Secure Bulletin Navigating the cyber sea with knowledge
Home > Categoria > Vulnerability
Latest news

FreeBSD DHCP Client Flaw CVE-2026-42511 Allows Root Code Execution via Rogue DHCP Server

4 May 2026  |  dark6  |  Vulnerability

A critical vulnerability in the FreeBSD DHCP client, CVE-2026-42511, allows attackers on the same local network to execute arbitrary commands as root by injecting malicious directives through a...

>> read more

Exim 4.99.2 Patches Four Vulnerabilities Including Heap Corruption, DNS Crash, and Memory Leaks

4 May 2026  |  dark6  |  Vulnerability

The Exim development team has released version 4.99.2 to fix four security vulnerabilities — including a DNS-triggered crash on musl systems (CVE-2026-40684), heap corruption via malformed JSON (CVE-2026-40685),...

>> read more

APT Campaign Exploits cPanel CVE-2026-41940 to Breach Government and Military Servers Across South-East Asia

3 May 2026  |  dark6  |  Vulnerability

A sophisticated threat actor has exploited the critical cPanel authentication bypass CVE-2026-41940 to compromise government and military servers across South-East Asia, while also deploying a custom zero-day SQL-to-OS...

>> read more

cPanelSniper PoC Exploit Released for CVSS 9.8 Flaw CVE-2026-41940 — 44,000 Servers Already Compromised

2 May 2026  |  dark6  |  Vulnerability

A public proof-of-concept exploit framework called cPanelSniper has been released for CVE-2026-41940, a CVSS 9.8 authentication bypass in cPanel and WHM. Over 44,000 servers have already been compromised,...

>> read more

Critical Wireshark Update Patches 40+ Vulnerabilities Including Remote Code Execution Flaws

1 May 2026  |  dark6  |  Vulnerability

Wireshark 4.6.5 addresses over 40 security vulnerabilities, including critical RCE flaws in TLS, RDP, and SBC dissectors. Organizations running Wireshark in enterprise or SOC environments should update immediately...

>> read more

Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017

30 April 2026  |  dark6  |  Vulnerability

A newly disclosed Linux kernel zero-day dubbed "Copy Fail" (CVE-2026-31431) allows any unprivileged local user to obtain root access on virtually every major Linux distribution since 2017 using...

>> read more

SonicWall SonicOS Flaws Let Attackers Bypass Firewall Access Controls and Trigger Denial of Service

30 April 2026  |  dark6  |  Vulnerability

SonicWall has patched three vulnerabilities in SonicOS — CVE-2026-0204 (CVSS 8.0), CVE-2026-0205, and CVE-2026-0206 — affecting Generation 6, 7, and 8 firewalls. Discovered by CrowdStrike, the flaws allow...

>> read more

cPanel Emergency Patch: Critical Authentication Bypass Threatens Millions of Hosted Websites

29 April 2026  |  dark6  |  Vulnerability

cPanel has issued emergency security patches across all supported versions to address a critical authentication vulnerability in cPanel and WHM that could allow attackers to bypass login mechanisms...

>> read more