// CVE Tracker

A use-after-free vulnerability in Dawn, Chrome's cross-platform WebGPU implementation, allows a remote attacker to execute arbitrary code in the renderer process via a malicious web page. The flaw is the fourth Chrome zero-day exploited in attacks in 2026, following use-after-free and out-of-bounds write vulnerabilities in CSS, Skia, and V8 earlier in the year. CISA added CVE-2026-5281 to the Known Exploited Vulnerabilities catalogue on 1 April 2026 with a deadline of 15 April for federal agencies.

An improper handling of length parameter inconsistency in MongoDB Server's zlib compressed protocol headers allows unauthenticated clients to trigger the server to respond with content from uninitialised heap memory. Since zlib compression is enabled by default, any internet-exposed MongoDB instance is potentially vulnerable with no authentication required. Heap memory contents may include fragments of recently processed queries, cached credentials, API keys, session tokens, and application data from collections. Approximately 87,000 internet-exposed MongoDB instances remain vulnerable globally. CISA added CVE-2025-14847 to the Known Exploited Vulnerabilities catalogue on 29 December 2025 with a federal remediation deadline of 19 January 2026.

An improper locking vulnerability in Apple operating systems allows attackers who have achieved initial code execution via the WebKit entry point (CVE-2025-31277) to escape sandbox confinement and access broader OS capabilities. CVE-2025-43510 is the second stage of the DarkSword exploit chain, enabling the transition from browser-process execution to OS-level access. CISA added this CVE to the Known Exploited Vulnerabilities catalogue on 20 March 2026 as part of the confirmed DarkSword active exploitation advisory.

A classic buffer overflow vulnerability in Apple operating system core components is the final stage of the DarkSword exploit chain, enabling attackers to write directly to kernel memory and achieve complete control over the compromised device. CVE-2025-43520 converts the OS-level access obtained via CVE-2025-43510 into full kernel compromise, allowing persistent implant installation, data exfiltration, and surveillance capabilities that survive reboots. CISA added CVE-2025-43520 to the Known Exploited Vulnerabilities catalogue on 20 March 2026.

An authentication bypass vulnerability in Ivanti Endpoint Manager (EPM) prior to version 2024 SU5 allows unauthenticated remote attackers to bypass login controls entirely by submitting a crafted HTTP request containing a specific magic number value. Successful exploitation grants direct access to the EPM Credential Vault, exposing Domain Administrator NTLM password hashes and service account credentials stored within the management system. CISA added CVE-2026-1603 to the Known Exploited Vulnerabilities catalogue on 9 March 2026 with a federal agency remediation deadline of 23 March 2026.

A prototype pollution vulnerability in Adobe Acrobat Reader allows arbitrary code execution when a user opens a specially crafted PDF file. The embedded JavaScript exploit executes automatically upon opening — no macros or additional interaction required. Exploitation since at least November 2025 followed a staged C2-driven model: the PDF contacts an attacker server, which fingerprints the victim's environment and delivers tailored RCE and sandbox escape payloads to selected targets. This staging made the malicious PDFs appear benign in automated analysis. CISA added CVE-2026-34621 to the KEV catalogue on 13 April 2026. Patched in Adobe Security Bulletin APSB26-43 released 13 April 2026.

A path traversal vulnerability in Fortinet FortiSandbox's JRPC (JSON Remote Procedure Call) API allows unauthenticated remote attackers to bypass authentication controls and invoke privileged API functions without valid credentials. The flaw enables administrative access to sandboxing configuration, policy settings, and verdict data without authentication. Disclosed as part of Fortinet's April 2026 advisory cycle alongside CVE-2026-39808.

Filter expression injection in Spring AI's FilterExpressionConverter, the shared filter translation layer used by Pinecone, Weaviate, Qdrant, Milvus, and CosmosDB vector store backends. String values containing quote characters and boolean operators are not escaped before being embedded in backend query strings, allowing attackers to inject arbitrary filter logic. In RAG applications, this can bypass document-level access controls implemented through metadata filters. Patched in Spring AI 1.1.5.

