Information Security

7-Zip Heap Buffer Overflow (CVE-2026-48095)

kasingh — Fri, 29 May 2026 13:17:08 +0000

A recently disclosed vulnerability (CVE‑2026‑48095) affects 7-Zip and may allow a remote attacker to execute arbitrary code on vulnerable systems by tricking the users into opening a specially crafted archive file.

Severity level:
CVSS Score: 8.8/High.

Description:
CVE‑2026‑48095 is a heap buffer overflow in 7‑Zip’s NTFS handler caused by improper memory allocation when processing crafted archive data. Opening a malicious file can trigger memory corruption, potentially leading to remote code execution.

Affected Versions:
All versions up to and including 26.00.

Impact:
Successful exploitation may allow attackers to execute arbitrary code on the system.

Resolution:
Upgrade to fixed 7-Zip version 26.01 or later.

Reference:

UIT Information Security

The post 7-Zip Heap Buffer Overflow (CVE-2026-48095) appeared first on Information Security.

Linux Kernel Local root Privilege Escalation (CVE-2026-46333)

kasingh — Fri, 29 May 2026 13:10:54 +0000

A recently discovered vulnerability (CVE‑2026‑46333) affects the Linux kernel and may allow a local, unprivileged attacker to access sensitive files and escalate privileges to root, potentially leading to full system compromise.

Severity level:
CVSS Score: 7.1/High.

Description:
CVE‑2026‑46333 is a race condition vulnerability in the Linux kernel’s _ptrace_may_access() function caused by improper handling of process state during termination. When a privileged process exits, there is a brief window where its memory context is cleared but its file descriptors remain open. An unprivileged local user can exploit this timing window using system calls such as pidfd_getfd () to access open file descriptors from privileged processes. This allows attackers to bypass security checks and access restricted resources. Exploitation can result in the disclosure of sensitive files such as /etc/shadow and SSH private keys.

Affected Versions:
Linux Kernel:
All kernel versions from November 2016 up to the release of vendor patches are affected.

Impacted Linux Distribution:

Ubuntu.
Debian.
Red Hat Enterprise Linux (RHEL).
SUSE Linux Enterprise.
Fedora, Arch Linux and other mainstream distributions.

Impact:
Successful exploitation may allow attackers to read sensitive files and escalate privileges to root.

Resolution:
Please update the Linux kernel to the fixed version released by the distribution vendor.

Mitigations:
Where immediate patching is not possible:

Disable or restrict untrusted local user access.
Restrict ptrace access.

Reference:

UIT Information Security

The post Linux Kernel Local root Privilege Escalation (CVE-2026-46333) appeared first on Information Security.

A New Phish Reporting Solution for Students - 91��ɫ Phish Alert

jjorgoni — Thu, 14 May 2026 13:57:04 +0000

What’s Happening

On May 21st, we’re introducing the new, home-grown, 91��ɫ Phish Alert button for undergraduate students in Gmail. This button lets you report suspicious or unwanted phishing messages with one quick click. It will replace the previous Cofense Reporter, but the reporting process stays just as simple.

Why We’re Making This Change

Phishing emails are one of the most common ways attackers try to steal personal information. By moving to a home‑grown reporting tool, we can improve service reliability and capture additional email artifacts, improving our team’s response capabilities.

How This Benefits You

Faster protection: Your reports go directly to 91��ɫ’s Information Security Team for quick review.
Stronger security: Better reporting helps us spot and stop phishing campaigns earlier.
Same simple experience: One click, and you’re done.

How to Use It

When you see a suspicious email:

Open the message.
Click the 91��ɫ Phish Alert button in your email toolbar.
The phishing report will be sent to the Information Security team for further investigation.

Where to Find More Information

If you’d like to learn more about phishing, how to spot it, or how the new reporting tool works, visit our website here.

The post A New Phish Reporting Solution for Students - 91��ɫ Phish Alert appeared first on Information Security.

Apache HTTP Server Vulnerability (CVE-2026-23918)

kasingh — Mon, 11 May 2026 19:22:27 +0000

Apache has released a security update to address a vulnerability (CVE‑2026‑23918) in Apache HTTP Server that may result in denial‑of‑service and potential remote code execution under specific configurations.

Severity level:
CVSS Score: 8.8/High.

Description:
CVE‑2026‑23918 is a double‑free vulnerability in the mod_http2 module of Apache HTTP Server that occurs during HTTP/2 stream handling. A specially crafted sequence of HTTP/2 frames can cause improper memory deallocation, leading to worker process crashes. In certain deployments—particularly those using Apache Portable Runtime (APR) with the mmap allocator—this flaw may be leveraged to achieve remote code execution in addition to denial‑of‑service.

Affected Versions:

Apache HTTP Server version 2.4.66 with mod_http2_enabled.

Impact:

Successful exploitation may allow attackers to potentially execute arbitrary code remotely on vulnerable systems.

Resolution:

Please upgrade to Apache HTTP Server 2.4.67 or later.

