📰 DAILY THREAT BRIEFING
Sunday, May 31, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of May 31, 2026.

  1. Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
    — Bleeping Computer

    Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, i…
  2. New CIFSwitch Linux flaw gives root on multiple distributions
    — Bleeping Computer

    A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authe…
  3. PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
    — The Hacker News

    Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under acti…
  4. Name That Toon: Mark of (Cybersecurity) Progress
    — Dark Reading

    As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about …
  5. ChatGPT share links abused to host fake outage pages to deliver malware
    — Bleeping Computer

    Threat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disgui…
  6. ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
    — The Hacker News

    Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assist…
  7. Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
    — The Hacker News

    An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initia…
  8. Asia's Cyber Insurance Market Shows Signs of Life
    — Dark Reading

    The cyber insurance industry has made relatively weak inroads into Asia due to a a variety of factors, but that could be changing.
  9. With Complex Cloud Integrations, Small Errors Lead to Major Compromises
    — Dark Reading

    Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have comprom…
  10. ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  11. Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
    — SANS ISC

    Using the data collected over the past year and using Kibana these two ES|QL query to summarize the data, this shows the list of the most up…
  12. 2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
    — Unit 42

    The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructu…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (6931 in last 30 days).
Critical: 0 · High: 12 · Medium: 8 · Low: 0. View full dashboard →

  1. CVE-2026-10156
    — CVSS 4.3 (MEDIUM)

    A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nf_…
  2. CVE-2026-10155
    — CVSS 4.7 (MEDIUM)

    A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accounts.php of the compon…
  3. CVE-2026-10154
    — CVSS 4.3 (MEDIUM)

    A vulnerability has been found in Dolibarr ERP CRM 23.0.0/23.0.1/23.0.2. The affected element is an unknown function of the file htdocs/user/messaging.php. Such manipulation of the argument ID leads to authorization bypa…
  4. CVE-2026-10153
    — CVSS 4.3 (MEDIUM)

    A flaw has been found in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is the function Search of the file org/springframework/cache/support/AbstractCacheManager.java. This manipulation of th…
  5. CVE-2026-10152
    — CVSS 6.3 (MEDIUM)

    A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.java of the component b…
  6. CVE-2026-10127
    — CVSS 6.3 (MEDIUM)

    A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac ca…
  7. CVE-2026-10126
    — CVSS 8.8 (HIGH)

    A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID res…
  8. CVE-2026-10125
    — CVSS 8.8 (HIGH)

    A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the arg…
  9. CVE-2026-10124
    — CVSS 8.8 (HIGH)

    A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer …
  10. CVE-2026-10123
    — CVSS 8.8 (HIGH)

    A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/b…
  11. CVE-2026-10122
    — CVSS 8.8 (HIGH)

    A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_name leads to stack-bas…
  12. CVE-2026-10121
    — CVSS 8.8 (HIGH)

    A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keyword_list/keyword causes stack-based …
  13. CVE-2018-25426
    — CVSS 7.5 (HIGH)

    WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially…
  14. CVE-2018-25425
    — CVSS 8.2 (HIGH)

    Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests…
  15. CVE-2018-25424
    — CVSS 8.2 (HIGH)

    Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters. Attackers can submit…
  16. CVE-2018-25423
    — CVSS 6.2 (MEDIUM)

    Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address…
  17. CVE-2018-25422
    — CVSS 8.2 (HIGH)

    MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the id parameter. Attackers can send GET reque…
  18. CVE-2018-25421
    — CVSS 6.5 (MEDIUM)

    Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules/backup/actions.php w…
  19. CVE-2018-25420
    — CVSS 8.2 (HIGH)

    AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests t…
  20. CVE-2018-25419
    — CVSS 8.2 (HIGH)

    AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the genre parameter. Attackers can send GET requests …

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · May 31, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com