Vulnerabilities - Neural Digest

Sign in Subscribe

Vulnerabilities

A collection of 3 posts

Dirty Frag: The Universal Linux Root Exploit You Need to Patch Today

Dirty Frag: The Universal Linux Root Exploit You Need to Patch Today

Last updated: May 8, 2026. A new Linux kernel vulnerability called Dirty Frag lets any logged-in user become root with a single command on nearly every major Linux distribution. A working proof-of-concept is already public. If you run a Linux server, desktop, VPS, container host, or even a Raspberry Pi,

Dark server room with glowing red and blue racks and a holographic broken padlock representing the cPanel CVE-2026-41940 authentication bypass

CVE-2026-41940: A Single Cookie Just Owned 70 Million Websites

A CRLF injection in the cPanel/WHM login flow lets unauthenticated attackers write user=root into a session file. Active exploitation includes Mirai variants and a ransomware strain called "Sorry." Here's what to patch and how.

Copy Fail (CVE-2026-31431): The 9-Year-Old Linux Bug That Hands Out Root in Seconds

Copy Fail (CVE-2026-31431): The 9-Year-Old Linux Bug That Hands Out Root in Seconds

A 732-byte Python script can take any unprivileged Linux account to root on virtually every distribution shipped since 2017. Here is what Copy Fail does, who is at risk, and exactly how to patch it.