A privilege escalation vulnerability in the LiteSpeed cPanel integration plugin allows an attacker with FTP, web-shell, or low-privilege file system access to create a crafted symlink that resolves to a privileged path on the host operating system, bypassing CloudLinux CageFS filesystem isolation. Successful exploitation gives the attacker root-level write access to system files outside the intended user namespace. CISA added CVE-2026-54420 to the Known Exploited Vulnerabilities catalogue on 16 June 2026 with a federal remediation deadline of 18 June.

A command injection vulnerability in the Palo Alto Networks PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. While requiring authentication in isolation, CVE-2026-3201 is being actively chained with CVE-2026-3197 (SAML authentication bypass) to produce an unauthenticated root-level remote code execution attack against internet-exposed GlobalProtect portals. The combined exploit has been confirmed in Unit 42 incident response engagements and proof-of-concept code is publicly available.

An improper authentication vulnerability in PaperCut NG and MF allows unauthenticated remote attackers to access protected functionality and extract user account information including usernames, email addresses, department information, and hashed passwords from internal user accounts. Patched in 2023 but added to CISA KEV on 20 April 2026, confirming ongoing exploitation of unpatched PaperCut deployments across enterprise and education environments.

A command injection vulnerability in VMware Aria Operations (formerly vRealize Operations) allows unauthenticated remote attackers to execute arbitrary operating system commands on the management appliance when support-assisted product migration is in use. The vulnerability was patched by Broadcom on 24 February 2026 as part of advisory VMSA-2026-0001. CISA added CVE-2026-22719 to the Known Exploited Vulnerabilities catalogue with a federal agency remediation deadline of 24 March 2026, confirming active exploitation.

A race condition in the Windows TCP/IP network driver allows an unauthenticated, network-adjacent attacker to achieve remote code execution without user interaction on systems with IPv6 or IPSec enabled. The vulnerability was demonstrated at Pwn2Own 2026 prior to the April Patch Tuesday release. Its wormable characteristics — autonomous spread from host to host without attacker involvement — place it in the same risk category as the EternalBlue class of vulnerabilities. IPv6 is enabled by default on all modern Windows installations, making the attack surface universal across unpatched Windows environments.

A certificate authentication bypass vulnerability in OpenSSH, nicknamed SplitSSHell, allows an attacker to authenticate to an SSH server configured for certificate-based authentication by presenting a specially crafted certificate with a comma character in the Subject Alternative Name field. The comma is misinterpreted as a field separator, causing OpenSSH's certificate validation logic to incorrectly evaluate the principal validation check. Environments relying on SSH certificates for zero-trust access — including HashiCorp Vault SSH, Teleport, and similar certificate-issuing infrastructure — are at elevated risk. Fixed in OpenSSH 9.9p1.

An improper input validation vulnerability (CWE-20) in the Windows Active Directory RPC interface allows an authenticated attacker within the same AD domain to execute arbitrary code on domain controllers and member servers by sending specially crafted RPC calls. The attacker must hold a valid domain user account but requires no administrative privileges; successful exploitation achieves code execution with the permissions of the RPC host service. Microsoft rates exploitation as 'More Likely' and patched the vulnerability in the April 2026 Patch Tuesday release on 14 April 2026.

A path traversal vulnerability in the Cisco SD-WAN Software CLI allows an authenticated local attacker to gain elevated privileges and execute arbitrary commands as root. Though first disclosed in 2022, this vulnerability has been actively weaponised since early 2026 as the second stage of an attack chain paired with CVE-2026-20127. Threat actors obtain unauthenticated remote access via CVE-2026-20127, then deliberately downgrade the SD-WAN Controller to a version where CVE-2022-20775 remains present, escalate to root, and restore the original software version to conceal the downgrade. CISA includes this vulnerability in Emergency Directive 26-03.

