Expert_Sort7434

• CVE-2026-0257: are VPN auth cookies becoming the next perimeter identity blind spot?

  Posted by Expert_Sort7434@reddit | linuxadmin | View on Reddit | 1 comments

• PyTorch Lightning 2.6.2/2.6.3 supply chain attack malware executes on import, steals cloud creds.

  Posted by Expert_Sort7434@reddit | Python | View on Reddit | 27 comments

• CVE-2026-42897 Exchange Server Zero-Day — No Patch, Active Exploitation, EEMS Is Your Only Option Right Now — How Are You Handling This?

  Posted by Expert_Sort7434@reddit | linuxadmin | View on Reddit | 4 comments

• Google GTIG just documented the first confirmed AI-developed zero-day vulnerability — some technical details worth discussing

  Posted by Expert_Sort7434@reddit | linux | View on Reddit | 4 comments

• CVE-2026-41940 cPanel/WHM CVSS 9.8 auth bypass — was a zero-day for 60 days before patching. Anyone seeing active exploitation evidence in their logs?

  Posted by Expert_Sort7434@reddit | sysadmin | View on Reddit | 22 comments

• Exim CVE-2026-45185 "Dead.Letter" — CVSS 9.8 UAF via GnuTLS/BDAT, unauthenticated RCE. The BDAT handler has now been the source of two 9.8 CVEs.

  Posted by Expert_Sort7434@reddit | linuxadmin | View on Reddit | 5 comments

• Linux "Dirty Frag" LPE (CVE-2026-43284 + CVE-2026-43500): Two page-cache write primitives chain to root on all major distros — PoC public, RxRPC half unpatched

  Posted by Expert_Sort7434@reddit | linuxadmin | View on Reddit | 4 comments

• CVE-2026-0300 PAN-OS — Unauthenticated Root RCE via Buffer Overflow on Captive Portal. No patch until May 13. How are orgs handling this?

  Posted by Expert_Sort7434@reddit | linuxadmin | View on Reddit | 7 comments

• CVE-2026-32201 SharePoint Zero-Day — 1,300+ servers still exposed 3 weeks after the patch. Is anyone else seeing exploitation artifacts in ULS logs?

  Posted by Expert_Sort7434@reddit | sysadmin | View on Reddit | 17 comments

• SonicWall disclosed three SonicOS CVEs (CVE-2026-0204/0205/0206) — unauthenticated auth bypass on management interface + path traversal + SSL-VPN DoS. All Gen6/7/8 affected. Thoughts on management interface exposure posture?

  Posted by Expert_Sort7434@reddit | sysadmin | View on Reddit | 1 comments