Skip to content
The Nexus
DossierENTITY

Jonah Burgess

Coverage of Jonah Burgess in the Nexus archive.

Earliest in view: May 15 · 11:15 UTCMost recent: May 29 · 18:26 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 29 · 18:26 UTCTHE REGISTER
    No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

    A critical remote code execution (RCE) vulnerability in Gogs, a self-hosted Git service, remains unpatched despite being reported in March. The flaw allows authenticated users to exploit default installations, steal credentials, and execute arbitrary code. Rapid7 researcher Jonah Burgess disclosed the issue (GHSA-qf6p-p7ww-cwr9) and submitted a proposed fix, but Gogs maintainers have not released a patch, prompting a Metasploit module to be published.

  • SECURITYMay 15 · 11:15 UTCTHE REGISTER
    Patch time for Cisco SD-WAN admins as vendor drops yet another make-me-admin zero-day

    Cisco admins must patch a max-severity make-me-admin bug affecting Catalyst SD-WAN Controller and Manager, which allows unauthenticated remote attackers to gain admin privileges. The vulnerability, CVE-2026-20182, has been exploited as a zero-day and was added to the Known Exploited Vulnerabilities catalog. Cisco strongly recommends applying available fixes.

Jonah Burgess · Dossier · The Nexus