vulnerability
46 posts
CVE-2026-20182 makes Cisco SD-WAN controllers an urgent KEV priority
CVE-2026-20182 makes Cisco SD-WAN controllers an urgent KEV priority CVE-2026-20182 is not landing as a routine patch bulletin. Cisco says the flaw is already b...
May 15, 2026
6 min read
Lucas Oliveira
Research
Exim BDAT flaw makes mail servers urgent RCE patch targets
Exim BDAT flaw makes mail servers urgent RCE patch targets CVE-2026-45185 is the kind of bug that forces defenders to remember an old lesson: email infrastructu...
May 14, 2026
5 min read
Lucas Oliveira
Research
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag is the kind of Linux bug defenders worry about because it turns a limited foot...
May 10, 2026
5 min read
Lucas Oliveira
Research
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag deserves attention because it is not a theoretical Linux bug waiting for slow...
May 8, 2026
5 min read
Lucas Oliveira
Research
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path A critical point in the new PAN-OS warning is that defenders are not looking at a ro...
May 7, 2026
4 min read
Lucas Oliveira
Research
CVE-2026-31431: Copy Fail turns routine Linux access into reliable root compromise
CVE-2026-31431: Copy Fail turns routine Linux access into reliable root compromise Copy Fail is the kind of Linux flaw defenders should not shrug off just becau...
May 1, 2026
6 min read
Lucas Oliveira
Research
CVE-2026-33032 lets attackers take over exposed nginx-ui servers
CVE-2026-33032 lets attackers take over exposed nginx-ui servers CVE-2026-33032 is the kind of [vulnerability](https://invaders.ie/resources/glossary/vulnerabil...
April 27, 2026
5 min read
Lucas Oliveira
Research
Pack2TheRoot flaw puts Linux systems with PackageKit on a local root path
Pack2TheRoot flaw puts Linux systems with PackageKit on a local root path The newly disclosed Pack2TheRoot issue, tracked as CVE-2026-41651, is a strong reminde...
April 25, 2026
5 min read
Lucas Oliveira
Research
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk CVE-2025-32975 is the kind of issue defenders should triage quickly because it affects a manag...
April 22, 2026
5 min read
Lucas Oliveira
Research
SGLang CVE-2026-5760 turns malicious GGUF models into RCE
SGLang CVE-2026-5760 turns malicious GGUF models into RCE Executive summary A newly disclosed flaw in SGLang means a malicious GGUF model file can become an exe...
April 21, 2026
5 min read
Lucas Oliveira
Research
Apache ActiveMQ RCE CVE-2026-34197 Lands in CISA KEV
Apache ActiveMQ RCE CVE-2026-34197 lands in CISA KEV Executive summary CISA has added CVE-2026-34197 to the Known Exploited Vulnerabilities catalog after attack...
April 20, 2026
5 min read
Lucas Oliveira
Research
Critical protobuf.js flaw turns untrusted schemas into JavaScript code execution
Critical protobuf.js flaw turns untrusted schemas into JavaScript code execution A newly disclosed protobuf.js issue deserves attention well beyond the JavaScri...
April 19, 2026
5 min read
Lucas Oliveira
Research