Containing a domain compromise: How predictive shielding shut down lateral movement

In this article 1. Predictive shielding overview 2. Attack chain overview 3. How predictive shielding changed the outcome 4. MITRE ATT&CK® techniques observed 5. Learn more In identity-based attack campaigns, any initial access activity can turn an already serious intrusion into a critical incide...

SUSE CVE-2026-6317

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

CVE-2026-5131 Server-Side Request Forgery in GREENmod

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, but the access control lists for these pipes are configured incorrectly. This allows an attacker to communicate with the stream and upload any XML or JSON file, which will be processed by the name...

CVE-2026-6441

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions function, which is exposed via two AJAX hooks: wpajaxupdateOptions class-canto.php line 231 an...

EUVD-2026-23362

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...

CVE-2026-5807

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...

CVE-2026-5807 Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...

CVE-2026-5807

Vault is vulnerable to a denial-of-service condition: an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot and preventing legitimate operators from completing these workflows. The issue is fixed in...

PT-2026-33487

Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description xrdp fails to implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when the Classic RDP Security layer is used. Although signatures are generated by the...

Unity Linux 20.1070a Security Update: pcs (UTSA-2026-007275)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007275 advisory. Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, a single maliciously crafted HTTP request can block the server's...

Unity Linux 20.1070a Security Update: munge (UTSA-2026-007303)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007303 advisory. MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in...

PT-2026-33406

Name of the Vulnerable Software and Affected Versions Vault Community Edition versions prior to 2.0.0 Vault Enterprise versions prior to 2.0.0 Description An unauthenticated attacker can cause a denial-of-service condition by repeatedly initiating or canceling root token generation or rekey...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007237 advisory. In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007330)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007330 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context sgfinishremreq calls blkrqunmapuser. The latter function...

Siemens Solid Edge Improper Certificate Validation (SSA-981622)

The version of Siemens Solid Edge installed on the remote Windows host is SE2025 prior to V225.0 Update 13 or SE2026 prior to V226.0 Update 04. It is, therefore, affected by an improper certificate validation vulnerability. - Affected applications do not properly validate client certificates to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007424)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007424 advisory. In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This is motivated by OOB access in...

CVE-2026-40265 Note Mark has Broken Access Control on Asset Download

Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/noteID/assets/assetID is registered without authentication middleware, and the backend query does not verify ownership or book visibility. An unauthenticated user who knows...

BIT-OAUTH2-PROXY-2026-34454 OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...

BIT-MLFLOW-2025-14279 DNS Rebinding Vulnerability in mlflow/mlflow

MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An...

[SECURITY] Fedora 44 Update: plasma-vault-6.6.4-1.fc44

Plasma Vault allows to lock and encrypt sets of documents and hide them from prying eyes even when the user is logged in...