Dossier
CVE-2026-5426
Coverage of CVE-2026-5426 in the Nexus archive.
- KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A high-severity vulnerability in Digital Knowledge's KnowledgeDeliver LMS (CVE-2026-5426) was exploited as a zero-day to deploy the Godzilla web shell and Cobalt Strike Beacon. The flaw, involving hard-coded ASP.NET machine keys, has now been patched.