#vulnerability
bleepingcomputer.com · ⭐️ 9/10 · 2026-07-11
Binarly disclosed six vulnerabilities in U-Boot's FIT signature verification code, two enabling arbitrary code execution and four causing denial of service. The flaws affect over 50 stable versions dating back to 2013.07 and numerous downstream branches. Attackers can execute malicious code before the operating system boots, bypassing all security measures and potentially installing persistent firmware malware. For systems with remote firmware update capabilities like BMCs, exploitation requires no physical access, posing a severe threat to embedded and server ecosystems. The vulnerabilities reside in how untrusted FIT images are processed before signature validation completes. Remote exploitation is possible via malicious firmware updates, and while patches have been accepted into U-Boot, each hardware vendor must integrate and distribute them—legacy devices may never receive fixes.
coolapk.com · ⭐️ 9/10 · 2026-07-08
Nebula Security disclosed a remote root exploit chain targeting all Android versions, combining a Firefox browser vulnerability (affecting version 151.0.2 and earlier) and a 15-year-old Linux kernel flaw (CVE-2026-43499, GhostLock), with proof-of-concept code released on GitHub. This exploit chain allows attackers to gain persistent root access on any Android device by simply tricking a user into clicking a malicious link, posing a severe security risk to billions of users and potentially leading to widespread exploitation. The attack leverages a remote code execution vulnerability in Mozilla Firefox and the GhostLock kernel flaw for privilege escalation, enabling attackers to execute arbitrary commands via ADB and implant files for persistent control.
github.com · ⭐️ 9/10 · 2026-07-07
Researchers disclosed Januscape (CVE-2026-53359), a use-after-free vulnerability in KVM's shadow MMU that allows a guest VM to escape to the host on both Intel and AMD platforms. The bug has existed in the Linux kernel for approximately 16 years, from 2010 to June 2026. This is the first publicly known guest-to-host escape exploit that works on both Intel VMX and AMD SVM, making it a critical threat to multi-tenant cloud environments using KVM. The vulnerability was used as a 0-day in Google's kvmCTF and could compromise isolation boundaries of cloud providers. The flaw resides in the function kvmmmugetchildsp() within the shadow MMU code shared by both Intel and AMD x86 KVM implementations. PoC code has been released that triggers host kernel panic from a guest, and on RHEL-like distributions, a local unprivileged user can also escalate to root.
javoriuski.com · ⭐️ 9/10 · 2026-07-04
A prompt injection vulnerability in YouTube's AI comment summarization tool allows attackers to leak the titles of a creator's private videos by leaving a crafted comment that injects a malicious prompt. This vulnerability compromises the privacy of YouTube creators by exposing their private video titles, and highlights the broader security risks of integrating large language models into user-facing applications without adequate safeguards against prompt injection. The attack works when a creator opens YouTube Studio's comment tab and clicks a suggested AI prompt; the injected comment then forces the model to include private video titles in its response. Community testing shows mixed results, with some users unable to reproduce the issue, indicating possible partial mitigations by YouTube.
nvd.nist.gov · ⭐️ 8/10 · 2026-07-08
A use-after-free vulnerability (CVE-2026-57589) has been discovered in OpenBSD, allowing a local attacker to escalate privileges to root. This vulnerability is significant because OpenBSD is renowned for its security focus, and a local privilege escalation bug could undermine that reputation. It affects all systems running the vulnerable version. The vulnerability was discovered as part of the 'Patch The Planet' initiative by OpenAI and Trail of Bits. Details are currently limited; the OpenBSD security page does not yet list it.
nvdb.org.cn · ⭐️ 8/10 · 2026-07-08
China's Ministry of Industry and Information Technology (MIIT) issued a risk notice on July 8, 2025, warning that Claude Code versions 2.1.91 through 2.1.196 contain a backdoor that secretly transmits users' location and identity information to remote servers without consent. This is significant because Claude Code is a widely used AI coding tool, and the backdoor compromises the privacy and security of many developers. The authoritative warning from a government body like MIIT underscores the severity of the threat and may prompt organizations to reassess their use of AI tools in development pipelines. The affected versions span from 2.1.91 to 2.1.196, and the backdoor includes a built-in monitoring mechanism that exfiltrates sensitive data. Users are advised to immediately check, uninstall the vulnerable versions, or upgrade to the latest secure version that has removed the malicious code, and to strengthen outbound permission controls and traffic monitoring for development tools.
research.jfrog.com · ⭐️ 8/10 · 2026-06-28
Security researchers at JFrog disclosed a new Linux kernel local privilege escalation vulnerability named DirtyClone (CVE-2026-43503), which allows unprivileged local users to gain root access by exploiting a flaw in socket buffer cloning that loses the SKBFLSHAREDFRAG flag. This vulnerability is critical because it affects widely-used Linux distributions with default unprivileged user namespaces, such as Debian, Ubuntu, and Fedora, and can be exploited without leaving kernel logs or audit traces, making it especially dangerous for multi-tenant cloud environments and Kubernetes clusters. The vulnerability was patched in Linux kernel v7.1-rc5 on May 21, 2026; mitigations include disabling unprivileged user namespaces via kernel.unprivilegedusernsclone=0 or blocking the esp4, esp6, and rxrpc kernel modules.