Cyber Exposure Alerts

Oracle addresses 35 CVEs in its May 2026 Critical Security Patch Update with 35 patches, including 11 critical updates.Key TakeawaysThe May 2026 Critical Security Patch Update (CSPU) contains fixes for 35 unique CVEs in 35 security updates11 issues (31.4% of all patches) were assigned a critical severity ratingOracle E-Business Suite received the highest number of patches at 12, accounting for 34.3% of all patchesBackgroundOn May 28, Oracle released its Critical Security Patch Update (CSPU) for May 2026. Beginning in May 2026, Oracle introduced CSPUs as a monthly release cycle that sits between the larger quarterly Critical Patch Updates (CPUs), addressing a focused set of high-severity issues on a faster cadence. This CSPU contains fixes for 35 unique CVEs in 35 security updates across 5 Oracle product families. Out of the 35 security updates published, 31.4% of patches were assigned a critical severity. High severity patches accounted for the bulk of security patches at 51.4%, followed by critical severity patches at 31.4%.This month’s update includes 11 critical patches across 11 CVEs.SeverityIssues PatchedCVEsCritical1111High1818Medium66Low00Total3535AnalysisThis month’s update saw the Oracle E-Business Suite product family contain the highest number of patches at 12, accounting for 34.3% of the total patches, followed by Oracle REST Data Services at 11 patches, which accounted for 31.4% of the total patches.A full breakdown of the patches for this CSPU can be seen in the following table, which also includes a count of vulnerabilities that can be exploited over a network without authentication.Oracle Product FamilyNumber of PatchesRemote Exploit without AuthOracle E-Business Suite123Oracle REST Data Services117Oracle Communications84Oracle Database Server33Oracle Hospitality Applications11SolutionCustomers are advised to apply all relevant patches in this CSPU. Please refer to the May 2026 advisory for full details.Identifying affected systemsA list of Tenable plugins to identify these vulnerabilities will appear here as they’re released. This link uses a search filter to ensure that all matching plugin coverage will appear as it is released.Get more informationOracle Critical Security Patch Update Advisory – May 2026Oracle May 2026 Critical Security Patch Update Risk MatricesOracle Advisory to CVE MapJoin Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

A self-propagating worm has compromised more than 170 npm and PyPI packages, defeating provenance attestation and breaching OpenAI and Mistral AI. Here is what you need to know.Key takeawaysMini Shai-Hulud is a self-propagating worm by TeamPCP that steals developer and cloud credentials across the npm and PyPI ecosystems.The campaign achieved a critical security first by compromising packages with valid SLSA Build Level 3 provenance attestations, proving that process integrity controls can be defeated.Any system that installed a compromised package must be treated as fully compromised.BackgroundBetween September 2025 and May 2026, a threat group tracked as TeamPCP has conducted a series of coordinated supply chain attacks across the npm and PyPI package ecosystems. The campaign, which the group calls Shai-Hulud, uses a self-propagating worm that steals developer and cloud credentials, then leverages those credentials to publish poisoned versions of additional packages. Each compromised continuous integration and continuous deployment (CI/CD) pipeline becomes a new distribution vector, enabling exponential spread. The current iteration is known as Mini Shai-Hulud.Tenable’s Research Special Operations Team (RSO) has compiled this FAQ to discuss what Mini Shai-Hulud is, how the campaign operates, who has been affected and what organizations should do to protect their software supply chains.FAQWhat is Mini Shai-Hulud?Mini Shai-Hulud is a multi-wave supply chain attack campaign that targets the npm and PyPI open-source package registries. The name, chosen by the threat group TeamPCP, is a reference to the sandworms in Frank Herbert’s “Dune” novels, and the campaign carries a consistent Dune-universe theme throughout its infrastructure (dead-drop repository branch names, marker strings and operational messaging all draw from the Dune lexicon).What is the difference between Shai-Hulud and Mini Shai-Hulud?Shai-Hulud is the worm family. Mini Shai-Hulud is the current generation of that worm and the name TeamPCP uses for the active campaign.When did these campaigns start?The original Shai-Hulud worm appeared in September 2025 as the first self-replicating malware observed in the npm ecosystem. It could steal maintainer tokens and use them to publish poisoned versions of other packages without further attacker input.A second generation, sometimes called SHA1-Hulud, surfaced in November 2025 with updated wiper functionality and improved credential harvesting.A third variant designated SANDWORM_MODE, introduced adaptive targeting that allowed the worm to enumerate CI/CD pipeline structures before deciding how to propagate. Each generation directly addressed detection and takedown techniques applied to its predecessor, suggesting the operators monitored defensive responses and adapted accordingly.Mini Shai-Hulud is the fourth generation, active since late April 2026. The “Mini” is TeamPCP’s own ironic branding; in practice, this variant is far more destructive than the original. Its distinguishing capabilities include:SLSA Build Level 3 provenance attestation forgery (allowing malicious packages to pass cryptographic verification)OIDC token extraction directly from GitHub Actions runner process memoryPersistence hooks targeting AI coding agents and developer IDEsCross-ecosystem propagation spanning both npm and PyPI,Triple-redundant credential exfiltration through a dedicated command-and-control serverIterationNameFirst ObservationFirstShai-HuludSeptember 2025SecondSHA1-HuludNovember 2025ThirdSANDWORM_MODEMarch 2026FourthMini Shai-HuludApril 2026 What are the vulnerabilities associated with Mini Shai-Hulud?The TanStack compromise has been assigned a single CVE:CVEDescriptionCVSSv3VPRCVE-2026-45321Malicious code injection in 42 @tanstack packages via three chained GitHub Actions9.69.2*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on May 21, 2026 and reflects VPR at that time. What is CVE-2026-45321CVE-2026-45321 describes a chained exploitation of three weaknesses in TanStack’s GitHub Actions CI/CD configuration. The attacker created a fork of the TanStack/router repository under a renamed account to avoid detection, then opened a pull request that triggered a pull_request_target workflow. This workflow executed code from the attacker’s fork in the base repository’s trusted context, allowing the attacker to poison the GitHub Actions cache with malicious binaries. When legitimate maintainer pull requests were later merged, the release workflow restored the poisoned cache. Attacker-controlled code then extracted OpenID Connect (OIDC) tokens directly from the runner’s process memory and exchanged them with npm’s federation endpoint for full publish credentials.The result was 84 malicious package versions published across 42 TanStack packages in under six minutes, all carrying valid SLSA Build Level 3 provenance attestations from Sigstore.Are there other CVEs associated with Mini Shai-Hulud?At present, only CVE-2026-45321 has been assigned. It applies specifically to the TanStack wave of the campaign. The broader Mini Shai-Hulud campaign exploits CI/CD trust relationships and stolen credentials rather than traditional software vulnerabilities.Which threat actors are behind this campaign?Multiple independent security firms attribute the campaign to TeamPCP, a financially motivated cybercriminal group that emerged in late 2025. Google’s Threat Intelligence Group tracks the group as UNC6780. Other tracked aliases include DeadCatx3, PCPcat, ShellForce, and CipherForce, according to Snyk and Palo Alto Networks Unit 42.TeamPCP is assessed as responsible for several prior high-profile supply chain compromises, including the Aqua Security Trivy scanner compromise (March 2026), the Bitwarden CLI npm compromise (April 2026), the Checkmarx Jenkins AST Plugin backdoor (May 2026) and GitHub (May 2026). Unit 42 has documented TeamPCP’s announced partnership with the Vect ransomware group, suggesting the credential harvesting pipeline may serve as an initial access pathway for ransomware deployment.What organizations have been affected?At least four organizations have publicly confirmed breaches linked to the campaign:OpenAI disclosed on May 15 that two employee devices in its corporate environment were compromised after ingesting a malicious TanStack package. Limited credential material was exfiltrated from internal source code repositories, including code-signing certificates for macOS, Windows, iOS, and Android applications. OpenAI is rotating those certificates and requiring all macOS users to update their applications before June 12, 2026. The company stated it found no evidence that customer data, production systems, or intellectual property were compromised.Mistral AI confirmed that a codebase management system was compromised and SDK packages were contaminated. Non-core