PHP SOAP Extension RCE CVE-2026-6722 Patched Across All Branches
May 13, 2026
PHP patched CVE-2026-6722, a use-after-free RCE in the SOAP extension, across all active branches (8.2, 8.3, 8.4, 8.5) — exposing
CVE Vulnerability Alerts
PHP SOAP Extension RCE CVE-2026-6722 Patched Across All Branches
PHP patched CVE-2026-6722, a use-after-free RCE in the SOAP extension, across all active branches (8.2, 8.3, 8.4, 8.5) — exposing any server handling SOAP requests.
Dirty Frag CVE-2026-43284 Exploited in Wild, Linux Patches Out
Microsoft Defender confirmed limited in-the-wild exploitation of Dirty Frag CVE-2026-43284 in Linux, a deterministic LPE chain targeting xfrm-ESP and RxRPC page caches. Patches available for ...
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
cPanel released a second emergency patch in ten days — CVE-2026-29202 and CVE-2026-29203 enable code execution — as Sorry ransomware hits 44,000 servers.
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
Apache patched CVE-2026-23918 (CVSS 8.8), a double-free in mod_http2 that enables RCE on Debian-default Linux servers. Fix ships in Apache HTTP Server 2.4.67.
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
CVE-2026-7482, dubbed 'Bleeding Llama,' exposes 300,000+ Ollama AI servers to heap memory leaks via a crafted GGUF file. Patch to version 0.17.1 is available.
cPanel and WHM Patch Three CVEs, Two Rated High Severity
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution on the host system.
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline is May 9.
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Ivanti disclosed CVE-2026-6973, an actively exploited RCE vulnerability in EPMM 12.8.0.0 and earlier. CISA set a May 10 federal remediation deadline.
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
CVE-2026-29014 in MetInfo CMS 7.9–8.1 is being actively exploited since April 25, 2026 via unauthenticated PHP injection achieving full server control. Patched April 7; ~2,000 ...
Dirty Frag CVE-2026-43284 Exploited in Wild, Linux Patches Out
May 12, 2026
Microsoft Defender confirmed limited in-the-wild exploitation of Dirty Frag CVE-2026-43284 in Linux, a deterministic LPE chain targeting xfrm-ESP and RxRPC
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
May 12, 2026
cPanel released a second emergency patch in ten days — CVE-2026-29202 and CVE-2026-29203 enable code execution — as Sorry ransomware
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
May 12, 2026
Apache patched CVE-2026-23918 (CVSS 8.8), a double-free in mod_http2 that enables RCE on Debian-default Linux servers. Fix ships in Apache
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
May 11, 2026
CVE-2026-7482, dubbed ‘Bleeding Llama,’ exposes 300,000+ Ollama AI servers to heap memory leaks via a crafted GGUF file. Patch to
cPanel and WHM Patch Three CVEs, Two Rated High Severity
May 11, 2026
cPanel patched two CVSS 8.8 flaws including Perl code execution in WHM, as the 40,000-server CVE-2026-41940 campaign remains active.
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
May 8, 2026
Researchers disclosed 12 critical vulnerabilities in the widely-used vm2 Node.js sandbox library, all enabling sandbox escape and arbitrary code execution
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
May 8, 2026
State-sponsored actors exploited CVE-2026-0300, a critical CVSS 9.3 RCE flaw in PAN-OS, for roughly one month before disclosure. CISA deadline
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
May 8, 2026
Ivanti disclosed CVE-2026-6973, an actively exploited RCE vulnerability in EPMM 12.8.0.0 and earlier. CISA set a May 10 federal remediation
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
May 6, 2026
CVE-2026-29014 in MetInfo CMS 7.9–8.1 is being actively exploited since April 25, 2026 via unauthenticated PHP injection achieving full server
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.