited and CISA added it to KEV. A missing permission check on release_agent enables container escape and privilege escalation. Escape needs conditions like privileged containers. Update to kernel 5.17+ and harden.
2026.06.0329 views
News
Unauthenticated RCE in Samba: CVE-2026-4408 Injects Commands via %u in check password script, Patch to 4.24.3 Now
InfrastructureLinuxSecurity
Samba file servers and classic domain controllers are exposed to unauthenticated RCE via CVE-2026-4408 (CVSS 9.0). The %u substitution in check password script passes the client-controlled username to the shell without escaping metacharacters, allowing arbitrary root command execution over SAMR. Fixed in Samba 4.22.10, 4.23.8, and 4.24.3.
2026.05.2824 views
News
Two Unauthenticated RCEs in Pi.Alert: CVE-2026-44887 / 44888 Hit Home Network Watchers
SecurityLinuxInfrastructure
Pi.Alert, the home/SOHO Wi-Fi and LAN intruder detector, ships with two unauthenticated RCE flaws (CVE-2026-44887/44888, both CVSS 9.8). Web protection is disabled by default, letting any attacker write Python code into pialert.conf which the scan daemon then loads via exec(). Patched in the 2026-05-07 release.
2026.05.2815 views
News
LibVNCClient Flaw CVE-2026-44988: Malicious VNC Server Can Hijack Your PC On Connect
SecurityDevelopmentLinux
CVE-2026-44988 (CVSS 8.8) hits LibVNCClient v0.9.15 and earlier. A malicious VNC server can send crafted framebuffer-update rectangles to overwrite memory on the connecting client, leading to potential RCE. Remmina, KRDC, ZoneMinder and other downstream projects are affected. No tagged release with the fix has shipped yet.
2026.05.2817 views
News Updated 6 days ago
Is IINA Safe? One Malicious Link Can Hijack Your Mac (CVE-2026-47114) — Update to 1.4.3
DevelopmentSecurityLinux
A critical CVSS 8.8 vulnerability has been found in IINA, the popular open-source video player for Mac. Just clicking a malicious link and approving the open prompt lets attackers run arbitrary commands on your Mac. Used by 44K+ GitHub stargazers, the project has shipped a fix in version 1.4.3 and immediate updates are advised.
2026.05.2239 views
News
Linux Fragnesia CVE-2026-46300: third pipe root-takeover chain in 3 weeks
LinuxSecurityInfrastructure
A new Linux kernel privilege escalation "Fragnesia" (CVE-2026-46300) was disclosed on May 13 — the third root-takeover bug in three weeks after Copy Fail and Dirty Frag. We explain the structural pattern of XFRM/ESP's aging design and a five-layer mitigation frame for operators.
2026.05.1445 views