code repositories were accessed. On May 17, a TeamPCP-linked forum account claimed to be selling alleged Mistral AI repositories.The European Commission (europa.eu) was reportedly affected by the earlier Trivy wave in March 2026, with over 90 gigabytes of data exfiltrated according to ReversingLabs reporting.GitHub disclosed on May 19 that they were investigating claims made by TeamPCP after the group posted GitHub source code for sale. Shortly after, they confirmed that roughly 3,800 internal repositories were breached. The root cause was a trojanized Visual Studio Code extension that had been installed by an employee. That extension was later revealed to be Nx Console, in which a malicious copy of the extension was available for around 18 minutes on the Visual Studio Marketplace. According to the Nx Console security advisory, the root cause was a developer’s account that had been compromised via theTanstack supply-chain compromise. The leaked credentials were then abused to run workflows on the Nx Console GitHub repository.Beyond named victims, the campaign has compromised over 170 packages spanning both npm and PyPI with more than 518 million cumulative weekly downloads. OX Security data shows that at least 400 GitHub repositories of stolen credentials were created as part of the campaign.How does the worm spread?The campaign’s core mechanism is a self-propagating worm. When a developer or CI/CD runner installs a compromised package, the malware executes during installation and harvests credentials stored on the system, including npm tokens, GitHub personal access tokens, AWS credentials, Kubernetes secrets, SSH keys and HashiCorp Vault tokens. The worm then uses those harvested credentials to publish poisoned versions of other packages the victim has access to, creating a chain reaction that spreads across the ecosystem without requiring further action from the attacker.Mini Shai-Hulud employs three distinct attack chains depending on the access conditions available:Token theft and automated mass-publish is the most common method. The attacker compromises an npm maintainer account or token through prior credential harvesting, then runs an automated script that publishes trojanized versions of every package accessible to the compromised account. The trojanized packages include a preinstall hook that downloads the Bun JavaScript runtime and executes a large, obfuscated credential-stealing payload before the dependency installation completes.OIDC hijack with provenance defeat was used in the TanStack wave and represents the most technically sophisticated variant. Instead of stealing a stored credential, the attacker extracted a short-lived OIDC token from the runner’s process memory, allowing publication through the project’s own trusted pipeline with valid cryptographic attestation.PyPI injection targets Python packages through compromised maintainer accounts. A dropper injected into the package’s initialization file downloads a separate malicious payload from attacker-controlled infrastructure.All three chains converge on the same post-exploitation behavior: credentials are exfiltrated through three redundant channels (a dedicated command-and-control server, the decentralized Session messenger network and GitHub API dead drops), and the harvested tokens are used to propagate the worm to additional packages.Why is the SLSA provenance defeat significant?SLSA (Supply-chain Levels for Software Artifacts) is a framework for verifying that software was built from a trusted source through a trusted process. Build Level 3, the highest practical level, requires cryptographic provenance generated by the build system itself, verified through Sigstore. Running npm audit signatures on a Level 3-attested package should confirm that the package was built exactly as the maintainer intended.The Mini Shai-Hulud TanStack wave demonstrated that provenance attestation can verify that the build pipeline is legitimate without verifying that the code being built is safe. Because the attacker hijacked the legitimate pipeline itself (rather than publishing from an unauthorized account), the resulting packages carried valid attestations. Organizations that relied on provenance verification as a primary supply chain security control were unable to detect the compromise.This finding has implications beyond this specific campaign. Any security control that verifies process integrity without independently verifying code integrity is vulnerable to the same class of attack. Provenance remains valuable but is no longer sufficient as a standalone trust signal for open-source packages. When malicious code can bypass cryptographic build verification, code scanning cannot live in a vacuum; it must be continuously validated alongside identity entitlements and runtime posture.What about the open-sourced code and copycat attacks?On May 12, 2026, TeamPCP published the Shai-Hulud worm source code on GitHub under an MIT License with the message: “Shai-Hulud: Open Sourcing The Carnage.” The release included operational guidance encouraging users to customize encryption keys and infrastructure for their own campaigns. TeamPCP simultaneously announced a $1,000 contest on BreachForums for the largest supply chain attack using the code.OX Security detected four malicious npm packages from separate threat actors deploying Shai-Hulud clones in May 2026, including chalk-tempalte (a typosquat of the popular Chalk library), @deadcode09284814/axios-util, axois-utils, and color-style-utils. These copycat packages use the open-sourced worm code with modified command-and-control infrastructure and credential exfiltration targets.A rival worm called PCPJack has also been observed actively evicting TeamPCP infections while stealing credentials independently, adding further complexity to the threat landscape.Is CVE-2026-45321 in the CISA Known Exploited Vulnerabilities (KEV) catalog?As of May 20, 2026, CVE-2026-45321 is not listed in the CISA KEV catalog. NHS England issued a security alert related to the campaign, but no public advisory from CISA has been published.What should organizations do?Scan your dependency trees immediately. Check lockfiles and CI logs for any affected package versions across the @tanstack, @uipath, @mistralai, @opensearch-project, @antv, and @squawk namespaces. Community-maintained detection scripts can assist, though organizations should verify third-party scanning tools before deployment.Check for persistence before revoking tokens. The worm installs a gh-token-monitor daemon (via systemd on Linux or launchctl on macOS) that polls GitHub every 60 seconds and triggers a recursive file deletion if it detects that the token has been revoked. Search for and remove this daemon, as well as injected tasks in.vscode/tasks.json and Claude Code hooks in ~/.claude/settings.json, before rotating credentials.Rotate all credentials on potentially affected systems. If exposure is suspected, rotate GitHub tokens, npm tokens, AWS credentials, HashiCorp Vault tokens, Kubernetes service accounts, Docker credentials, and CI/CD secrets. Treat any system that installed a compromised package version as fully compromised.Harden CI/CD pipeline configurations. Replace pull_request_target workflows with pull_request for any workflow that executes code from pull requests. Pin all GitHub Actions and workflow steps to immutable commit SHAs rather than tags or branches. Implement cache isolation between fork-originated and maintainer-originated workflows. Restrict secret access to named workflow steps using the GitHub Actions permissions key.Implement structural dependency controls. Deploy –ignore-scripts as the default for npm installs with explicit allowlisting for trusted lifecycle hooks. Pin all dependencies to exact versions and enforce lockfile integrity verification in CI. Consider implementing minimumReleaseAge policies to delay automatic installation of newly published versions.Audit for credential storage on developer machines. The payload targets more than 80 environment variables and filesystem paths, including.aws/credentials, .npmrc, .ssh/ directories, .kube/config, and .docker/config.json. Transition from long-lived filesystem credentials to short-lived tokens and ephemeral CI/CD environments wherever possible.Monitor for campaign indicators. Watch for network connections to 83.142.209[.]194, DNS queries to getsession[.]org endpoints from CI runners, and GitHub repository creation matching Dune-themed naming patterns. Organizations with Software Composition Analysis tools should ensure their rulesets include the campaign’s known payload hashes and behavioral indicators.Has Tenable released any product coverage for these vulnerabilities?Yes, Tenable customers can use Tenable One Exposure Management Platform to assess their exposure surface related to Mini Shai-Hulud. Tenable One provides visibility into software dependencies and CI/CD pipeline configurations, enabling organizations to identify potentially compromised packages within their environments and prioritize remediation based on their specific exposure context.Tenable One Cloud Exposure Management provides immediate inventory and prioritization coverage across five dimensions:Continuous package inventory