Aggregator

CVE-2026-31693 | Linux Kernel up to 6.6.127/6.12.74/6.18.15/6.19.5 cifs privilege escalation

VulDB Recent Entries
1 day 14 hours ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.6.127/6.12.74/6.18.15/6.19.5. This issue affects some unknown processing of the component cifs. Executing a manipulation can lead to privilege escalation. This vulnerability appears as CVE-2026-31693. The attacker needs to be present on the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

Krebs on Security
1 day 15 hours ago
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm's chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company's public image.
BrianKrebs

Google Gemini CLI Vulnerabilities Allow Attackers to Execute Commands on Host Systems

Cyber Security News
1 day 15 hours ago

A critical remote code execution vulnerability in the Google Gemini CLI and its associated GitHub Action. Assigned a maximum severity score of CVSS 10.0, the flaw allowed unprivileged external attackers to execute commands directly on host systems. This vulnerability effectively turned automated CI/CD pipelines into potential attack vectors in the supply chain. Unlike typical AI exploits, […]

The post Google Gemini CLI Vulnerabilities Allow Attackers to Execute Commands on Host Systems appeared first on Cyber Security News.

Abinaya

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

The Hackers News
1 day 15 hours ago
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is always a moving target. Millions of servers are currently sitting online without any passwords, and
The Hacker News

Jenkins Patches High-Severity Plugin Flaws Including Path Traversal and Stored XSS

Cyber Security News
1 day 15 hours ago

Jenkins project published a security advisory detailing patches for seven plugin vulnerabilities, including high-severity path traversal and Stored Cross-Site Scripting (XSS) flaws. Administrators must urgently update these plugins to secure their Continuous Integration and Continuous Deployment (CI/CD) pipelines against potential remote code execution and session hijacking risks. The most critical issue is a path traversal […]

The post Jenkins Patches High-Severity Plugin Flaws Including Path Traversal and Stored XSS appeared first on Cyber Security News.

Abinaya

Managed ad