Important: Red Hat Security Advisory: libcap security update

An update for libcap is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

K000161622: NGINX UI vulnerability CVE-2026-42238

Security Advisory Description Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, nginx-ui exposes a backup restore endpoint POST /api/restore that is completely unauthenticated during the first 10 minutes after process startup on any fresh installation. An...

Exploit for OS Command Injection in Redhat Openshift_Container_Platform

🚨 CVE-2026-4480 - Critical Remote Code Execution in Samba Prin...

pentestai

PentestAI Autonomous penetration testing framework for intent...

HackTheBox

HackTheBox — Writeups, Tooling & Exploitation Pipelines A wor...

ROOT-APP-MAVEN-CVE-2026-42585 CVE-2026-42585 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42585 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-42579 CVE-2026-42579 in io.root.io.netty:netty-codec-dns - Patched by Root

Root has patched CVE-2026-42579 in the io.root.io.netty:netty-codec-dns package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-42580 CVE-2026-42580 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42580 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-33870 CVE-2026-33870 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-33870 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-42581 CVE-2026-42581 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42581 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-42583 CVE-2026-42583 in io.root.io.netty:netty-codec - Patched by Root

Root has patched CVE-2026-42583 in the io.root.io.netty:netty-codec package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-42578 CVE-2026-42578 in io.root.io.netty:netty-handler-proxy - Patched by Root

Root has patched CVE-2026-42578 in the io.root.io.netty:netty-handler-proxy package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-42584 CVE-2026-42584 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42584 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-41417 CVE-2026-41417 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-41417 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2025-67735 CVE-2025-67735 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2025-67735 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-42587 CVE-2026-42587 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42587 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-33871 CVE-2026-33871 in io.root.io.netty:netty-codec-http2 - Patched by Root

Root has patched CVE-2026-33871 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...