76 matches found
CVE-2026-60109
Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRBERROR message with error-code 25 KDCERRPREAUTHREQUIRED containing a PA-DATA element with padata-type 2, 3,...
CVE-2026-60109
Zeek
CVE-2026-57915
A flaw was found in Apache Kerby. An attacker can bypass the Kerberos pre-authentication check by sending a Pre-Authentication Data PA-DATA packet with an unrecognized or unsupported type. This vulnerability allows an attacker to circumvent the initial authentication step, potentially leading to...
Linux Distros Unpatched Vulnerability : CVE-2026-42189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of- service vulnerability exists in the server's...
CVE-2026-33384
QuickCMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in a patch to version...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Out-of-bounds access has been avoided in the decodepreauthctxt function. It has been confirmed that the address of pnegctxt-HashAlgorithms lies within the boundaries of the SMB request. The deassemblenegcontexts function...
RHEL 9 : dovecot (RHSA-2026:17628)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17628 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...
UBUNTU-CVE-2026-6918
In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940: cPanel/WHM Authentication Bypass Analysis...
Exploit for SQL Injection in Dbgpt Db-Gpt
CVE-2025-51458-exp Pre-Auth SQL Injection in DB-GPThttps:/...
CVE-2026-39337
ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard allows unauthenticated attackers to inject arbitrary PHP code during the initial installation process, leading to complete server...
CVE-2026-24352 Session Fixation in PluXml CMS
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this...
PT-2026-22322
Name of the Vulnerable Software and Affected Versions Johnson Controls Frick Controls Quantum HD versions 10.22 and prior Description A flaw exists in Johnson Controls Frick Controls Quantum HD that allows for code injection. Insufficient input validation in certain parameters may allow for...
Metasploit Wrap-Up 01/23/2026
Oracle E-Business Suite Unauth RCE This week, we are pleased to announce the addition of a module that exploits CVE-2025-61882, a pre-authentication remote code execution vulnerability in Oracle E-Business Suite versions 12.2.3 through 12.2.14. The exploit chains multiple flaws—including SSRF, pa...
CVE-2026-22198
GestSup prior to 3.2.60 (with sources also citing up to 3.2.56 in ENISA EUVD) contains a pre-authentication stored XSS in the API error logging. An unauthenticated attacker can craft the X-API-KEY header (e.g., to /api/v1/ticket.php) to inject HTML/JavaScript into log entries; when an administrat...
EUVD-2023-60391
In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...
CVE-2023-54250 ksmbd: avoid out of bounds access in decode_preauth_ctxt()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...
How Trellix Helix detects AS-REP Roasting in Active Directory
How Trellix Helix detects AS-REP Roasting in Active Directory By Adithya Chandra and Maulik Maheta · November 13, 2025 Executive Summary Adversaries use AS-REP Roasting to extract and crack password hashes from Active Directory AD accounts with Kerberos preauthentication disabled, a...
EUVD-2015-2784
Malware in sbrugna...
ksmbd: fix null pointer dereference in alloc_preauth_hash()
...