May Linux Patch Wednesday

May Linux Patch Wednesday. A total of 1,638 vulnerabilities 474 in the Linux kernel. For comparison, in April there were 1,035 vulnerabilities a record!. And this time it turns out to be a record again, more than one and a half times higher! The acceleration is both impressive and alarming. But w...

CVE-2026-3623

IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root user’s password. Successf...

PT-2026-43704

IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root user’s password. Successf...

Exploit for Write-what-where Condition in Linux Linux_Kernel

CVE-2026-43284 xfrm/ESP page cache write exploit, 4 byte primit...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

markdown 🧬 ROSN-LR5 – Kernel LPE PoC & Mitigation Toolkit...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

DIRTYFAIL A unified detector and PoC harness for the Copy...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

GhostShell CVE-2026-31431 — Local Privilege Escalation via...

GPUBreach: Privilege Escalation Attacks on GPUs Using Rowhammer

NVIDIA GPUs with GDDR memories have been shown susceptible to Rowhammer-based bit-flips, similar to CPUs. However, Rowhammer exploits on GPUs have been limited to injecting untargeted bit-flips in victim data like weights of machine learning models, to degrade model accuracy, unlike CPU exploits...

CVE-2026-42372

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2026-42373

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2026-42375

D-Link DIR-600L A1 (End-of-Life) is affected by CVE-2026-42375 due to a hardcoded telnet backdoor. The device runs a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u u...

CVE-2026-42374

The CVE affects D-Link DIR-600L Hardware Revision B1 (EOL). A hardcoded telnet backdoor starts a telnet daemon at boot and uses the username "Alphanetworks" with a static password read from /etc/alpha_config/image_sign (wrgn61_dlwbr_dir600L). The custom telnetd accepts -u user:password, and the l...

CVE-2026-42374

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

CVE-2026-42373 D-Link DIR-605L B2 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2026-42373 D-Link DIR-605L B2 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

EUVD-2026-27021

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2026-42372 D-Link DIR-605L A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2025-13605

The CVE-2025-13605 vulnerability affects the 3onedata GW1101-1D(RS-485)-TB-P Modbus gateway (hardware version V2.2.0). An authenticated user can execute arbitrary shell commands with root privileges by supplying a payload in the IP address field of the diagnosis test tools. This issue has a CVSSv...

CVE-2025-13605 Shell command injection in 3onedata GW1101-1D(RS-485)-TB-P modbus gateway

3onedata modbus gateway device model GW1101-1DRS-485-TB-P hardware version V2.2.0 allows authenticated users to execute arbitrary shell commands in the context of the root user by providing payload in the "IP address" field of the diagnosis test tools. This issue has been resolved in firmware...

D-Link DIR-600L 信任管理问题漏洞

The D-Link DIR-600L is an entry-level wireless router from D-Link Corporation. It supports 150Mbps wireless transmission and has 4 Gigabit wired ports. There is a trust management vulnerability in the D-Link DIR-600L Hardware Revision A1. This vulnerability stems from a hard-coded telnet backdoor...