Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.

Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026–8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.

“External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks,” Ivanti said in an advisory.

Functional Reorganization of Corticostriatal Connectivity Across the Degree of Nigrostriatal Degeneration in Parkinson Disease

This website uses a security service to protect against malicious bots. This page is displayed while the website verifies you are not a bot.

Avada Builder WordPress plugin flaws allow site credential theft

Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database.

One of the flaws is tracked as CVE-2026–4782 and can be exploited in all versions of the plugin through 3.15.2 by an authenticated users with at least subscriber-level access to read the contents of any file on the server.

The other security issue received the identifier CVE-2026–4798 and is an SQL injection that can be leveraged without authentication. However, exploitation is possible only if the WooCommerce e-commerce plugin for WordPress has been enabled and then deactivated.

Microsoft backpedals: Edge to stop loading passwords into memory

Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was “by design.”

This behavior was disclosed on May 4 by security researcher Tom Jøran Sønstebyseter Rønning, who demonstrated that all credentials stored in the Edge built-in password manager were decrypted on launch and kept in memory even when not in use.

Rønning also released a proof-of-concept (PoC) tool that would allow attackers with Administrator privileges to dump passwords from other users’ Edge processes (without admin privileges, the PoC only allows accessing Edge processes launched by the same user).

Gene Therapy for Parkinson’s Disease Associated with GBA1 Mutations

Abeliovich et al. make a compelling case for the promise of using gene therapy to treat Parkinson’s disease (PD) patients who possess mutations in the GBA1 gene. People interested in the clinical-translational side of biomedicine should definitely check this out!

This website uses a security service to protect against malicious bots. This page is displayed while the website verifies you are not a bot.

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

According to Rapid7, which discovered CVE-2026–20182, the shortcoming has its echoes in CVE-2026–20127 (CVSS score: 10.0), another critical authentication bypass impacting the same component. The latter is said to have been exploited by a threat actor called UAT-8616 since at least 2023.

“This new authentication bypass vulnerability affects the ‘vdaemon’ service over DTLS (UDP port 12346), which is the same service that was vulnerable to CVE-2026–20127,” Rapid7 researchers Jonah Burgess and Stephen Fewer said. “The new vulnerability is not a patch bypass of CVE-2026–20127. It is a different issue located in a similar part of the ‘vdaemon’ networking stack.”

That said, the end result is the same: a remote unauthenticated attacker can abuse CVE-2026–20182 to become an authenticated peer of the target appliance and carry out privileged operations.

/* */