Integer overflow in the Android Framework allows local privilege escalation from a sandboxed process without user interaction. Confirmed limited targeted exploitation in the wild; patched in Google's June 2026 Android Security Bulletin.

A link-following vulnerability (CWE-59) in the Windows Host Process for Tasks allows a local attacker with standard user privileges to substitute a symbolic link or junction at a path used by the Task Host service during a privileged file operation. Because the Task Host service operates under the SYSTEM account, successful exploitation grants the attacker complete SYSTEM-level control of the compromised device. Patched in November 2025; CISA confirmed active exploitation and added CVE-2025-60710 to the Known Exploited Vulnerabilities catalogue on 13 April 2026. Four public proof-of-concept exploits are available on GitHub.

An authentication bypass in the Palo Alto Networks PAN-OS GlobalProtect VPN gateway that allows an unauthenticated remote attacker to forge a valid session cookie and authenticate to the gateway without credentials. Once authenticated, the attacker establishes a full VPN tunnel with access to internal network segments permitted by the gateway's security policy. The vulnerability is in the session cookie validation logic and requires no prior access or user interaction. Actively exploited in two documented waves; CISA added to KEV 21 May 2026 with 1 June remediation deadline. Affects PAN-OS 10.2 (pre-10.2.8), 11.1 (pre-11.1.4), 11.2 (pre-11.2.2), 12.1 (pre-12.1.1) and Prisma Access self-managed gateways.

An integer overflow (CWE-190) in Qualcomm chipset firmware allows an attacker with local access to achieve memory corruption and potentially arbitrary code execution within the firmware subsystem context. Qualcomm confirmed limited, targeted exploitation consistent with commercial spyware or nation-state intelligence collection operations. Addressed in Google's March 2026 Android Security Bulletin (patch level 2026-03-05).

A use-after-free vulnerability in the Linux kernel's nf_tables (netfilter) subsystem allows local unprivileged users to corrupt kernel memory and escalate to root privilege. In containerised environments, the exploit enables container escape to the host kernel. Public proof-of-concept available as of 9 June 2026. Affects kernel versions 5.15 through 6.10 across all major Linux distributions. Patches available from major distros as of 10 June.

A privilege escalation vulnerability in the Dell iDRAC Service Module (iSM), the OS-level software agent that bridges server operating systems with the iDRAC out-of-band management controller on PowerEdge servers. The flaw arises from improper access control (CWE-284) in iSM's exposed interfaces. A local user with standard OS privileges can exploit the vulnerability to escalate to SYSTEM or root, as iSM operates with elevated privileges required for hardware management communication. Affects Windows iSM versions prior to 6.0.3.1 and Linux iSM versions prior to 5.4.1.1.

CVE-2026-26117 is a race condition in the Azure Arc Connected Machine Agent for Windows that allows an unprivileged domain user to obtain a handle to an internal named pipe before access controls are applied during service startup or metadata refresh. Through this handle, the attacker can request the machine's Azure managed identity access token, which can then be used to authenticate to Azure resources the machine identity has been granted access to — potentially including Key Vaults, storage accounts, and Azure RBAC-controlled APIs.

A privilege escalation vulnerability in Huawei's Versatile Routing Platform (VRP) operating system allows an authenticated local attacker with operator-level access to execute arbitrary commands as a higher-privileged system process via CLI input validation bypass. Affected platforms include Huawei enterprise switches and routers running VRP V200R021 through V200R025. An attacker with network device operator credentials can escalate to full administrative control of the device, enabling configuration tampering, credential extraction, or persistent backdoor installation.

A privilege escalation vulnerability in the Linux kernel's AP VLAN (access point virtual LAN) network driver. A local user with access to a network namespace can exploit a boundary condition in the AP VLAN driver to escalate privileges to the host kernel context. Particularly significant in containerised and virtualised environments where container processes have network namespace access by default, creating a container escape path. Affects multiple kernel release lines across Red Hat Enterprise Linux, Ubuntu, Debian, and SUSE distributions.