across every cloud workload allowing you to scan container images, VMs, and registry artifacts to maintain a live software bill of materials (SBOM). The moment indicators of compromise (IOCs) publish, Tenable identifies every asset pulling the compromised versions.Reachability and exploitability context. This is where Tenable One Cloud Exposure Management separates from list-based software composition analysis (SCA), determining whether the compromised package is actually loaded at runtime, whether the workload is internet-exposed and whether the malicious code path executes on import.Pipeline-to-cloud lineage. Tenable One Cloud Exposure Management traces compromised packages back through CI/CD to the build artifacts they produced, through runtime. Tenable also provides runtime reachability analysis with eBPF scanning and AI-powered Threat Stories, adding yet another actionable layer of threat discovery and response.Asset-criticality prioritization. Tenable ranks findings by business context, identity blast radius via cloud infrastructure entitlement management (CIEM), and data sensitivity via data security posture management (DSPM) so response teams work the highest-risk assets first.Unified findings inside Tenable One. SCA hits don’t sit in isolation. They land alongside CSPM misconfigurations, identity exposures, and runtime signals from CDR, correlated by Hexa AI into a single prioritized exposure. The SCA finding joins to the IAM role that pipeline assumes, the secrets it can access and the data those secrets unlock.Additionally, a list of Tenable plugins for CVE-2026-45321 can be found on the individual CVE page as they’re released. Coverage for the original Shai-Hulud variants can be found in plugin ID 265897.These links will display all available plugins for these vulnerabilities, including upcoming plugins in our Plugins Pipeline.Get more informationStepSecurity: Mini Shai-Hulud is BackWiz: Mini Shai-Hulud Strikes AgainSnyk: TanStack npm Packages Hit by Mini Shai-HuludAkamai: Mini Shai-Hulud: The Worm Returns and Goes PublicOpenAI: Our Response to the TanStack npm Supply Chain AttackReversingLabs: Shai-Hulud Code DropTanStack PostmortemOX Security: New Actors Deploy Shai-Hulud ClonesJoin Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

A highly critical SQL injection vulnerability in Drupal core’s database abstraction layer affects sites running PostgreSQL.Change logUpdate May 27: The blog has been updated to include reports of observed exploitation attempts.Click here to review the change log historyUpdate May 27: The blog has been updated to include reports of observed exploitation attempts.Key TakeawaysCVE-2026-9082 is a highly critical SQL injection vulnerability in Drupal core’s database abstraction API that can be exploited by unauthenticated attackers on sites using PostgreSQL.No exploitation has been observed in the wild, but a detection PoC was published on the same day as the advisory and the patch diff was shared publicly within hours.Patches are available across six supported Drupal branches, including two exceptional releases for end-of-life versions.BackgroundOn May 20, Drupal published a security advisory (SA-CORE-2026-004) for a highly critical SQL injection vulnerability in Drupal core:CVEDescriptionCVSSv3CVE-2026-9082Drupal Core SQL Injection Vulnerability6.5The advisory was preceded by a public service announcement (PSA-2026-05-18) on May 18, which warned administrators to prepare for a highly critical release and cautioned that exploitation could occur “within hours or days” of disclosure.Drupal rates this vulnerability 20 out of 25 on its own risk scoring scale (“Highly Critical”), noting that the confidentiality impact includes “all non-public data accessible” and the integrity impact is “all data modifiable or deletable.” NVD assigned a CVSSv3 score of 6.5, rating the confidentiality and integrity impacts as Low. Given the vendor’s own characterization of impact and the unauthenticated attack vector, the Drupal risk rating better reflects the potential severity for affected configurations.AnalysisCVE-2026-9082 is an SQL injection vulnerability in Drupal core’s database abstraction API, specifically in the PostgreSQL EntityQuery condition handler. An unauthenticated, remote attacker can exploit this vulnerability by sending specially crafted requests to a vulnerable Drupal site running on PostgreSQL. Successful exploitation could lead to information disclosure, data modification or deletion, and in some configurations, privilege escalation or remote code execution.User-controlled PHP array keys could reach SQL placeholder construction unsanitized. Drupal fixed this by applying ‘array_values()’ which strips attacker-supplied keys and replaces them with numeric indexes.Scope: PostgreSQL onlyThis vulnerability only affects Drupal sites using PostgreSQL as their database backend. Sites running MySQL, MariaDB, or SQLite are not affected. The vulnerable code resides in Drupal’s PostgreSQL EntityQuery condition handler, which is only invoked on PostgreSQL configurations.No exploitation observedAt the time this blog post was published on May 21, Drupal’s advisory describes the exploit status as “Theoretical,” and no in-the-wild exploitation has been reported.Historical exploitation of Drupal CoreDrupal core has a well-documented history of critical vulnerabilities that attracted rapid mass exploitation. CISA’s Known Exploited Vulnerabilities (KEV) catalog contains four Drupal entries, two of which have confirmed ransomware use. The Drupalgeddon vulnerabilities (CVE-2018-7600 and CVE-2018-7602) in particular became a case study in how quickly attackers weaponize Drupal flaws once details are available.CVEDescriptionDate AddedTenable BlogsCVE-2018-7600Drupal Core Remote Code Execution (Drupalgeddon 2)2021-11-03Critical Drupal Core Vulnerability: What You Need to KnowCVE-2018-7602Drupal Core Remote Code Execution (Drupalgeddon 3)2022-04-13Drupalgeddon Attacks Continue on Sites Missing Security UpdatesCVE-2019-6340Drupal Core Arbitrary PHP Code Execution2022-03-25Highly Critical Drupal Security Advisory ReleasedCVE-2020-13671Drupal Core File Extension Sanitization2022-01-18–Proof of conceptOn the same day as the security release, a detection PoC and reproduction lab was published. The patch diff was also shared on social media within hours of the release.The minimal complexity of this patch, combined with the availability of AI-powered code analysis tools that can analyze diffs and assist in exploit development, compresses the timeline between patch release and weaponization. Historically, Drupal vulnerabilities of this severity have seen exploitation within hours to days of disclosure. Administrators running PostgreSQL-backed Drupal sites face a shortening window to apply patches before exploitation attempts begin.Update: On May 22, Drupal updated its advisory for CVE-2026-9082 to increase its risk score because “exploit attempts are now being detected in the wild” while CISA added CVE-2026-9082 to the KEV.SolutionDrupal has released fixed versions across all currently supported branches, as well as exceptional releases for two end-of-life branches due to the severity of this vulnerability:Affected VersionsFixed VersionDrupal 11.3.0 – 11.3.911.3.10Drupal 11.2.0 – 11.2.1111.2.12Drupal 11.0.0 – 11.1.911.1.10 (EOL, exceptional release)Drupal 10.6.0 – 10.6.810.6.9Drupal 10.5.0 – 10.5.910.5.10Drupal 10.4.0 – 10.4.910.4.10 (EOL, exceptional release)Sites running Drupal 8.9 or 9.5 have reached end-of-life and will not receive packaged updates. However, Drupal has published hotfix files for sites running 9.5.11 or 8.9.20. Sites on Drupal 7 are not affected.Sites using Drupal Steward are protected against known attack vectors for this vulnerability.According to the security advisory, these releases also include coordinated upstream security updates for Symfony and Twig. These include separate vulnerabilities from CVE-2026-9082, but Drupal core is affected by some of them. Even sites not running PostgreSQL benefit from updating to these releases.Identifying affected systemsA list of Tenable plugins for this vulnerability can be found on the individual CVE page for CVE-2026-9082 as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.Additionally, customers can utilize Tenable Attack Surface Management to identify public facing assets running Drupal by using the following query: CMS contains Drupal. Get more informationDrupal Security Advisory SA-CORE-2026-004Drupal PSA-2026-05-18: Pre-release announcementJoin Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

