Archive snapshot

Tue, May 19 · 12:00 PM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Tue, May 19 · 12:00 PM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

0

NVD vulnerabilities

25

Top stories

Tue, May 19 · 12:00 PM CDT

AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

9.8/10 · Must read/watch

Infosecurity Magazinevulnai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, 19 May 2026 20:26:26 +0530

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

9.8/10 · Must read/watch

The Hacker Newsvuln

Summary
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Z

Open article ↗

Tue, May 19 · 12:00 PM CDT

Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool

9.6/10 · Must read/watch

Infosecurity Magazinemalware

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, 19 May 2026 17:00:00 +0530

The New Phishing Click: How OAuth Consent Bypasses MFA

9.3/10 · Must read/watch

The Hacker Newsidentity

Summary
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries.  The targets of the platform received a message asking them to e

Open article ↗

Tue, May 19 · 12:00 PM CDT

Agentic AI Accelerates Software Builds and Mobile App Attacks

9.1/10 · Must read/watch

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Tue, May 19 · 11:00 AM CDT

I’ve joined Anthropic

8.4/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Tue, May 19 · 09:00 AM CDT

Intro to TLA+ for the LLM Era: Prompt Your Way to Victory

8.2/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 3 hours ago.

Open article ↗

Tue, May 19 · 06:00 AM CDT

Photo GIMP – A Patch for GIMP 3 for Photoshop Users

8.2/10 · Worth your time

Hacker Newsvuln

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 6 hours ago.

Open article ↗

Tue, May 19 · 11:00 AM CDT

Gentoo News: Copy Fail, Dirty Frag, and Fragnesia Kernel Vulnerabilities

8.1/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Tue, May 19 · 12:00 PM CDT

Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

7.8/10 · Worth your time

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Nothing surfaced yet.

NVD vulnerabilities

Thu, Mar 02 · 12:15 PM CST

CVE-2021-3854

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15.

CVECVE-2021-3854

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 02 · 12:15 PM CST

ModifiedMon, May 18 · 12:16 PM CDT

Open article ↗

Fri, Feb 24 · 12:15 PM CST

CVE-2021-4105

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727.

CVECVE-2021-4105

SeverityCRITICAL

TypeUPDATED

PublishedFri, Feb 24 · 12:15 PM CST

ModifiedMon, May 18 · 01:16 PM CDT

Open article ↗

Fri, Feb 18 · 02:15 PM CST

CVE-2022-0664

9.8/10 · Must read/watch

NVDvuln

Summary
Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1.

CVECVE-2022-0664

SeverityCRITICAL

TypeUPDATED

PublishedFri, Feb 18 · 02:15 PM CST

ModifiedMon, May 18 · 04:44 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-45088

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-45088

SeverityCRITICAL

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-4557

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-4557

SeverityCRITICAL

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Tue, Apr 28 · 04:16 PM CDT

CVE-2025-60889

9.8/10 · Must read/watch

NVDvuln

Summary
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.

CVECVE-2025-60889

SeverityCRITICAL

TypeUPDATED

PublishedTue, Apr 28 · 04:16 PM CDT

ModifiedMon, May 18 · 06:23 PM CDT

Open article ↗

Thu, Mar 05 · 07:16 AM CST

CVE-2026-2743

9.8/10 · Must read/watch

NVDvuln

Summary
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before

CVECVE-2026-2743

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 05 · 07:16 AM CST

ModifiedMon, May 18 · 05:16 PM CDT

Open article ↗

Tue, Apr 21 · 09:16 PM CDT

CVE-2026-33518

9.8/10 · Must read/watch

NVDvuln

Summary
An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows and Linux that allows highly privileged users to create developer credentials that may grant more privileges than expected.

CVECVE-2026-33518

SeverityCRITICAL

TypeUPDATED

PublishedTue, Apr 21 · 09:16 PM CDT

ModifiedMon, May 18 · 06:20 PM CDT

Open article ↗

Tue, Apr 21 · 09:16 PM CDT

CVE-2026-33519

9.8/10 · Must read/watch

NVDvuln

Summary
An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check permissions assigned to developer credentials.

CVECVE-2026-33519

SeverityCRITICAL

TypeUPDATED

PublishedTue, Apr 21 · 09:16 PM CDT

ModifiedMon, May 18 · 06:19 PM CDT

Open article ↗

Fri, May 01 · 05:16 PM CDT

CVE-2026-37531

9.8/10 · Must read/watch

NVDvuln

Summary
AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename function in wgtpkg-zip.c validates ZIP entry names but does not check for dot notation directory traversal sequences it onl

CVECVE-2026-37531

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 01 · 05:16 PM CDT

ModifiedMon, May 18 · 05:12 PM CDT

Open article ↗

Wed, Apr 29 · 12:16 PM CDT

CVE-2026-42248

9.8/10 · Must read/watch

NVDvuln

Summary
Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before staging or executing update p

