CVE-2026-0261

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

Fragnesia: Linux Kernel Local Privilege Escalation via ESP-in-TCP

A new page-cache corruption vulnerability in the Dirty Frag family enables unprivileged local attackers to achieve root...

pocs

Fragnesia Abstract https://github.com/user-attachment...

Deciso OPNsense 操作系统命令注入漏洞

Deciso OPNsense is a firewall and router operating system developed by the Dutch company Deciso. Versions of Decivo OPNsense prior to 26.1.8 contained an operating system command injection vulnerability. This vulnerability stemmed from the local user synchronization process, where attackers could...

cPanel SQL注入漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a SQL injection vulnerability, which stems from insufficient SQL query cleaning in the sqloptimizer tool script. If the slow...

PT-2026-40827

Name of the Vulnerable Software and Affected Versions OPNsense versions prior to 26.1.8 Description An authenticated Remote Code Execution issue in the core of this FreeBSD-based firewall and routing platform allows a user with user-management privileges to execute arbitrary system commands as...

Palo Alto Networks PAN-OS 操作系统命令注入漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There is a vulnerability in PAN-OS related to command injection. This vulnerability stems from multiple command injections, which may allow authenticated administrators to bypass system...

PT-2026-40757

Name of the Vulnerable Software and Affected Versions PAN-OS affected versions not specified Description Multiple command injection flaws in PAN-OS software allow an authenticated administrator to bypass system restrictions and execute arbitrary commands with root privileges. Exploitation require...

Palo Alto Networks Prisma Access Agent 安全漏洞

Palo Alto Networks Prisma Access Agent is a zero-trust network access client agent developed by Palo Alto Networks. There is a security vulnerability in the Palo Alto Networks Prisma Access Agent, which stems from issues with the permission management mechanism. This vulnerability allows...

PT-2026-48611

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A local privilege escalation issue exists in FreeBSD kTLS-RX. The flaw allows a local user to overwrite files they have read access to by utilizing in-place AES-GCM decryption over sendfile2...

PT-2026-40770

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Prisma Access Agent affected versions not specified Description A flaw in the privilege management mechanism allows a locally authenticated non-administrative user to escalate privileges to root on macOS and Linux, or NT...

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS software enable an authenticated administrator t...

PT-2026-40830

Name of the Vulnerable Software and Affected Versions OPNsense versions prior to 26.1.8 Description Unsanitized user input is passed to the DHCP configuration of the configured interface and subsequently processed by a shell script. This allows remote code execution as root on the underlying...

PT-2026-40816

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to May 13, 2026 Description A local privilege escalation issue exists in the Linux kernel networking stack, specifically within the XFRM ESP-in-TCP subsystem. The problem stems from a logical error in several...

CVE-2026-44218

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

EUVD-2025-209782

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...