The 2026 Verizon Data Breach Investigations Report (DBIR) reveals a troubling trend: vulnerability exploitation has surged to become the number one initial access vector while remediation rates have worsened.Key takeawaysVulnerability exploitation has surged to become the leading initial access vector for breaches, accounting for 31% of data breaches during the study period.Security teams’ patching efforts are falling further behind, with the median time-to-patch growing by 11 days in the past year.As AI-powered tools increase the speed and volume of vulnerability discovery and vulnerability exploitation, exposure management helps organizations keep up by continually assessing their attack surfaces, prioritizing risks, and orchestrating automated remediation of security weaknesses.What is the Verizon DBIR reportVerizon’s annual Data Breach Investigations Report (DBIR) has helped organizations understand evolving cyber threats since its first release in 2008. For the 2026 edition, Tenable Research once again contributed enriched data on vulnerability exploitation and vulnerability remediation trends. This year’s findings paint a stark picture: Compared with last year, organizations are facing a significant increase in the volume of “must-patch” vulnerabilities from the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog.The widening gap between vulnerability disclosure and remediation represents one of the most pressing challenges in cybersecurity today. Security teams are already overwhelmed, both by the rising number of vulnerabilities and the lack of time for patch management. This reality underscores the critical need for comprehensive exposure management, a strategic, AI-driven approach to preemptive security designed to help organizations reduce cyber risk by continually assessing their attack surfaces, prioritizing risks, and orchestrating automated remediation of security weaknesses.Verizon DBIR 2026 overview and analysisThe 2026 Verizon DBIR found that vulnerability exploitation is the top initial access vector, accounting for 31% of data breaches during the study period. Even more concerning is that the median time-to-patch has increased from 32 days to 43 days, a 34% increase. This year’s findings paint a stark picture: The number of vulnerabilities continues to snowball, as organizations’ patching rates continue to fall behind.The CVE explosion continues — and AI will accelerate itThe vulnerability landscape continues to see explosive growth as the CVE program currently reports more than 351,000 registered CVEs with more than 21,500 already reserved in 2026. As we’re on the path for another record number of CVEs, this flood of vulnerabilities creates an extremely difficult situation for security teams already stretched thin. With median time-to-patch increasing and exploitation timelines shrinking, attackers are winning the race between disclosure and remediation.The situation may be poised to worsen dramatically. The cybersecurity community is increasingly concerned about AI-powered vulnerability discovery tools like Anthropic’s Claude Mythos, which can automatically identify security flaws in codebases at unprecedented speed and scale. While such tools hold promise for defensive security teams, they also represent a potential inflection point: if AI can discover vulnerabilities faster than organizations can patch them, the already immense patch burden could become truly unmanageable.This AI-driven acceleration comes at the worst possible time. Organizations are already struggling to remediate vulnerabilities, with the Verizon data breach investigations report finding that organizations successfully remediate only 26% of KEV vulnerabilities. Adding to this concern, the DBIR points out that there has been a nearly 50% increase in the number of CISA KEV vulnerabilities to patch in 2025, putting even more pressure on security teams.If AI models begin flooding the CVE database with newly discovered vulnerabilities, or worse, if attackers leverage these models to find and exploit zero-days before defenders can respond, the current remediation crisis is likely to escalate into a systemic failure of the traditional patch-based defense model.The exposure management imperativeWhile vulnerability exploitation dominates headlines as the number one initial access vector, it represents only a slice of the exposure problem. The DBIR notably highlights credential abuse as another significant threat vector, underscoring that vulnerabilities don’t exist in isolation. Stolen credentials can transform a moderate-severity vulnerability into a critical breach pathway, while exposed configurations can provide attackers with the access needed to exploit unpatched systems.This interconnected nature of exposures highlights why more and more organizations are adopting comprehensive exposure management. Understanding and addressing the full attack surface, including identity risks, misconfigurations, excessive permissions, and vulnerable assets, is essential to reducing breach risk in today’s threat landscape.The emergence of AI-powered vulnerability discovery makes exposure management absolutely essential. As AI tools accelerate vulnerability identification, organizations cannot simply try to patch more vulnerabilities faster. Instead, they must focus on understanding and remediating the vulnerabilities that matter most in the context of their specific environment. A newly discovered vulnerability on an isolated system with no credentials exposed and strong access controls poses far less risk than an older CVE on an internet-facing asset with weak authentication. The Tenable One Exposure Management Platform provides both the contextual framework needed to make these critical prioritization decisions and the agentic orchestration engine required to accelerate remediation in an era of AI-accelerated vulnerability discovery.Notable data insights from the DBIR reporting periodAs Tenable Research examined the trends in the data, our team decided to distill the CVEs into product categories and compare which categories saw the largest percentage of unremediated assets. For our analysis, we focused on KEV CVEs as these are vulnerabilities known to have been exploited and in attackers’ crosshairs.As you can see in the figure below, vulnerabilities affecting development tools saw the highest rate of unremediated assets, followed by virtualization/hypervisor flaws and remote monitoring and management (RMM) flaws. While the remediation process across these product categories can vary, the overall trend of nearly all of the product categories having an above 50% unremediated rate demonstrates that organizations are still struggling with vulnerability remediation.Similarly, we looked at the average number of days that assets remained unremediated while comparing that to the number of CVEs affecting that category during the DBIR reporting period.Tenable analysis of the data reinforces the stark reality highlighted in the Verizon DBIR: Organizations are taking longer to patch known and exploited vulnerabilities while facing a rapid increase in the number of vulnerabilities that require immediate attention.DBIR findingsThe 2026 DBIR findings are sobering but not surprising to those on the front lines of cybersecurity. The data confirms what many security teams experience daily: The patch burden is growing faster than organizations’ ability to respond. With vulnerability exploitation now the top initial access vector and median time-to-patch continuing to climb, the gap between attacker speed and defender response continues to widen.Organizations must adopt an exposure-centric approach that considers not just the presence of vulnerabilities, but the full risk context of their environment:Which assets are exposed?Who has access?Which credentials are compromised?Which exposure combinations create the most dangerous attack paths?In an era where AI is discovering vulnerabilities faster than humans can patch them, understanding which exposures truly matter represents the only sustainable path forward.The 2026 DBIR, enriched with Tenable Research’s data, provides valuable insights into today’s threat landscape. Tenable encourages security professionals to read the full Verizon DBIR to understand current attack trends and use these findings to inform their exposure management strategies. The crisis documented in this report signals that the traditional vulnerability-centric model needs a fundamental evolution toward comprehensive, AI-driven exposure management.Identifying affected systemsTenable provides comprehensive detection coverage for CISA’s KEV catalog, with detection capabilities deployed rapidly following vulnerability disclosure. This coverage spans diverse asset categories, enabling comprehensive visibility into actively exploited vulnerabilities across your environments. CVEs on the KEV catalog will have a tag on the individual CVE pages, and you can browse our upcoming plugins on our Plugins Pipeline page.Get more informationVerizon 2026 Data Breach Investigations Report (DBIR)Join Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