CVECVE-2026-42248

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 29 · 12:16 PM CDT

ModifiedMon, May 18 · 06:22 PM CDT

Open article ↗

Wed, Apr 29 · 12:16 PM CDT

CVE-2026-42249

9.8/10 · Must read/watch

NVDvuln

Summary
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These values are passed direct

CVECVE-2026-42249

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 29 · 12:16 PM CDT

ModifiedMon, May 18 · 06:23 PM CDT

Open article ↗

Sat, May 09 · 08:16 PM CDT

CVE-2026-42257

9.8/10 · Must read/watch

NVDvuln

Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain

CVECVE-2026-42257

SeverityCRITICAL

TypeUPDATED

PublishedSat, May 09 · 08:16 PM CDT

ModifiedMon, May 18 · 05:59 PM CDT

Open article ↗

Sat, May 09 · 08:16 PM CDT

CVE-2026-42258

9.8/10 · Must read/watch

NVDvuln

Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched in versions 0.4.24, 0

CVECVE-2026-42258

SeverityCRITICAL

TypeUPDATED

PublishedSat, May 09 · 08:16 PM CDT

ModifiedMon, May 18 · 06:02 PM CDT

Open article ↗

Sat, Apr 25 · 06:16 AM CDT

CVE-2026-6951

9.8/10 · Must read/watch

NVDvuln

Summary
Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed t

CVECVE-2026-6951

SeverityCRITICAL

TypeUPDATED

PublishedSat, Apr 25 · 06:16 AM CDT

ModifiedMon, May 18 · 06:20 PM CDT

Open article ↗

Fri, May 08 · 11:16 PM CDT

CVE-2026-42354

9.1/10 · Must read/watch

NVDvuln

Summary
Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the SAML SSO implementation of Sentry. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organiz

CVECVE-2026-42354

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 08 · 11:16 PM CDT

ModifiedMon, May 18 · 02:43 PM CDT

Open article ↗

Fri, May 08 · 11:16 PM CDT

CVE-2026-42556

8.9/10 · Worth your time

NVDvuln

Summary
Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their own save request and send the public preview link /p/ ?share=true to another user. The preview page renders that stored HTM

CVECVE-2026-42556

SeverityHIGH

TypeUPDATED

PublishedFri, May 08 · 11:16 PM CDT

ModifiedMon, May 18 · 02:27 PM CDT

Open article ↗

Wed, Mar 01 · 08:15 AM CST

CVE-2021-3855

8.8/10 · Worth your time

NVDvuln

Summary
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Liman Central Management System Liman MYS (HTTP/Controllers, CronMail, Jobs modules) allows Command Injection. This issue affects Liman Central Management System: from 1.7.0 before 1.8.3-462.

CVECVE-2021-3855

SeverityHIGH

TypeUPDATED

PublishedWed, Mar 01 · 08:15 AM CST

ModifiedMon, May 18 · 01:16 PM CDT

Open article ↗

Fri, Sep 09 · 08:15 PM CDT

CVE-2022-36110

8.8/10 · Worth your time

NVDvuln

Summary
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions via the API. This prob

CVECVE-2022-36110

SeverityHIGH

TypeUPDATED

PublishedFri, Sep 09 · 08:15 PM CDT

ModifiedMon, May 18 · 04:44 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-45089

8.8/10 · Worth your time

NVDvuln

Summary
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-45089

SeverityHIGH

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-45090

8.8/10 · Worth your time

NVDvuln

Summary
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-45090

SeverityHIGH

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Thu, Aug 24 · 11:15 PM CDT

CVE-2023-32079

8.8/10 · Worth your time

NVDvuln

Summary
Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run `docker pull gravitl/netm

CVECVE-2023-32079

SeverityHIGH

TypeUPDATED

PublishedThu, Aug 24 · 11:15 PM CDT

ModifiedMon, May 18 · 04:44 PM CDT

Open article ↗

Fri, May 08 · 10:16 PM CDT

CVE-2026-41486

8.8/10 · Worth your time

NVDvuln

Summary
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types (ray.data.arrow_tensor, ray.data.arrow_tensor_v2, ray.data.arrow_variable_shaped_tensor) globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls __a

CVECVE-2026-41486

SeverityHIGH

TypeUPDATED

PublishedFri, May 08 · 10:16 PM CDT

ModifiedMon, May 18 · 06:30 PM CDT

Open article ↗

Thu, Jan 27 · 01:15 PM CST

CVE-2021-44793

8.6/10 · Worth your time

NVDvuln

Summary
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive inform

CVECVE-2021-44793

SeverityHIGH

TypeUPDATED

PublishedThu, Jan 27 · 01:15 PM CST

ModifiedMon, May 18 · 01:16 PM CDT

Open article ↗

Thu, Mar 26 · 09:17 PM CDT

CVE-2026-0966

8.2/10 · Worth your time

NVDvuln

Summary
A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to `SSH_LOG_P

CVECVE-2026-0966

SeverityHIGH

TypeUPDATED

PublishedThu, Mar 26 · 09:17 PM CDT

ModifiedTue, May 19 · 10:16 AM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.