RockyLinux 10 : rsync (RLSA-2026:26332)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26332 advisory. rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding CVE-2026-43618 rsync: TOCTOU symlink race condition allowing...

CVE-2026-42014

creationtimestamp| type| source ---|---|--- 2026-06-16 04:07:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moewdvftpp2p...

MiracleLinux 8 : dotnet8.0-8.0.128-1.el8_10.ML.1 (AXSA:2026-787:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-787:10 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

CVE-2026-12222

creationtimestamp| type| source ---|---|--- 2026-06-14 14:23:10+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116748909958194636 2026-06-15 07:00:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mocpktp47b26 2026-06-15 07:30:32+00:00| seen|...

pac-exploits-priv

CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulne...

CVE-2026-6961

Mattermost CVE-2026-6961 affects Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, and 10.11.x <= 10.11.15/10.11.x

📄 AnyDesk 9.7.5 Unquoted Service Path

AnyDesk version 9.7.5 suffers from an unquoted service path vulnerability. Exploit Title: AnyDesk v9.7.5 - Unquoted Service Path Date: 2026-06-06 Exploit Author: Milad Karimi Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: http://anydesk.com...

RockyLinux 10 : mod_http2 (RLSA-2026:25225)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25225 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...

VS Code Extension Persistence

This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested against 1.120....

podman security update

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

RockyLinux 10 : libyang (RLSA-2026:24758)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:24758 advisory. libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 Tenable has extracted the preceding...

AlmaLinux 10 : .NET 8.0 (ALSA-2026:25111)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25111 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

RockyLinux 10 : cockpit-image-builder (RLSA-2026:24331)

The remote RockyLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:24331 advisory. lodash: prototype pollution in .unset and .omit functions CVE-2025-13465 lodash: lodash: Arbitrary code execution via untrusted input in template impor...

AlmaLinux 10 : .NET 9.0 (ALSA-2026:25112)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25112 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

CVE-2026-53741

creationtimestamp| type| source ---|---|--- 2026-06-10 23:47:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxvioh4dp2d...

CVE-2026-53739

creationtimestamp| type| source ---|---|--- 2026-06-10 23:37:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxuwqfxhx2h...

CVE-2026-53740

creationtimestamp| type| source ---|---|--- 2026-06-10 23:17:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxtu746tt23...

CVE-2026-10143

creationtimestamp| type| source ---|---|--- 2026-06-10 23:05:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxt5a2sss2h 2026-06-11 07:01:16+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnynq3sgq72i...

CVE-2026-42542

creationtimestamp| type| source ---|---|--- 2026-06-10 22:56:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxsn4j3i42y...

GHSA-P9CG-VQCC-GRCX

creationtimestamp| type| source ---|---|--- 2026-06-10 22:51:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxsdlo6672x...