Multiple critical authentication bypass vulnerabilities in Cisco Catalyst SD-WAN Controller and Manager are under active exploitation by multiple threat clusters, including CVE-2026-20182, which has been exploited as a zero-day by a sophisticated threat actor.Key TakeawaysCVE-2026-20182 is a critical (CVSSv3 10.0) authentication bypass in Cisco Catalyst SD-WAN Controller and Manager disclosed on May 14 with confirmed active exploitation.A sophisticated threat actor designated UAT-8616 has exploited Cisco SD-WAN vulnerabilities since at least 2023, and 10 additional threat clusters began exploitation of multiple vulnerabilities in SD-WAN after public proof-of-concept code became available.Patches are available for all supported Cisco Catalyst SD-WAN releases and CISA has mandated remediation by May 17 under Emergency Directive 26-03.BackgroundTenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding the ongoing exploitation of multiple vulnerabilities in Cisco Catalyst SD-WAN Controller and Manager.FAQWhen were these Cisco SD-WAN vulnerabilities first disclosed?On February 25, 2026, Cisco published an advisory for CVE-2026-20127, a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager that was already being exploited in the wild at the time of disclosure. Alongside that advisory, Cisco also released patches for three additional vulnerabilities in SD-WAN Manager: CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122. The security advisory for these CVEs (cisco-sa-sdwan-authbp-qwCX8D4v) was updated in March to confirm exploitation of CVE-2026-20128 and CVE-2026-20122 and then again in April to confirm that CVE-2026-20133 had also been exploited.On May 14, 2026, Cisco published a new advisory (cisco-sa-sdwan-rpa2-v69WY2SW) for CVE-2026-20182, a separate critical authentication bypass vulnerability that was discovered during the investigation into the earlier exploitation. This vulnerability is also under active exploitation.What are the vulnerabilities associated with the Cisco SD-WAN exploitation?There are five CVEs associated with this ongoing campaign, plus one older vulnerability used for post-compromise privilege escalation:CVEDescriptionCVSSv3Cisco AdvisoryCVE-2026-20182Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability10.0cisco-sa-sdwan-rpa2-v69WY2SWCVE-2026-20127Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability10.0cisco-sa-sdwan-rpa-EHchtZkCVE-2026-20133Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability7.5cisco-sa-sdwan-authbp-qwCX8D4vCVE-2026-20128Cisco Catalyst SD-WAN Manager Credential Access Vulnerability7.5cisco-sa-sdwan-authbp-qwCX8D4vCVE-2026-20122Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability5.4cisco-sa-sdwan-authbp-qwCX8D4vCVE-2022-20775Cisco SD-WAN CLI Path Traversal Privilege Escalation Vulnerability7.8cisco-sa-sd-wan-priv-E6e8tEdFBoth CVE-2026-20182 and CVE-2026-20127 are critical-severity flaws that enable remote, unauthenticated access to administrative functions due to broken peering authentication logic. CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122, when chained together, allow a remote unauthenticated attacker to gain access to the SD-WAN Manager.What products are affected?The following table lists the CVEs and affected devices. None of these vulnerabilities require specific device configurations to be exploitable, and all deployment models are affected:CVEAffected Device(s)CVE-2026-20182Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN ManagerCVE-2026-20127Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN ManagerCVE-2026-20133Cisco Catalyst SD-WAN ManagerCVE-2026-20128Cisco Catalyst SD-WAN ManagerCVE-2026-20122Cisco Catalyst SD-WAN ManagerCVE-2022-20775Cisco SD-WAN Software:- SD-WAN vBond Orchestrator Software- SD-WAN vEdge Cloud Routers- SD-WAN vEdge Routers- SD-WAN vManage Software- SD-WAN vSmart Controller SoftwareHow severe is the exploitation?Successful exploitation of CVE-2026-20182 or CVE-2026-20127 provides access to a privileged (but non-root) internal account on the SD-WAN Controller. That access opens NETCONF, giving the attacker the ability to alter network configuration across the entire SD-WAN fabric. In observed attacks, the threat actor UAT-8616 then leveraged CVE-2022-20775 via a software version downgrade technique to escalate privileges to root.Post-compromise activities observed by Cisco Talos include SSH key injection, NETCONF configuration manipulation, malicious account creation, and extensive log clearing to cover tracks.Who is UAT-8616?UAT-8616 is a designation assigned by Cisco Talos to a “highly sophisticated cyber threat actor” that has been exploiting Cisco SD-WAN infrastructure since at least 2023. According to Cisco Talos, UAT-8616 targets critical infrastructure sectors and its infrastructure overlaps with monitored Operational Relay Box (ORB) networks.UAT-8616 exploits CVE-2026-20182 and CVE-2026-20127 for initial access, then, in the case of CVE-2026-20127 exploitation, performs software version downgrades to expose CVE-2022-20775 for root privilege escalation. After achieving root access, the actor restores the original software version to conceal the exploitation path. Additional persistence techniques include injecting SSH keys into authorized_keys files, enabling PermitRootLogin in the SSH daemon configuration, and clearing forensic evidence from syslog, wtmp, lastlog, bash_history and cli-history files.Are there other threat actors exploiting these vulnerabilities?Yes. Cisco Talos has identified 10 additional threat clusters that are distinct from UAT-8616. These clusters have been exploiting the CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 chain since early March 2026, following the publication of proof-of-concept code by ZeroZenX Labs. The tools deployed by these clusters range from webshells (Godzilla, Behinder, XenShell) and red team frameworks (AdaptixC2, Sliver) to cryptocurrency miners (XMRig) and credential stealers targeting admin hashes, JWT tokens and AWS credentials.Are proofs-of-concept (PoCs) available?Yes. ZeroZenX Labs published proof-of-concept code for the CVE-2026-20133, CVE-2026-20128, CVE-2026-20122 exploit chain in March 2026. This PoC release directly correlated with the surge in exploitation activity across multiple threat clusters. The availability of public PoC code highlights the risk to any exposed SD-WAN infrastructure that remains unpatched.What actions has CISA taken?CISA has taken multiple actions in response to the Cisco SD-WAN exploitation campaign:February 25, 2026: Added CVE-2026-20127 and CVE-2022-20775 to the Known Exploited Vulnerabilities (KEV) catalogApril 20, 2026: Added CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 to the KEV catalogMay 14, 2026: Added CVE-2026-20182 to the KEV catalog with an action deadline of May 17, 2026May 14, 2026: Issued Emergency Directive 26-03 and published Hunt & Hardening Guidance for Cisco SD-WAN DevicesAll five CVEs in this campaign are now in CISA’s KEV catalog.Are patches available?Cisco has released patches for each of the vulnerabilities discussed in this blog. We recommend reviewing the security advisories issued by Cisco for each CVE to identify the patch release and any considerations that may apply in order to apply the patches successfully.Are there indicators of compromise (IoC)?Cisco has published detailed IoC information across its advisories and Talos blog posts. The indicators include:Log evidence: Check /var/log/auth.log for “Accepted publickey for vmanage-admin” entries from unknown or unauthorized IP addressesControl connection anomalies: Run show control connections detail or show control connections-history detail and look for connections with state:up and challenge-ack: 0, which may indicate unauthorized peeringPost-compromise artifacts: Unauthorized SSH keys in /home/vmanage-admin/.ssh/authorized_keys/, PermitRootLogin enabled in /etc/ssh/sshd_config, unexplained software downgrades followed by rebootsFull IoC lists including C2 server IPs, malware file hashes, and attacker source IPs are available in the Cisco Talos blog.Has Tenable Research classified these vulnerabilities as part of Vulnerability Watch?Yes. CVE-2026-20182, CVE-2026-20127, CVE-2026-20128, and CVE-2026-20122 have been classified as Vulnerabilities of Interest under Vulnerability Watch due to confirmed active exploitation and the availability of public proof-of-concept code. Tenable has been tracking this cluster of vulnerabilities since the original disclosure in February 2026, with watches re-established as exploitation escalated in March and again in May 2026 when CVE-2026-20182 was disclosed.Has Tenable released product coverage?A list of Tenable plugins for these vulnerabilities can be found on the individual CVE pages for CVE-2026-20182, CVE-2026-20127, CVE-2026-20133, CVE-2026-20128, CVE-2026-20122, and CVE-2022-20775. These links will display all available plugins for these vulnerabilities, including upcoming plugins in our Plugins Pipeline.Additionally, customers can utilize Tenable Attack Surface Management to identify public facing assets running Cisco Catalyst SD-WAN devices by using the following query: Document Title contains Cisco Catalyst SD-WAN.Get more informationCisco Security Advisory: cisco-sa-sdwan-rpa2-v69WY2SWCisco Talos: SD-WAN Ongoing ExploitationCisco Talos: UAT-8616 SD-WAN CampaignTenable blog: CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the WildJoin Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

