news
Security Patches and Other Security News
-
Security Week ☛ Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories
AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact.
-
Diffoscope ☛ Reproducible Builds (diffoscope): diffoscope 322 released
The diffoscope maintainers are pleased to announce the release of diffoscope version
* Add a local version of the (deprecated) os.path.commonprefix method.322. This version includes the following changes: -
Security Week ☛ More Klue Breach Victims Identified as Hackers Get Hacked
Roughly two dozen companies have notified their customers of the Klue-Salesfarce incident impact.
-
Security Week ☛ $3 Million Reportedly Stolen in Polymarket Hack
The decentralized prediction market said hackers targeted some of its users through a compromise of a third-party vendor.
-
Security Week ☛ First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild
CISA has added the remote code execution flaw CVE-2026-12569 to its Known Exploited Vulnerabilities catalog.
-
LWN ☛ Security updates for Friday
Security updates have been issued by AlmaLinux (buildah, coreutils, evince, libpng, libreoffice, libtasn1, libxml2, libxslt, nginx, nginx:1.24, nginx:1.26, postgresql:12, python-urllib3, python3.12-urllib3, python3.14, python3.14-urllib3, skopeo, tigervnc, tomcat, and vim), Debian (chromium, dnsdist, giflib, libdbi-perl, libssh2, libtext-csv-xs-perl, pdns, pdns-recursor, python-urllib3, and sogo), Fedora (goose, httpd, librabbitmq, perl-Compress-Raw-Bzip2, perl-DBI, perl-IO-Compress, perl-Socket, python-django-allauth, rsync, and strongswan), Oracle (389-ds-base, buildah, containernetworking-plugins, coreutils, evince, fence-agents, giflib, git-lfs, hplip, krb5, libcap, libexif, libtasn1, memcached, opencryptoki, podman, postfix, postgresql:12, postgresql:13, postgresql:15, postgresql:16, python-urllib3, python3.12-urllib3, python3.14-urllib3, python3.9, runc, skopeo, tigervnc, vim, webkit2gtk3, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (apache-commons-configuration2, apache-commons-text, apache2, containerd, kernel, libnilfs3, libopenbabel8, libtar, libzypp, lrzip, nodejs24, ofono, perl-Net-Dropbox-API, podman, python-pip, python-PyJWT, python311-aiohttp, python311-nltk, python311-python-multipart, python312, and python315), and Ubuntu (amd64-microcode, containerd, containerd-app, containerd-stable, cpp-httplib, imagemagick, mina2, node-pbkdf2, NSD, and xrdp).
-
SQ Magazine ☛ Critical Linux pedit COW Bug Gives Hackers Instant Root Access
Security researchers have disclosed a new Linux privilege escalation vulnerability named pedit COW, tracked as CVE-2026-46331. The flaw exists in the Linux kernel’s traffic control subsystem and can allow an unprivileged local user to gain full root access.
The vulnerability has drawn significant attention because a public proof of concept exploit was released almost immediately after the CVE became public, giving attackers a ready made method to compromise vulnerable systems.
-
Hacker News ☛ New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets
DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant.
Tracked as CVE-2026-43503 (CVSS 8.8), it lets a local user corrupt file-backed memory through a cloned network packet and gain root. The patch landed in mainline on May 21; if your kernel does not have it, update now.
-
Hacker News ☛ New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw as important.