Development & Open Source
Software development and open source follows supply chain, dependencies, tooling, repositories and code security. The cluster highlights vulnerabilities, updates and useful practices for developers and maintainers.

X.Org Server: GLX Use-After-Free Bug Enables Local Root Escalation on Linux
A use-after-free vulnerability in the CommonMakeCurrent function allows a local attacker to escalate privileges to root. The flaw was…

7-Zip XZ Parser RCE Vulnerability: Opening an Archive Is Enough
A heap-based buffer overflow in 7-Zip's XZ parser enables remote code execution. The flaw, tracked as ZDI-26-444 and CVE-2026-14266, t…

Microsoft Revokes 11 Legacy UEFI Shims: Secure Boot Bypassed via Signed Bootloaders
Eleven Microsoft-signed UEFI shim bootloaders allowed Secure Boot bypass on any trusting system. Revocation arrived with the June 2026…

Operation Muck and Load: 222 GitHub Repositories Weaponized to Distribute Windows Malware
A threat actor built a network of 222 GitHub repositories across 190 accounts to distribute Windows malware via malicious Go modules.…

CISA Orders 3-Day Patch for CVE-2026-55255 in Langflow
An IDOR in Langflow's /api/v1/responses endpoint lets authenticated attackers steal LLM and cloud credentials from other users' flows.…

GhostLock: 15-Year Linux Kernel Bug Now Publicly Exploitable, Guarantees Root
CVE-2026-43499 enables root escalation and container escape on nearly every Linux distribution since 2011. Nebula Security published t…

X.Org Server: A Forgotten Bug Returns as Privilege Escalation — The ZDI-26-395 Case
A use-after-free flaw in SyncChangeCounter enables local privilege escalation to root on X.Org Server. The bug mirrors a pattern alrea…

Exploitarium: The Speed Paradox — Public Exploits for Already-Patched Flaws
Pseudonymous researcher 'bikini' dumped 30+ zero-day PoCs on GitHub without coordinated disclosure. CVE-2026-55200 in libssh2 had a fi…

Januscape: 16-Year-Old KVM Bug Enables Guest-to-Host Escape on Intel and AMD
CVE-2026-53359 strikes the shared shadow MMU code in Linux KVM used by both Intel and AMD. The flaw has existed since 2010 and require…

Cisco Talos Releases ClamAV 1.5.3 and 1.4.5: Seven Legacy Vulnerabilities Patched
ClamAV 1.5.3 and 1.4.5 address vulnerabilities in PE file, archive, and disk image parsers. Two bugs survived roughly 20 years in crit…

Bad Epoll: Linux Kernel Bug Roots Android, Escapes Chrome Sandbox
CVE-2026-46242 is a race condition in the Linux kernel's epoll subsystem that allows an unprivileged user to gain root privileges. The…

ZDI-26-396: Reversed Operator in X.Org Server Opens Door to Arbitrary Read
An elementary coding error in X.Org Server allows out-of-bounds reads with potential escalation: the details of ZDI-26-396.