A new Linux kernel local privilege escalation exploit with a public proof-of-concept targets the same subsystem as Dirty Frag but requires a separate patch.Key TakeawaysCVE-2026-46300 (Fragnesia) is the latest high severity local privilege escalation vulnerability in the Linux kernel, following the disclosure of both Dirty Frag and Copy Fail.A public proof-of-concept is available and the exploit has been confirmed working on Ubuntu systems, though no in-the-wild exploitation has been reported.A kernel patch was released on May 13; the existing Dirty Frag patches do not address this flaw, though the module blacklist mitigation protects against both.BackgroundTenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding Fragnesia, a new Linux kernel local privilege escalation vulnerability.FAQWhen was Fragnesia first disclosed?On May 13, William Bowling of V12 Security publicly disclosed Fragnesia alongside a proof-of-concept exploit and a corresponding kernel patch. CVE-2026-46300 was assigned the same day.What is Fragnesia?Fragnesia is a local privilege escalation vulnerability in the Linux kernel’s XFRM ESP-in-TCP subsystem. The name references how the socket buffer (skb) “forgets” that a frag is shared during coalescing. Specifically, when the kernel coalesces socket buffer fragments via skb_try_coalesce(), it fails to propagate the SKBFL_SHARED_FRAG flag that marks certain pages as shared with other subsystems. Without that flag, the kernel treats those file-cache-backed pages as safe to write.CVEDescriptionCVSSv3CVE-2026-46300Linux Kernel XFRM ESP-in-TCP Local Privilege Escalation Vulnerability7.8 (estimated)How does Fragnesia relate to Dirty Frag?Fragnesia belongs to the same vulnerability class as Dirty Frag (CVE-2026-43284/CVE-2026-43500) in that both achieve page-cache writes through the XFRM/ESP subsystem. However, they are distinct vulnerabilities: Dirty FragFragnesiaResearcherHyunwoo KimWilliam Bowling (V12 Security)Entry pointxfrm-ESP page-cache writeTCP coalescing in ESP-in-TCP (ULP mode transition)Write primitive4-byte STORE192-byte XOR via AES-GCM keystreamPatchExisting Dirty Frag patchesNew patch (May 13)The existing kernel patches for Dirty Frag do not fix Fragnesia. A separate patch is required.How severe is Fragnesia?Any local user on a system running a vulnerable kernel can exploit Fragnesia to gain root access. The exploit does not rely on a race condition. The technique uses user and network namespaces (enabled by default on most distributions) to obtain CAP_NET_ADMIN without requiring elevated host privileges.The public PoC targets /usr/bin/su, modifying it in the page cache to grant root on execution. The on-disk binary is never changed, and a reboot or cache flush restores normal behavior. The technique is not limited to a single binary: any file readable by the attacker is a viable target, including [redacted].Which Linux distributions are affected?Fragnesia affects the same kernel versions as Dirty Frag. Any distribution shipping a kernel without the May 13 patch is vulnerable. The vulnerability was confirmed working on Ubuntu 6.8.0-111-generic (April 11, 2026 build) running on a Linode VPS.Affected distributions include:DistributionPatch StatusUbuntuVulnerableRed Hat Enterprise LinuxVulnerableopenSUSEVulnerableCentOS StreamVulnerableAlmaLinuxPatchedCloudLinuxPatchingDebianVulnerableGentooVulnerableFedoraPatchedAmazon LinuxNot affectedAmazon Linux is not affected as it does not ship the espintcp module. CloudLinux 7 is also unaffected.As of May 14, Ubuntu’s patch status remains “needs evaluation” across all releases. CloudLinux has patches in testing for CL9/CL10 and a KernelCare livepatch in validation.Is there a proof-of-concept (PoC) available?Yes. A public PoC was released on GitHub alongside the disclosure.Are patches or mitigations available?A kernel patch was submitted to the netdev mailing list on May 13. The fix ensures skb_try_coalesce() propagates the SKBFL_SHARED_FRAG marker, preventing in-place decryption of shared page-cache fragments.AlmaLinux has released patched kernels for all supported releases:DistributionFixed Kernel VersionAlmaLinux 8kernel-4.18.0-553.124.2.el8_10AlmaLinux 9kernel-5.14.0-611.54.4.el9_7AlmaLinux 10kernel-6.12.0-124.56.2.el10_1For systems where an immediate kernel update is not feasible, the same module blacklist mitigation used for Dirty Frag is effective:rmmod esp4 esp6 rxrpc printf ‘install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n’ > /etc/modprobe.d/dirtyfrag.confOrganizations that applied this mitigation for Dirty Frag are already protected against Fragnesia. Organizations that applied only the kernel patches for Dirty Frag without the module blacklist are not protected and need the new patch.Historical exploitation of Linux kernel vulnerabilitiesThe Linux kernel has been a recurring target for privilege escalation attacks. CISA’s Known Exploited Vulnerabilities catalog contains entries for several Linux kernel flaws:CVEDescriptionDate Added to KEVKnown Ransomware UseCVE-2016-5195Linux Kernel Race Condition (Dirty Cow)2022-03-03UnknownCVE-2022-0847Linux Kernel Improper Initialization (Dirty Pipe)2022-04-25UnknownCVE-2024-1086Linux Kernel nf_tables Use-After-Free2024-05-30KnownCVE-2026-31431Linux Kernel Incorrect Resource Transfer (Copy Fail)2026-05-01UnknownCopy Fail (CVE-2026-31431) was added to the KEV catalog on May 1. CVE-2026-46300 (Fragnesia) is not currently in the KEV catalog.Tenable published an FAQ blog on Dirty Frag and Copy Fail, both of which are Linux kernel privilege escalation vulnerabilities disclosed in 2026.Has Tenable released any product coverage for this vulnerability?A list of Tenable plugins for this vulnerability can be found on the CVE-2026-46300 page as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.Get more informationFragnesia PoC and Technical Details (V12 Security)Kernel Patch (netdev mailing list)oss-security DiscussionDirty Frag FAQ (Tenable Blog)Copy Fail FAQ (Tenable Blog)Join Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

16Critical102Important0Moderate0LowMicrosoft addresses 118 CVEs in its May 2026 Patch Tuesday release, with no zero-days exploited in the wild or publicly disclosed for the first time since June 2024.Microsoft patched 118 CVEs in its May 2026 Patch Tuesday release, with 16 rated critical and 102 rated as important. Our counts omitted CVE-2025-54518, an AMD CPU OP Cache Corruption vulnerability issued by AMD.This month’s update includes patches for:.NETASP.NET CoreAzure AI Foundry M365 published agentsAzure Cloud ShellAzure Connected Machine AgentAzure DevOpsAzure Entra IDAzure Logic AppsAzure Machine LearningAzure Managed Instance for Apache CassandraAzure Monitor AgentAzure Notification ServiceAzure SDKCopilot Chat (Microsoft Edge)Data DeduplicationDynamics Business CentralGitHub Copilot and Visual StudioM365 CopilotM365 Copilot for DesktopMicrosoft Data FormulatorMicrosoft Dynamics 365 (on-premises)Microsoft Dynamics 365 Customer InsightsMicrosoft Edge (Chromium-based)Microsoft Edge for AndroidMicrosoft OfficeMicrosoft Office Click-To-RunMicrosoft Office ExcelMicrosoft Office PowerPointMicrosoft Office SharePointMicrosoft Office WordMicrosoft Partner CenterMicrosoft SSO Plugin for Jira & ConfluenceMicrosoft TeamsMicrosoft Windows DNSPower AutomateSQL ServerTelnet ClientVisual Studio CodeWindows Admin CenterWindows Ancillary Function Driver for WinSockWindows Application Identity (AppID) SubsystemWindows Cloud Files Mini Filter DriverWindows Common Log File System DriverWindows Cryptographic ServicesWindows DWM Core LibraryWindows Event Logging ServiceWindows Filtering Platform (WFP)Windows GDIWindows Hyper-VWindows Internet Key Exchange (IKE) ProtocolWindows KernelWindows Kernel-Mode DriversWindows LDAP – Lightweight Directory Access ProtocolWindows Link-Layer Discovery Protocol (LLDP)Windows Message QueuingWindows Native WiFi Miniport DriverWindows NetlogonWindows Print Spooler ComponentsWindows Projected File SystemWindows Remote DesktopWindows Rich Text EditWindows Rich Text Edit ControlWindows SMB ClientWindows Secure BootWindows Storage Spaces ControllerWindows Storport Miniport DriverWindows TCP/IPWindows Telephony ServiceWindows Volume Manager Extension DriverWindows Win32K – GRFXWindows Win32K – ICOMPElevation of Privilege (EoP) vulnerabilities accounted for 48.3% of the vulnerabilities patched this month, followed by remote code execution (RCE) vulnerabilities at 24.6%.CriticalCVE-2026-41103 | Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege VulnerabilityCVE-2026-41103 is an elevation of privilege vulnerability affecting Microsoft Single-Sign-On (SSO) Plugin for Jira & Confluence. It was assigned a CVSSv3 score of 9.1 and is rated as critical. It was assessed as “Exploitation More Likely” according to Microsoft’s Exploitability Index. An unauthorized attacker could exploit this vulnerability during the process of logging in by sending a specially crafted response message. Successful exploitation would allow the attacker to sign-in using a forged identity without Microsoft Entra ID authentication, enabling access to or allowing an attacker to modify data in Jira and Confluence. However, the accessible information is not unfettered, as it is limited by the access defined by the targeted servers for the authorized user.ImportantCVE-2026-33841, CVE-2026-35420, CVE-2026-40369 | Windows Kernel Elevation of Privilege VulnerabilitiesCVE-2026-33841, CVE-2026-35420 and CVE-2026-40369 are EoP vulnerabilities affecting the Windows Kernel. Each of the flaws have been assigned CVSSv3 scores of 7.8 and rated as important. Both CVE-2026-33841 and CVE-2026-40369 were assessed as “Exploitation More Likely,” which could be abused by a local attacker to elevate to SYSTEM or Medium/High integrity level in