Archive snapshot

Sat, May 09 · 06:00 AM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Sat, May 09 · 06:00 AM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

0

NVD vulnerabilities

25

Top stories

Sat, 09 May 2026 12:46:00 +0530

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

8.7/10 · Worth your time

The Hacker Newsvuln

Summary
cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 (CVSS s

Open article ↗

Sat, May 09 · 06:00 AM CDT

CISA Urges Critical Infrastructure Providers to Make Plans to Remain Operational if hit by Cyber-Attack

8.2/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Sat, May 09 · 06:00 AM CDT

OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos

8.0/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Sat, May 09 · 06:00 AM CDT

Researchers Spot Uptick in Use of Vercel for Phishing Campaigns

8.0/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Sat, May 09 · 06:00 AM CDT

Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign

8.0/10 · Worth your time

Infosecurity Magazinemalwareai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Sat, May 09 · 06:00 AM CDT

CloudZ Malware Abuses Phone Link to Steal SMS OTPs

8.0/10 · Worth your time

Infosecurity Magazinemalware

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Sat, May 09 · 06:00 AM CDT

One in Eight Workers Has Sold Their Corporate Logins

7.7/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Sat, May 09 · 12:00 AM CDT

Using Claude Code: The unreasonable effectiveness of HTML

7.6/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 6 hours ago.

Open article ↗

Sat, May 09 · 12:00 AM CDT

What causes lightning? The answer keeps getting more interesting

7.6/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 6 hours ago.

Open article ↗

Sat, May 09 · 04:00 AM CDT

Making Julia as Fast as C++

7.6/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 2 hours ago.

Open article ↗

Videos worth watching

Nothing surfaced yet.

NVD vulnerabilities

Mon, May 04 · 05:16 PM CDT

CVE-2026-24118

9.8/10 · Must read/watch

NVDvuln

Summary
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.11.0.

CVECVE-2026-24118

SeverityCRITICAL

TypeUPDATED

PublishedMon, May 04 · 05:16 PM CDT

ModifiedFri, May 08 · 07:30 PM CDT

Open article ↗

Mon, May 04 · 05:16 PM CDT

CVE-2026-24120

9.8/10 · Must read/watch

NVDvuln

Summary
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.10.5.

CVECVE-2026-24120

SeverityCRITICAL

TypeUPDATED

PublishedMon, May 04 · 05:16 PM CDT

ModifiedFri, May 08 · 07:29 PM CDT

Open article ↗

Mon, May 04 · 05:16 PM CDT

CVE-2026-24781

9.8/10 · Must read/watch

NVDvuln

Summary
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.11.

CVECVE-2026-24781

SeverityCRITICAL

TypeUPDATED

PublishedMon, May 04 · 05:16 PM CDT

ModifiedFri, May 08 · 07:29 PM CDT

Open article ↗

Mon, May 04 · 05:16 PM CDT

CVE-2026-26956

9.8/10 · Must read/watch

NVDvuln

Summary
vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run() obtains host process object and runs host commands with zero host cooperation. This issue has been patched in version 3.10.5.

CVECVE-2026-26956

SeverityCRITICAL

TypeUPDATED

PublishedMon, May 04 · 05:16 PM CDT

ModifiedFri, May 08 · 07:15 PM CDT

Open article ↗

Tue, May 05 · 08:16 PM CDT

CVE-2026-34084

9.8/10 · Must read/watch

NVDvuln

Summary
PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.2 and earlier, 2.0.0 through 2.1.14, 2.2.0 through 2.4.3, 3.3.0 through 3.10.3, and 4.0.0 through 5.5.0, when the filename argument to IOFactory::load() is user-controlled, an attacker can supply a PHP stream wrapper path (such as p

CVECVE-2026-34084

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 05 · 08:16 PM CDT

ModifiedFri, May 08 · 05:10 PM CDT

Open article ↗

Tue, May 05 · 09:16 PM CDT

CVE-2026-35579

9.8/10 · Must read/watch

NVDvuln

Summary
CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks whether the TSIG key name exists in the configuration but never calls dns.TsigVerify() to validate the HMAC. If the key

