LIVE · cybersecurity feed

privilege escalation

zeroday.news · 12h ago·critical

15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

Nebula Security has revealed GhostLock (CVE-2026-43499), a Linux kernel vulnerability present for 15 years. This flaw allows any logged-in user to achieve root privileges and container escape on unpatched systems, as it is included by default in most Linux distributions.

zeroday.news · 12d ago·critical

In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw

A critical vulnerability affecting Cisco Unified CM and Unified CM SME deployments, which allows for server-side request forgery (SSRF) and root privilege escalation, was rapidly exploited by attackers. Threat actors weaponized the flaw within 24 hours of its public disclosure.

zeroday.news · 14d ago·high

ZDI-26-397: X.Org Server CreateSaverWindow Use-After-Free Information Disclosure Vulnerability

A local privilege escalation vulnerability has been discovered in X.Org Server, specifically within the handling of ScreenSaverScreenPrivateRec objects. This flaw allows attackers with low-privileged access to disclose sensitive information and potentially execute arbitrary code as root by exploiting the server's failure to validate object existence before operations. An update has been released to address this issue.