the case of CVE-2026-33841. Including these three EoPs, there have been 13 disclosed Windows Kernel EoP vulnerabilities addressed so far in 2026.CriticalCVE-2026-40361, CVE-2026-40364, CVE-2026-40366 and CVE-2026-40367 | Microsoft Word Remote Code Execution VulnerabilitiesCVE-2026-40361, CVE-2026-40364, CVE-2026-40366 and CVE-2026-40367 RCE vulnerabilities affecting Microsoft Word. Each of these RCEs were assigned CVSSv3 scores of 8.4 and rated as critical, though CVE-2026-40361 and CVE-2026-40364 were the only ones assessed to be “Exploitation More Likely.” An attacker could exploit these flaws through social engineering by sending the malicious file to an intended target. Successful exploitation would grant code execution privileges to the attacker. Additionally, Microsoft notes that the Preview Pane is an attack vector for each of these vulnerabilities.CriticalCVE-2026-41089 | Windows Netlogon Remote Code Execution VulnerabilityCVE-2026-41089 is a RCE vulnerability affecting Windows Netlogon, a Windows Server process used for authentication within a domain. It was assigned a CVSSv3 score of 9.8 and rated as critical. A remote, unauthenticated attacker could exploit this flaw by sending a crafted network request to a Windows server running as a domain controller. This packet could exploit a stack-based buffer overflow flaw, allowing the attacker to execute code on an affected system. Despite the critical severity and near perfect CVSSv3 score, this flaw was assessed by Microsoft as “Exploitation Less Likely.”Tenable SolutionsA list of all the plugins released for Microsoft’s May 2026 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on How to Perform Efficient Vulnerability Assessments with Tenable.Get more informationMicrosoft’s May 2026 Security UpdatesTenable plugins for Microsoft May 2026 Patch Tuesday Security UpdatesJoin Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

Weeks after the Copy Fail vulnerability was revealed, a new Linux kernel escalation vulnerability has been uncovered. Dubbed “Dirty Frag,” this flaw could allow a local user to gain root access on affected Linux distributions. Public exploit code has been released prior to patches being made available.Key takeaways:CVE-2026-43284 and CVE-2026-43500 are a pair of chained vulnerabilities that together create a high severity local privilege escalation vulnerability in the Linux kernel. A public exploit is available which extends the bug class attributed to Copy Fail, another high profile kernel privilege escalation vulnerability. Patched kernel versions expected to be released shortly. BackgroundTenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding CVE-2026-43284 and CVE-2026-43500, an exploit chain leading to Linux kernel local privilege escalation in an attack known as “Dirty Frag”FAQWhat is Dirty Frag?Dirty Frag is a local privilege escalation (LPE) vulnerability that allows a local user to escalate their privileges to root.When was Dirty Frag disclosed?According to the disclosure timeline, Dirty Frag was publicly disclosed on May 7 after the vulnerability’s embargo was broken by an unrelated third party. On May 8, a proof-of-concept was released alongside technical details and a timeline of the disclosure events.What CVEs were released?While no CVEs were available at the time of public disclosure, as of May 8, two CVE identifiers have been released to address the two vulnerabilities which encompass Dirty Frag.CVEDescriptionCVSSv3CVE-2026-43284Linux Kernel Local Privilege Escalation Vulnerability (xfrm-ESP Page-Cache Write)7.8CVE-2026-43500Linux Kernel Local Privilege Escalation Vulnerability (RxRPC Page-Cache Write)N/AAs of the time this blog was published on May 8, no CVE record details have been released for CVE-2026-43500, which was assigned to address the RxRPC Page-Cache Write vulnerability.According to the exploit details that have been released, two vulnerabilities are chained in order to craft the exploit. xfrm-ESP Page-Cache Write provided a 4-byte STORE primitive and RxRPC Page-Cache Write provides the privilege to create the namespace. By chaining these two vulnerabilities, root privileges can be obtained on nearly all major Linux distributions.How does Dirty Frag relate to Copy Fail, Dirty Cow and Dirty Pipe?Dirty Frag was inspired by Copy Fail as the xfrm-ESP Page-Cache Write vulnerability shares the same sink as Copy Fail. However, it can be triggered on systems that have applied the “algif_aead” blacklist as a mitigation strategy. This means that systems that have been mitigated against Copy Fail remain vulnerable to Dirty Frag.With the recent disclosure of Copy Fail, there have been comparisons to other well-known Linux kernel privilege escalation vulnerabilities, including Dirty Cow (CVE-2016-5195) and Dirty Pipe (CVE-2022-0847).Dirty Cow relied on a winning race condition, which meant exploitation was often unreliable. Dirty Pipe had constraints around how data could be written and where in a file it could be modified. As with Copy Fail, Dirty Frag reportedly works consistently across nearly all major Linux distributions.Which Linux distributions are affected by Dirty Frag?According to the technical writeup, the xfrm-ESP Page-Cache Write vulnerability has been in upstream since 2017 and the RxRPC Page-Cache Write vulnerability since 2023. Linux distributions released in the last 9 years are likely affected:Distributions where Dirty Frag has been testedUbuntu 24.04.4: 6.17.0-23-genericRed Hat Enterprise Linux (RHEL) 10.1: 6.12.0-124.49.1.el10_1.x86_64openSUSE Tumbleweed: 7.0.2-1-defaultCentOS Stream 10: 6.12.0-224.el10.x86_64AlmaLinux 10: 6.12.0-124.52.3.el10_1.x86_64Fedora 44: 6.19.14-300.fc44.x86_64Are patches or mitigations available?As of the time this blog was published on May 8, a kernel patch had been published for the xfrm-ESP Page-Cache Write vulnerability (CVE-2026-43284). It also appears that several distributions are beginning to publish security advisories, including Red Hat and Alma Linux, noting that patches are beginning to be released or will be available soon.The technical writeup for Dirty Frag offers a mitigation that can be used to remove the modules that contain these vulnerabilities and clear the page cache. However this could have other impacts and we recommend reviewing the available mitigation suggestions for the Linux distribution that you are using prior to applying the suggested mitigation option below:sh -c “printf ‘install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n’ > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; echo 3 > /proc/sys/vm/drop_caches; true”Is there a proof-of-concept (PoC) available?Yes, a public PoC was released on GitHub which also contains technical details. Additionally, a separate PoC has been released under a different name; Copy Fail 2: Electric Boogaloo.Historical exploitation of Linux kernel vulnerabilitiesThe Linux kernel has a long history as a target for privilege escalation attacks. CISA’s KEV catalog contains over 20 entries for Linux kernel flaws, including the recently disclosed Copy Fail vulnerability:CVEDescriptionDate Added to KEVKnown Ransomware UseCVE-2016-5195Linux Kernel Race Condition (Dirty Cow)2022-03-03UnknownCVE-2022-0847Linux Kernel Improper Initialization (Dirty Pipe)2022-04-25UnknownCVE-2026-31431Linux Kernel Local Privilege Escalation Vulnerability (Copy Fail)2026-05-01UnknownHas Tenable Research classified this as part of Vulnerability Watch?Yes, we classified both CVE-2026-43284 and CVE-2026-43500 as a Vulnerability of Interest under Vulnerability Watch due to the availability of a public proof-of-concept exploit and historical exploitation of similar Linux kernel vulnerabilities.Has Tenable released any product coverage for this vulnerability?A list of Tenable plugins for this vulnerability can be found on the individual CVE pages for CVE-2026-43284 and CVE-2026-43500 as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.Additionally, customers can utilize Tenable Attack Surface Management to identify public facing assets running Linux Get more informationDirty Frag PoC and technical writeupRed Hat RHSB-2026-003 Security AdvisoryAlma Linux Blog: Dirty Frag (CVE-2026-43284, CVE-2026-43500) Patches ReleasedTenable Blog: Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerabilityJoin Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