CVECVE-2026-35579

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 05 · 09:16 PM CDT

ModifiedFri, May 08 · 03:58 PM CDT

Open article ↗

Tue, May 05 · 07:16 PM CDT

CVE-2026-38428

9.8/10 · Must read/watch

NVDvuln

Summary
Kestra v1.3.3 and before is vulnerable to SQL Injection. The vulnerability occurs because user-controlled input from a GET parameter is directly concatenated into an SQL query without proper sanitization or parameterization. As a result, attackers can inject arbitrary SQL expressions into the database query.

CVECVE-2026-38428

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 05 · 07:16 PM CDT

ModifiedFri, May 08 · 07:24 PM CDT

Open article ↗

Tue, May 05 · 05:17 PM CDT

CVE-2026-38431

9.8/10 · Must read/watch

NVDvuln

Summary
ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection (SSTI). An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered.

CVECVE-2026-38431

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 05 · 05:17 PM CDT

ModifiedFri, May 08 · 05:06 PM CDT

Open article ↗

Fri, May 01 · 03:16 PM CDT

CVE-2026-43038

9.8/10 · Must read/watch

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inet_skb_parm. When skb is cloned into skb2 and passed to

CVECVE-2026-43038

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 01 · 03:16 PM CDT

ModifiedFri, May 08 · 06:47 PM CDT

Open article ↗

Fri, May 01 · 03:16 PM CDT

CVE-2026-43039

9.8/10 · Must read/watch

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emac_dispatch_skb_zc() allocates a new skb via napi_alloc_skb() but never copies the packet data from the XDP buffer into it. The skb is passed up the stack containing uni

CVECVE-2026-43039

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 01 · 03:16 PM CDT

ModifiedFri, May 08 · 06:48 PM CDT

Open article ↗

Tue, May 05 · 04:16 PM CDT

CVE-2026-43067

9.8/10 · Must read/watch

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 ("ext4: always allocate blocks only from groups inode can use") restricts what blocks will be allocated for indirect block based files to block numbers tha

CVECVE-2026-43067

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 05 · 04:16 PM CDT

ModifiedFri, May 08 · 01:16 PM CDT

Open article ↗

Mon, May 04 · 06:16 PM CDT

CVE-2026-42087

9.6/10 · Must read/watch

NVDvuln

Summary
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database (TSDB) component of COSMOS. The tsdb_lookup function in the cvt_model.rb file directly

CVECVE-2026-42087

SeverityCRITICAL

TypeUPDATED

PublishedMon, May 04 · 06:16 PM CDT

ModifiedFri, May 08 · 07:53 PM CDT

Open article ↗

Wed, May 06 · 10:16 AM CDT

CVE-2026-43114

9.4/10 · Must read/watch

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -f foo. This works. T

CVECVE-2026-43114

SeverityCRITICAL

TypeUPDATED

PublishedWed, May 06 · 10:16 AM CDT

ModifiedFri, May 08 · 05:54 PM CDT

Open article ↗

Tue, Sep 09 · 02:15 PM CDT

CVE-2025-54236

9.1/10 · Must read/watch

NVDvuln

Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue doe

CVECVE-2025-54236

SeverityCRITICAL

TypeUPDATED

PublishedTue, Sep 09 · 02:15 PM CDT

ModifiedTue, May 05 · 01:00 AM CDT

Open article ↗

Tue, May 05 · 04:16 PM CDT

CVE-2026-43071

9.1/10 · Must read/watch

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentry_hashtable when user sets 'dhash_entries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 #PF: supervisor read access in kernel mode #PF: error_co

CVECVE-2026-43071

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 05 · 04:16 PM CDT

ModifiedFri, May 08 · 01:16 PM CDT

Open article ↗

Wed, May 06 · 10:16 AM CDT

CVE-2026-43083

9.1/10 · Must read/watch

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace->type.bit6 is set: if (trace->type.bit6) { ... queue = skb_get_tx_queue(dev, skb); qdisc = rcu_dereference(queue->qdisc); This code can lead to an out-of-bounds access of the dev->_tx[] array when is_inpu

