Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
May 25, 2026
Anthropic’s Project Glasswing AI found 10,000+ high-severity CVEs in 1,000 open-source projects in one month, but only 97 patches were
CVE Vulnerability Alerts
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Anthropic's Project Glasswing AI found 10,000+ high-severity CVEs in 1,000 open-source projects in one month, but only 97 patches were deployed upstream.
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all tenants on a shared host.
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Ubiquiti patched three max-severity UniFi OS flaws enabling RCE and unauthorized file access across approximately 100,000 internet-exposed endpoints worldwide.
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
Wireshark 4.6.6 patches two dissector flaws — a ROHC crash bug and MACsec buffer overflow — that could let attackers crash analyst monitoring sessions.
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Lenovo BootRepair.sys exposes IOCTL 0x222014, letting unprivileged BYOVD attackers terminate CrowdStrike Falcon at kernel level with no administrative rights.
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
Splunk CVE-2026-20239 writes active session cookies to the _internal index in plaintext, exposing analyst tokens to any user or process reading that index.
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
CRIL documented INJ3CTOR3 deploying new JOMANGY webshell alongside a six-layer self-healing persistence mechanism against FreePBX VoIP systems for toll fraud.
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
CVE-2026-20223 lets unauthenticated remote attackers gain full Site Admin access to Cisco Secure Workload; no credentials or user interaction are required.
Chrome 148 Patches Critical WebRTC Use-After-Free
Google patched 16 Chrome vulnerabilities including critical CVE-2026-9111, a WebRTC use-after-free enabling drive-by exploitation without user interaction.
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
FortiGuard found P2PInfect enrolled enterprise GKE Kubernetes clusters for six months undetected via exposed Redis instances and a 2022 CVSS 10.0 flaw.
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
May 25, 2026
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
May 25, 2026
Ubiquiti patched three max-severity UniFi OS flaws enabling RCE and unauthorized file access across approximately 100,000 internet-exposed endpoints worldwide.
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
May 25, 2026
Wireshark 4.6.6 patches two dissector flaws — a ROHC crash bug and MACsec buffer overflow — that could let attackers
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
May 22, 2026
Lenovo BootRepair.sys exposes IOCTL 0x222014, letting unprivileged BYOVD attackers terminate CrowdStrike Falcon at kernel level with no administrative rights.
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
May 22, 2026
Splunk CVE-2026-20239 writes active session cookies to the _internal index in plaintext, exposing analyst tokens to any user or process
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
May 22, 2026
CRIL documented INJ3CTOR3 deploying new JOMANGY webshell alongside a six-layer self-healing persistence mechanism against FreePBX VoIP systems for toll fraud.
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
May 22, 2026
CVE-2026-20223 lets unauthenticated remote attackers gain full Site Admin access to Cisco Secure Workload; no credentials or user interaction are
Chrome 148 Patches Critical WebRTC Use-After-Free
May 22, 2026
Google patched 16 Chrome vulnerabilities including critical CVE-2026-9111, a WebRTC use-after-free enabling drive-by exploitation without user interaction.
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
May 22, 2026
FortiGuard found P2PInfect enrolled enterprise GKE Kubernetes clusters for six months undetected via exposed Redis instances and a 2022 CVSS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.