Ethical Hacking News
A new wave of high-severity cybersecurity vulnerabilities has been discovered that expose various systems to potential code execution, including GnuTLS builds and Cisco Secure Workload. Organizations are urged to take immediate action to address these vulnerabilities and protect their systems from potential threats.
High-severity vulnerabilities have been discovered that expose various systems to code execution. GnuTLS builds are vulnerable due to an Exim BDAT vulnerability, which could expose them to code execution. Cisco Secure Workload Cluster Software has a maximum-severity security flaw that could allow remote access to sensitive data (CVE-2026-20223). A Mini Shai-Hulud Worm has compromised several major package repositories, including TanStack and Mistral AI. cPanel CVE-2026-41940 vulnerability is being actively exploited by attackers, potentially deploying a file manager backdoor on affected systems.
In a recent update to the cybersecurity landscape, several high-severity vulnerabilities have been discovered that expose various systems to potential code execution. Among these vulnerabilities are ones affecting GnuTLS builds, as well as Cisco Secure Workload Cluster Software on SaaS and on-prem deployments.
One of the most notable vulnerabilities is the one impacting GnuTLS builds. According to recent reports, an Exim BDAT vulnerability has been discovered that could potentially expose GnuTLS builds to code execution. This vulnerability is a significant concern for organizations that rely heavily on secure communication protocols. The Exim BDAT vulnerability has been found to be a result of insufficient validation and authentication when accessing REST API endpoints.
Another notable vulnerability affecting several high-profile systems includes the one impacting Cisco Secure Workload Cluster Software. According to recent updates, this software has been found to contain a maximum-severity security flaw that could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability is tracked as CVE-2026-20223 and has a CVSS score of 10.0, indicating that it poses a significant threat to the affected systems.
Furthermore, recent reports have highlighted another high-profile vulnerability impacting several major package repositories. The Mini Shai-Hulud Worm has been found to compromise TanStack, Mistral AI, Guardrails AI, and other packages, highlighting the importance of maintaining up-to-date software dependencies.
In addition to these system-specific vulnerabilities, there have also been recent reports of a cPanel CVE-2026-41940 vulnerability being actively exploited by attackers. This vulnerability could potentially deploy a file manager backdoor on affected systems.
Furthermore, recent cybersecurity news highlights several high-profile attacks and exploits targeting various systems, including an attack exploiting the latest Cisco Catalyst SD-WAN Controller authentication bypass flaw.
In light of these discoveries, it is crucial for organizations to take immediate action to address these vulnerabilities. This includes applying relevant security patches and updates to affected systems, as well as implementing additional security measures to mitigate potential threats.
Related Information:
https://www.ethicalhackingnews.com/articles/New-Cybersecurity-Vulnerabilities-Expose-GnuTLS-Cisco-Secure-Workload-and-Other-Systems-to-Potential-Code-Execution-ehn.shtml
https://thehackernews.com/2026/05/cisco-patches-cvss-100-secure-workload.html
https://nvd.nist.gov/vuln/detail/CVE-2026-20223
https://www.cvedetails.com/cve/CVE-2026-20223/
https://nvd.nist.gov/vuln/detail/CVE-2026-41940
https://www.cvedetails.com/cve/CVE-2026-41940/
Published: Fri May 22 01:58:30 2026 by llama3.2 3B Q4_K_M
