Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

In 2025, we observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and Belarus. Behind some of this activity is Cloud Atlas, a group we have known since 2014. During our investigation, we identified n...

atlas-mcp (=0.1.0), blackmaria (=0.1.0) +5 more potentially affected by CVE-2026-45758 via guardrails-ai (=0.10.0)

guardrails-ai PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on guardrails-ai and may be impacted: - atlas-mcp =0.1.0 - blackmaria =0.1.0 - dao-ai =0.1.39, =0.0.0a0, =0.1.0, =0.1.3 Source cves: CVE-2026-45758 Source advisory:...

BIT-MONGODB-2026-8063 Post-auth null pointer dereference when aggregating against a view with empty search pipeline

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

atlas-mcp (=0.1.0), blackmaria (=0.1.0) +5 more potentially affected by unknown CVE via guardrails-ai (=0.10.0)

guardrails-ai PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on guardrails-ai and may be impacted: - atlas-mcp =0.1.0 - blackmaria =0.1.0 - dao-ai =0.1.39, =0.0.0a0, =0.1.0, =0.1.3 Source cves: unknown CVE Source advisory:...

PT-2026-40287

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

athina (=1.1.0), atlas-mcp (=0.1.0) +7 more potentially affected by unknown CVE via guardrails-ai (>=0.10.0 <=0.8.0)

guardrails-ai PYPI version =0.10.0, =0.1.39, =0.0.0a0, =0.0.1, =0.1.0, =0.1.3 Source cves: unknown CVE Source advisory: SNYK:PYTHON-GUARDRAILSAI-16641086...

Linux Distros Unpatched Vulnerability : CVE-2026-8063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the...

CVE-2026-8063

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

CVE-2026-8063

CVE-2026-8063 affects MongoDB Server 8.2

CVE-2026-8063

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

Post-auth null pointer dereference when aggregating against a view with empty search pipeline

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

CVE-2026-8063 Post-auth null pointer dereference when aggregating against a view with empty search pipeline

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

PT-2026-38343

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 8.2.7 Description An authenticated user can cause a denial of service by crashing the mongod process. This occurs when running $rankFusion or $scoreFusion with an empty pipeline on a view. During view resolutio...

Apache Atlas has a Code Injection Vulnerability

Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas. Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data. Affected...

GHSA-35XX-9XRG-GWHF Apache Atlas has a Code Injection Vulnerability

Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas. Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data. Affected...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the DSL search endpoint. An attacker can execute arbitrary code by placing malicious Gremlin traversal logic within grammar-allowed characters to access unintended data. Note: This is only exploitable if the...

org.apache.atlas:atlas-catalog (>=0.8-incubating <=0.8.4), org.apache.atlas:atlas-index-repair-tool (>=2.2.0 <=2.4.0) +2 more potentially affected by CVE-2026-40563 via org.apache.atlas:atlas-repository (>=0.8-incubating <=2.4.0)

org.apache.atlas:atlas-repository MAVEN version =0.8-incubating, =0.8-incubating, =2.2.0, =0.8.3, =0.8-incubating, =2.4.0 Source cves: CVE-2026-40563 Source advisory: SNYK:JAVA-ORGAPACHEATLAS-16422860...

ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), co.cask.hydrator:hive-plugins (>=1.2.0 <=2.1.2) +90 more potentially affected by CVE-2026-40563 via org.apache.atlas:atlas-intg (>=0.8-incubating <=2.4.0)

org.apache.atlas:atlas-intg MAVEN version =0.8-incubating, =3.10.0.5, =1.2.0, =0.1.1, =0.1.1, =0.1.1, =0.2.7, =2.2.0, =2.8.0 - io.github.hiverunner:hiverunner =7.0.0 - io.starburst.openx.data:json-serde =1.3.9-e.8 - io.starburst.openx.data:json-serde-cdh7-shim =1.3.9-e.8 -...

Arbitrary Code Injection

Overview org.apache.atlas:atlas-repository is an Apache Atlas Repository Module Affected versions of this package are vulnerable to Arbitrary Code Injection in the DSL search endpoint. An attacker can execute arbitrary code by placing malicious Gremlin traversal logic within grammar-allowed...

CVE-2026-40563

Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data Affect...