Reference:

UIT Information Security

The post Apache HTTP Server Vulnerability (CVE-2026-23918) appeared first on Information Security.

Linux Kernel Local Privilege Escalation (CVE-2026-31431)

kasingh — Mon, 11 May 2026 19:00:54 +0000

A recently disclosed vulnerability (CVE‑2026‑31431), commonly referred to as “Copy Fail”, affects the Linux kernel and may allow a local, unprivileged attacker to escalate privileges and gain full root access on affected systems.

Severity level:
CVSS Score: 7.8/High.

Description:
CVE‑2026‑31431 is a local privilege escalation vulnerability caused by a logic flaw in the Linux kernel’s cryptographic subsystem, specifically the algif_aead module within the AF_ALG interface. Due to improper handling of in‑place cryptographic operations, an unprivileged local user can perform a controlled write to the kernel’s page cache of readable files. The attack vector is local (AV:L) and requires low privileges with no user interaction.

Affected Versions:

Linux Kernel :- All kernel versions released from August 2017 up to the availability of vendor patches.

Impacted Linux Distribution:-

Ubuntu (all supported releases prior to patched kernels).
Debian.
Red Hat Enterprise Linux (RHEL).
Amazon Linux.
SUSE Linux Enterprise.
Fedora, Arch Linux, AlmaLinux, Rocky Linux, Oracle Linux

Impact:

Successful exploitation may allow attackers to escalate from an unprivileged local user to full root access.

Resolution:

Please update the Linux kernel to the fixed version released by the distribution vendor.

Mitigations:

Where immediate patching is not possible:

Disable or restrict access to the AF_ALG interface.
Prevent loading of the vulnerable algif_aead module where supported.
Limit local shell access and enforce least‑privilege controls.

Reference:

UIT Information Security

The post Linux Kernel Local Privilege Escalation (CVE-2026-31431) appeared first on Information Security.

cPanel Authentication bypass Vulnerability (CVE-2026-41940)

kasingh — Mon, 11 May 2026 17:25:30 +0000

A critical security vulnerability (CVE-2026-41940) has been identified in cPanel, Web Host Manager (WHM) and WP Squared which may allow unauthenticated attackers to completely compromise affected systems through an authentication bypass in the login process.

Severity level:
CVSS Score: 9.8/Critical.

Description:
CVE‑2026‑41940 is a critical authentication bypass vulnerability in cPanel, WHM, and WP Squared caused by improper session handling during the login process. Unsanitized user‑controlled input can be injected into pre‑authentication session files, allowing an unauthenticated attacker to escalate privileges. Successful exploitation results in full administrative or root‑level access to the affected server.

Affected Versions:

cPanel & WHM:- All versions after 11.40.
WP Squared:- all versions prior to 11.136.1.7.

Impact:
Successful exploitation may allow attackers to bypass authentication without valid credentials and gain full admin access to cPanel/WHM.

Resolution:

Administrators must upgrade immediately to one of the following patched versions or later:

cPanel & WHM patched versions:

11.86.0.41
11.110.0.97
11.118.0.63
11.126.0.54
11.130.0.19
11.132.0.29
11.134.0.20
11.136.0.5

WP Squared patched version:

11.136.1.7

Reference:

UIT Information Security

The post cPanel Authentication bypass Vulnerability (CVE-2026-41940) appeared first on Information Security.

Canvas by Instructure: Important Notice

jjorgoni — Fri, 08 May 2026 23:20:03 +0000

Instructure, the company that operates Canvas (the learning management system used at Schulich to manage coursework, assignments, grades, and course communications), has reported a cybersecurity incident that appears to have affected Canvas at thousands of educational institutions worldwide.

Canvas remains available and University teaching and learning activities can continue as usual. We will share any changes if Instructure’s guidance or system status changes.

No action is required at this time, other than remaining alert for phishing or other suspicious messages.

Instructure has posted the following .

91��ɫ/Schulich is prioritizing assessing this incident and will update this message and share relevant updates and guidance through our usual communications channels as information becomes available.

Canvas is an externally-hosted platform. 91��ɫ and Schulich School of Business systems were not affected.

The University is monitoring the incident response and will provide additional information and guidance as more details become available.

91��ɫ is committed to protecting privacy and maintaining the trust of our students and community. We are working with Instructure to understand how this happened and what actions Instructure are taking to prevent future incidents.

We encourage all students, faculty, and staff to remain vigilant:

Questions: For questions about this notice or Canvas use at Schulich, please contact canvasincident@schulich.yorku.ca

Beware of Phishing: Cybercriminals often use stolen contact information to send convincing “phishing” emails. Be wary of any message, even those appearing to come from Schulich, 91��ɫ, or Canvas that asks you to click a link, provide a password, or share personal details. A reminder: 91��ɫ will never ask for your password by email, text, or phone.

Verify Communications: If you receive a suspicious message regarding this incident, do not click any links. Report it directly to infosec@yorku.ca.

