Linux Kernel Local Privilege Escalation Vulnerability Exploited in Attacks (Fragnesia) (CVE-2026-46300) Cybersecurity researchers have identified a new variant in the DirtyFrag family of Linux local privilege escalation vulnerabilities, named ‘Fragnesia’. Tracked... 15/05/2026 Qualys-Threat-Protect
F5 Nginx Remote Code Execution Vulnerability (CVE-2026-42945) Threat researchers identified a critical severity vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945. The vulnerability discovered by depthfirst is an 18-year-old memory corruption flaw in... 15/05/2026 Qualys-Threat-Protect
Ivanti Addresses Multiple Vulnerabilities Impacting EPM, Xtraction, Secure Access Client, & Virtual Traffic Manager Ivanti has released its May 2026 security updates, addressing security vulnerabilities across its popular products. The list of vulnerabilities and impacted products includes: Ivanti Xtraction —... 15/05/2026 Qualys-Threat-Protect
Microsoft Patch Tuesday, May 2026 Security Update Review May 2026’s Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching... 13/05/2026 Qualys-Threat-Protect
Ollama Heap Out-of-bounds Read Vulnerability Leads to Remote Process Memory Leak (CVE-2026-7482) Threat researchers have identified a critical severity vulnerability impacting Ollama. Tracked as CVE-2026-7482, successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to... 12/05/2026 Qualys-Threat-Protect
Ivanti Endpoint Manager Mobile Vulnerability Exploited in the Wild (CVE-2026-6973) Ivanti released security updates to address five high-severity vulnerabilities impacting Endpoint Manager Mobile (EPMM). One of these vulnerabilities, tracked as CVE-202606973, is said to be exploited in zero-day attacks.... 08/05/2026 Qualys-Threat-Protect
vm2 Sandbox Escape Vulnerability Allows Attackers to Execute Code (CVE-2026-26956) Security researchers have identified a critical severity vulnerability impacting the popular Node.js sandboxing library vm2. Tracked as CVE-2026-26956, successful exploitation of the vulnerability allows an attacker to escape the sandbox and execute arbitrary... 07/05/2026 Qualys-Threat-Protect
Apache Addresses Multiple Vulnerabilities Impacting the HTTP Server Apache has released security updates for the HTTP Server, addressing several security vulnerabilities. One of the vulnerabilities, tracked as CVE-2026-23918, can result in remote code execution. The Apache HTTP Server,... 07/05/2026 Qualys-Threat-Protect
PAN-OS User-ID Authentication Portal Vulnerability Exploited in Attacks (CVE-2026-0300) Palo Alto has warned its users about the active exploitation of a vulnerability in the Palo Alto User-ID Authentication Portal (aka Captive Portal) service running on... 07/05/2026 Qualys-Threat-Protect
Linux Kernel Vulnerability Exploited in the Wild (Copy Fail) (CVE-2026-31431) Threat actors are exploiting a vulnerability in the Linux Kernel tracked as CVE-2026-31431. Named Copy Fail, it’s a critical Linux kernel local privilege escalation vulnerability that allows unprivileged... 05/05/2026 Qualys-Threat-Protect