Skip to content
The Nexus
DossierENTITY

VulnCheck

Coverage of VulnCheck in the Nexus archive.

Earliest in view: May 4 · 21:54 UTCMost recent: Jun 1 · 22:29 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 1 · 22:29 UTCCYBERSCOOP
    Attackers are exploiting Palo Alto Networks defect that initially flew under the radar

    Palo Alto Networks' CVE-2026-0257 vulnerability, initially rated medium severity, was escalated to critical after active exploitation was confirmed. Attackers exploit the flaw to bypass authentication and establish unauthorized VPN connections, leveraging a publicly available TLS certificate to forge valid authentication cookies.

  • SECURITYMay 18 · 13:02 UTCTHE REGISTER
    NGINX Rift attackers waste no time targeting exposed servers

    A newly disclosed NGINX bug, dubbed 'NGINX Rift', is being actively exploited by attackers, with over 5.7 million internet-exposed servers potentially vulnerable. The bug, assigned a CVSS score of 9.2, can cause a crashed worker process and forced restart, and potentially allow code execution in certain configurations. Researchers are seeing active exploitation attempts just days after the CVE was published.

  • SECURITYMay 17 · 11:57 UTCTHE HACKER NEWS
    NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

    A security flaw in NGINX Plus and NGINX Open is being actively exploited, causing worker crashes and possible remote code execution. The vulnerability, tracked as CVE-2026-42945, has a CVSS score of 9.2 and affects NGINX versions 0.6.27 through 1.30.0. The exploitation was reported by VulnCheck and depthfirst.

  • SECURITYMay 7 · 21:50 UTCCYBERSCOOP
    Ivanti customers confront yet another actively exploited zero-day

    Ivanti customers are being targeted by attackers exploiting a zero-day vulnerability in Ivanti Endpoint Manager Mobile, with limited exploitation reported. The company has released patches for five high-severity vulnerabilities, including the zero-day defect. Ivanti warned customers of the threat and suggested rotating credentials to reduce risk.

  • SECURITYMay 5 · 11:56 UTCTHE HACKER NEWS
    MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

    Threat actors are exploiting a critical security flaw in MetInfo CMS, specifically CVE-2026-29014, which allows for remote code execution attacks. The vulnerability affects MetInfo CMS versions 7.9, 8.0, and 8.1. This flaw has a high CVSS score of 9.8.

  • SECURITYMay 4 · 21:54 UTCCYBERSCOOP
    ‘Copy Fail’ is a real Linux security crisis wrapped in AI slop

    A Linux vulnerability known as 'Copy Fail' is being actively exploited, allowing attackers to gain total control of a system with authenticated local access. The vulnerability was discovered by Theori using AI and affects Linux kernels built since 2017. Patches have been issued for major Linux distributions.

VulnCheck · Dossier · The Nexus