The post Canvas by Instructure: Important Notice appeared first on Information Security.

GitHub RCE Vulnerability (CVE-2026-3854)

kasingh — Thu, 30 Apr 2026 19:59:56 +0000

A recently disclosed vulnerability (CVE-2026-3854) affects GitHub.com and GitHub Enterprise Server and may allow unauthenticated attackers to achieve remote code execution (RCE)on GitHub Infrastructure.

Severity level
CVSS Score: 8.8/High.

Description:
CVE‑2026‑3854 is a sever security vulnerability caused by improper sanitization of user‑supplied git push options within GitHub’s internal Git processing pipeline. During a git push operation, certain user-controlled push option values were incorporated into internal service metadata headers without sufficient validation. As a result, specially crafted push options could break the expected metadata format and introduce attacker-controlled fields that were trusted by downstream services. An authenticated attacker with push access to a repository could exploit this flaw by submitting a single malicious git push request. By chaining injected values, the attacker could bypass sandboxing mechanisms used to constrain server-side Git hook execution and ultimately execute arbitrary commands on backend systems.

Affected Versions:

GitHub.com.
GitHub Enterprise Server (GHES) versions prior to: 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.8, 3.19.4, 3.20.0.

Impact:
Successful exploitation may allow an attacker to Execute arbitrary commands on GitHub backend systems.

Resolution:

GitHub Enterprise Server administrators must upgrade immediately to one of the following patched versions or later:

3.14.25.
3.15.20.
3.16.16.
3.17.13.
3.18.8.
3.19.4.
3.20.0.

After upgrading:

Rebuild and redeploy affected GitHub Enterprise Server instances.
Rotate internal secrets and credentials stored on GHES.
Review audit logs for suspicious git push activity prior to patching.

Reference:

UIT Information Security

The post GitHub RCE Vulnerability (CVE-2026-3854) appeared first on Information Security.

ASP.NET Core Privilege Escalation Vulnerability (CVE-2026-40372)

kasingh — Fri, 24 Apr 2026 14:17:06 +0000

A recently disclosed vulnerability (CVE-2026-40372) affects a Windows-based application and may allow unauthenticated remote attackers to escalate privileges.

Severity level

CVSS Score: 9.1/Critical.

Description:- CVE‑2026‑40372 is a critical security vulnerability that arises from improper control of file names or file paths within a Windows-based application. The affected component processes user-supplied file path inputs without adequately validating or restricting them. Due to this insufficient validation, an unauthenticated remote attacker can supply specially crafted path inputs to manipulate underlying file system operations. This may allow file access or modification outside the intended directory scope, ultimately enabling the attacker to perform actions with elevated privileges.

Affected Versions :-

Microsoft AspNetCore.DataProtection Package versions (10.0.0 – 10.0.6)

Impact:-

Successful exploitation may allow attacker to Escalate privileges on the affected system.

Resolution:-

Upgrade the affected package to:

Microsoft.AspNetCore.DataProtection version 10.0.7.

Rebuild and redeploy affected applications.

Rotate Data Protection keys and invalidate existing sessions/tokens to remove forged credentials.

Mitigations:-

Restrict external/network access to affected applications.
Identify applications with direct or transitive dependencies on vulnerable Data Protection packages.
Monitor application and authentication logs for anomalous behaviour.

Reference:-

UIT Information Security

The post ASP.NET Core Privilege Escalation Vulnerability (CVE-2026-40372) appeared first on Information Security.

Adobe Acrobat security vulnerability (CVE-2026-34621)

kasingh — Fri, 24 Apr 2026 14:11:28 +0000

A recently disclosed high‑severity vulnerability in Adobe Acrobat and Acrobat Reader (��շ�‑2026‑34621) allows attackers to execute arbitrary code on affected systems by tricking users into opening a specially crafted PDF file.

Severity level

CVSS Score: 8.6/High.

Description:- Adobe Acrobat and Acrobat Reader contain an improperly controlled modification of object prototype attributes (Prototype Pollution) vulnerability. The flaw exists in the handling of JavaScript objects within PDF documents.

In vulnerable versions, opening a maliciously crafted PDF allows an attacker to manipulate JavaScript object prototypes and invoke privileged APIs. This can result in arbitrary code execution in the context of the current user.

Affected Versions :-

Acrobat DC: 26.001.21367 and earlier.
Acrobat Reader DC: 26.001.21367 and earlier.
Acrobat 2024: 24.001.30356 and earlier.
Platforms: Windows and macOS.

Impact:-

Successful exploitation may result in arbitrary code execution on the affected system.

Resolution:-

Adobe strongly recommends immediately upgrading to the latest patched versions:

Acrobat DC / Acrobat Reader DC: 26.001.21411 or later.

Acrobat 2024: Windows: 24.001.30362 or later and macOS: 24.001.30360 or later.

Reference:-

UIT Information Security

The post Adobe Acrobat security vulnerability (CVE-2026-34621) appeared first on Information Security.