A flaw in the Linux kernel present since 2017 allows a local user to gain root access on virtually every major Linux distribution. A public exploit is available and reported to work reliably.Key TakeawaysCVE-2026-31431 is a high severity local privilege escalation vulnerability in the Linux kernel reportedly affecting virtually every major distribution released since 2017. A public exploit is available and reported to be reliable, drawing comparisons to previous high-profile Linux kernel privilege escalation flaws. Patched kernel versions are available, though some major distributions have not yet shipped updates.BackgroundTenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding CVE-2026-31431, a Linux kernel local privilege escalation vulnerability dubbed “Copy Fail.”FAQWhen was Copy Fail first disclosed?On March 23, researcher Taeyang Lee of Theori reported the vulnerability to the Linux kernel security team. The flaw was discovered in part using Theori’s AI-assisted security scanning tool, Xint Code. A mainline patch was committed on April 1, CVE-2026-31431 was assigned on April 22 and public disclosure occurred on April 29.What is CVE-2026-31431?CVE-2026-31431 is a local privilege escalation vulnerability in the Linux kernel’s cryptographic subsystem. It was assigned a CVSSv3 score of 7.8.CVEDescriptionCVSSv3CVE-2026-31431Linux Kernel Local Privilege Escalation Vulnerability7.8The flaw allows a local user to modify the kernel’s cached copy of a file in memory without changing the file on disk. By targeting a privileged binary, an attacker can gain root access. Because the modification exists only in the page cache, the underlying file on disk remains unchanged. Standard disk forensics would not detect the alteration, and clearing memory through a reboot or resource pressure causes the cache to reload from the original file. For a detailed technical breakdown, refer to the Xint Code blog post.Everyone focuses on memory corruption bugs in the Linux kernel, but we shouldn’t overlook logical bugs. https://t.co/PrSI435i35— 5unkn0wn (@5unKn0wn) April 30, 2026 How does Copy Fail compare to Dirty Cow and Dirty Pipe?Copy Fail has drawn comparisons to two other well-known Linux kernel privilege escalation vulnerabilities: Dirty Cow (CVE-2016-5195) and Dirty Pipe (CVE-2022-0847). Both are in the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog.Dirty Cow relied on a race condition, which meant exploitation could fail or require multiple attempts. Dirty Pipe had constraints around how data could be written and where in a file it could be modified. Copy Fail reportedly works consistently across distributions without relying on a race condition or write-position constraints.How severe is CVE-2026-31431?Any local user on a system running a vulnerable kernel can exploit this flaw to gain root access. The exploit uses kernel features that are enabled by default on most distributions and does not require special privileges or configuration.The highest risk environments are those where multiple users or workloads share a Linux kernel: cloud and multi-tenant systems, container clusters and CI/CD pipelines that run untrusted code. Because the exploit targets the kernel’s shared file cache, it can also cross container boundaries. On single-user systems, the risk is lower since an attacker would already need local access.Which Linux distributions are affected?Any Linux distribution shipping kernel 4.14 or later is affected. The vulnerability was introduced in 2017 and persisted across nearly a decade of kernel releases. Distribution patch status as of April 30:DistributionPatch StatusUbuntuPatchingSUSEPatchingRed HatPatchingDebianVulnerableAmazon LinuxVulnerableArch LinuxPatchedIs there a proof-of-concept (PoC) available?Yes. A public PoC was released on GitHub alongside the disclosure. The exploit is a short Python script that modifies a privileged binary in memory and then executes it to obtain root. It is reported to work reliably without requiring multiple attempts or precise timing.Are there other vulnerabilities related to Copy Fail?According to Theori, the same research effort that uncovered Copy Fail found additional security flaws in the kernel, at least one of which is also a privilege escalation issue. Those findings remain under coordinated disclosure. This blog will be updated if and when additional information becomes available.Are patches or mitigations available?Patched kernel versions have been released:Affected Kernel Version RangeFixed Kernel Version4.14N/A5.10.*5.10.2545.15.*5.15.2046.1.*6.1.1706.6.*6.6.1376.12.*6.12.856.18.*6.18.226.19.126.19.12>7.07.0The fix removes the 2017 optimization that allowed the vulnerability, restoring a safer separation between read and write operations in the kernel’s crypto interface.For systems where an immediate kernel update is not feasible, two workarounds are available depending on kernel configuration.If the module is loaded dynamically (CONFIG_CRYPTO_USER_API_AEAD=m):echo “install algif_aead /bin/false” > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || trueIf the module is compiled into the kernel (CONFIG_CRYPTO_USER_API_AEAD=y), which is the case on some enterprise kernels, the above will not work. Contributors on the oss-security mailing list have reported that adding the following to the kernel boot parameters and rebooting blocks the exploit:initcall_blacklist=algif_aead_initDiscussion on the oss-security mailing list has also identified several userspace applications that use the affected kernel interface, including but not limited to, cryptsetup and firefox-esr. In practice, initial testing by contributors on the thread has not caused these applications to fail, but the impact may vary by workload. Testing in a non-production environment before deploying either workaround is advisable.Historical exploitation of Linux kernel vulnerabilitiesThe Linux kernel has a long history as a target for privilege escalation attacks. CISA’s KEV catalog contains over 20 entries for Linux kernel flaws, including the two flaws most commonly compared to Copy Fail:CVEDescriptionDate Added to KEVKnown Ransomware UseCVE-2016-5195Linux Kernel Race Condition (Dirty Cow)2022-03-03UnknownCVE-2022-0847Linux Kernel Improper Initialization (Dirty Pipe)2022-04-25UnknownAs of April 30, CVE-2026-31431 is not listed in the KEV catalog.Has Tenable Research classified this as part of Vulnerability Watch?Yes, we classified CVE-2026-31431 as a Vulnerability of Interest under Vulnerability Watch due to the availability of a public proof-of-concept exploit and historical exploitation of similar Linux kernel vulnerabilities like Dirty Cow and Dirty Pipe that were exploited in the wild.Has Tenable released any product coverage for this vulnerability?A list of Tenable plugins for this vulnerability can be found on the CVE-2026-31431 page as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.Get more informationCopy Fail AdvisoryXint Code Blog: Copy Fail Linux DistributionsThe Register: Linux Cryptographic Code Flawoss-security: CVE-2026-31431 DisclosureJoin Tenable’s Research Special Operations (RSO) Team on the Tenable Community.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

Oracle addresses 241 CVEs in its second quarterly update of 2026 with 481 patches, including 34 critical updates.Key takeaways:The second Critical Patch Update (CPU) for 2026 contains fixes for 241 unique CVEs in 481 security updates 34 issues (7.1% of all patches) were assigned a critical severity rating Oracle Communications received the highest number of patches at 139, accounting for 28.9% of all patches BackgroundOn April 21, Oracle released its Critical Patch Update (CPU) for April 2026, the second quarterly update of the year. This CPU contains fixes for 241 unique CVEs in 481 security updates across 28 Oracle product families. Out of the 481 security updates published this quarter, 7.1% of patches were assigned a critical severity. High severity patches accounted for the bulk of security patches at 45.9%, followed by medium severity patches at 44.1%.This quarter’s update includes 34 critical patches across 22 CVEs.SeverityIssues PatchedCVEsCritical3422High22199Medium212107Low1413Total481241AnalysisThis quarter, the Oracle Communications product family contained the highest number of patches at 139, accounting for 28.9% of the total patches, followed by Oracle Financial Services Applications at 75 patches, which accounted for 15.6% of the total patches.A full breakdown of the patches for this quarter can be seen in the following table, which also includes a count of vulnerabilities that can be exploited over a network without authentication.Oracle Product FamilyNumber of PatchesRemote Exploit without AuthOracle Communications13993Oracle Financial Services Applications7559Oracle Fusion Middleware5946Oracle MySQL343Oracle PeopleSoft217Oracle E-Business Suite188Oracle Analytics1511Oracle Retail Applications1515Oracle Siebel CRM1413Oracle Java SE117Oracle GoldenGate107Oracle Enterprise Manager98Oracle Virtualization91Oracle Database Server84Oracle Utilities Applications76Oracle Hyperion64Oracle Construction and Engineering43Oracle Life Science Applications43Oracle Supply Chain42Oracle Blockchain Platform32Oracle Commerce32Oracle JD Edwards33Oracle Adapter for Eclipse RDF4J22Oracle Autonomous Health Framework21Oracle REST Data Services22Oracle Systems21Oracle TimesTen In-Memory Database11Oracle Hospitality Applications11SolutionCustomers are advised to apply all relevant patches in this quarter’s CPU. Please refer to the April 2026 advisory for full details.Identifying affected systemsA list of Tenable plugins to identify these vulnerabilities will appear here as they’re released. This link uses a search filter to ensure that all matching plugin coverage will appear as it is released.Get more informationOracle Critical Patch Update Advisory – April 2026Oracle April 2026 Critical Patch Update Risk MatricesOracle Advisory to CVE MapJoin Tenable’s Research Special Operations (RSO) Team on Tenable Connect for further discussions on the latest cyber threats.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.