CVECVE-2026-43083

SeverityCRITICAL

TypeUPDATED

PublishedWed, May 06 · 10:16 AM CDT

ModifiedFri, May 08 · 01:16 PM CDT

Open article ↗

Wed, Sep 12 · 02:29 PM CDT

CVE-2018-3882

8.8/10 · Worth your time

NVDvuln

Summary
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities,

CVECVE-2018-3882

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 12 · 02:29 PM CDT

ModifiedFri, May 08 · 03:47 PM CDT

Open article ↗

Wed, Sep 12 · 02:29 PM CDT

CVE-2018-3883

8.8/10 · Worth your time

NVDvuln

Summary
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and sort_order parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulne

CVECVE-2018-3883

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 12 · 02:29 PM CDT

ModifiedFri, May 08 · 03:47 PM CDT

Open article ↗

Wed, Sep 12 · 02:29 PM CDT

CVE-2018-3884

8.8/10 · Worth your time

NVDvuln

Summary
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and start parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabili

CVECVE-2018-3884

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 12 · 02:29 PM CDT

ModifiedFri, May 08 · 03:47 PM CDT

Open article ↗

Wed, Sep 12 · 02:29 PM CDT

CVE-2018-3885

8.8/10 · Worth your time

NVDvuln

Summary
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and

CVECVE-2018-3885

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 12 · 02:29 PM CDT

ModifiedFri, May 08 · 03:47 PM CDT

Open article ↗

Tue, May 05 · 08:16 PM CDT

CVE-2026-33324

8.8/10 · Worth your time

NVDvuln

Summary
SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided question parameter is directly concatenated into the LLM prompt without filtering or escaping, and the SQL extracted from th

CVECVE-2026-33324

SeverityHIGH

TypeUPDATED

PublishedTue, May 05 · 08:16 PM CDT

ModifiedFri, May 08 · 07:22 PM CDT

Open article ↗

Tue, May 05 · 08:16 PM CDT

CVE-2026-35397

8.8/10 · Worth your time

NVDvuln

Summary
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the root_dir. For example, with a root_dir na

CVECVE-2026-35397

SeverityHIGH

TypeUPDATED

PublishedTue, May 05 · 08:16 PM CDT

ModifiedFri, May 08 · 07:11 PM CDT

Open article ↗

Fri, May 01 · 03:16 PM CDT

CVE-2026-43018

8.8/10 · Worth your time

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt hci_conn lookup and field access must be covered by hdev lock in hci_le_remote_conn_param_req_evt, otherwise it's possible it is freed concurrently. Extend the hci_dev_lock cri

CVECVE-2026-43018

SeverityHIGH

TypeUPDATED

PublishedFri, May 01 · 03:16 PM CDT

ModifiedFri, May 08 · 02:15 PM CDT

Open article ↗

Wed, May 06 · 10:16 AM CDT

CVE-2026-43110

8.8/10 · Worth your time

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events brcmf_fweh_handle_if_event() validates the firmware-provided interface index before it touches drvr->iflist[], but it still uses the raw bsscfgidx field as an array index without a matching range che

CVECVE-2026-43110

SeverityHIGH

TypeUPDATED

PublishedWed, May 06 · 10:16 AM CDT

ModifiedFri, May 08 · 08:14 PM CDT

Open article ↗

Wed, May 06 · 10:16 AM CDT

CVE-2026-43112

8.8/10 · Worth your time

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath When cifs_sanitize_prepath is called with an empty string or a string containing only delimiters (e.g., "/"), the current logic attempts to check *(cursor2 - 1) before cursor2 has advanced.

CVECVE-2026-43112

SeverityHIGH

TypeUPDATED

PublishedWed, May 06 · 10:16 AM CDT

ModifiedFri, May 08 · 07:43 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.