#CVE
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline CVE-2026-48172 has escalated from vendor emergency to federal patching priority. On May 26, 2...
Lucas Oliveira
Research
CVE-2026-45829: ChromaDB Pre-Auth RCE Risk in AI Stacks
CVE-2026-45829: ChromaDB Pre-Auth RCE Risk in AI Stacks | 2026 Executive Summary CVE-2026-45829 is a critical ChromaDB flaw that can let unauthenticated attacke...
Lucas Oliveira
Research
CVE-2026-42945 makes NGINX rewrite chains a live patch priority
CVE-2026-42945 makes NGINX rewrite chains a live patch priority CVE-2026-42945 has moved from fresh disclosure to active exploitation in days, which is exactly...
Lucas Oliveira
Research
CVE-2026-31431: Copy Fail turns routine Linux access into reliable root compromise
CVE-2026-31431: Copy Fail turns routine Linux access into reliable root compromise Copy Fail is the kind of Linux flaw defenders should not shrug off just becau...
Lucas Oliveira
Research
CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets
CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets CVE-2026-41940 is a critical authentication bypass in cPanel and WHM, an...
Lucas Oliveira
Research
CVE-2026-42208 turns exposed LiteLLM gateways into a secrets exposure risk
CVE-2026-42208 turns exposed LiteLLM gateways into a secrets exposure risk CVE-2026-42208 is a critical SQL injection flaw in LiteLLM's proxy API key verificati...
Lucas Oliveira
Research
CVE-2026-33032 lets attackers take over exposed nginx-ui servers
CVE-2026-33032 lets attackers take over exposed nginx-ui servers CVE-2026-33032 is the kind of [vulnerability](https://invaders.ie/resources/glossary/vulnerabil...
Lucas Oliveira
Research
Pack2TheRoot flaw puts Linux systems with PackageKit on a local root path
Pack2TheRoot flaw puts Linux systems with PackageKit on a local root path The newly disclosed Pack2TheRoot issue, tracked as CVE-2026-41651, is a strong reminde...
Lucas Oliveira
Research
CVE-2026-5752 turns the Terrarium sandbox into a root-level escape risk
CVE-2026-5752 turns the Terrarium sandbox into a root-level escape risk A critical flaw in Terrarium, tracked as CVE-2026-5752, deserves attention well beyond a...
Lucas Oliveira
Research
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk CVE-2025-32975 is the kind of issue defenders should triage quickly because it affects a manag...
Lucas Oliveira
Research
SGLang CVE-2026-5760 turns malicious GGUF models into RCE
SGLang CVE-2026-5760 turns malicious GGUF models into RCE Executive summary A newly disclosed flaw in SGLang means a malicious GGUF model file can become an exe...
Lucas Oliveira
Research
Apache ActiveMQ RCE CVE-2026-34197 Lands in CISA KEV
Apache ActiveMQ RCE CVE-2026-34197 lands in CISA KEV Executive summary CISA has added CVE-2026-34197 to the Known Exploited Vulnerabilities catalog after attack...
Lucas Oliveira
Research