ZeroPath at Black Hat USA 2026

ZeroPath Blog & Research

Explore our team's latest research and stay up to date with ZeroPath's capabilities.
UniFi OS Command Injection via CVE-2026-33000: Brief Summary of a Critical Input Validation Flaw
CVE Analysis

2026-05-21

9 min read

UniFi OS Command Injection via CVE-2026-33000: Brief Summary of a Critical Input Validation Flaw

A brief summary of CVE-2026-33000, a CVSS 9.1 command injection vulnerability in Ubiquiti UniFi OS Server caused by improper input validation. Includes patch information, affected versions, and context on the broader Bulletin 064 disclosure.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-34908, a CVSS 10.0 Improper Access Control Flaw in UniFi OS Devices
CVE Analysis

2026-05-21

8 min read

Brief Summary: CVE-2026-34908, a CVSS 10.0 Improper Access Control Flaw in UniFi OS Devices

A short review of CVE-2026-34908, a maximum severity improper access control vulnerability in Ubiquiti UniFi OS devices that allows network adjacent attackers to make unauthorized system changes. Includes patch details across all affected product lines.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-34909 Path Traversal in Ubiquiti UniFi OS (CVSS 10.0)
CVE Analysis

2026-05-21

7 min read

Brief Summary: CVE-2026-34909 Path Traversal in Ubiquiti UniFi OS (CVSS 10.0)

A short review of CVE-2026-34909, a CVSS 10.0 path traversal vulnerability in Ubiquiti UniFi OS that allows unauthenticated network attackers to access system files and hijack underlying accounts. Includes patch details across all affected device families.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-34910 Command Injection in UniFi OS Devices (CVSS 10.0)
CVE Analysis

2026-05-21

8 min read

Brief Summary: CVE-2026-34910 Command Injection in UniFi OS Devices (CVSS 10.0)

A short review of CVE-2026-34910, a CVSS 10.0 command injection vulnerability in Ubiquiti UniFi OS devices caused by improper input validation. Includes patch information covering the full range of affected hardware and firmware versions.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Quick Look: CVE-2026-34911 Path Traversal in Ubiquiti UniFi OS Devices
CVE Analysis

2026-05-21

6 min read

Quick Look: CVE-2026-34911 Path Traversal in Ubiquiti UniFi OS Devices

A brief summary of CVE-2026-34911, a high severity path traversal vulnerability in Ubiquiti UniFi OS devices that allows low privileged network attackers to read sensitive system files. Includes patch details and affected version information.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-5118 — Unauthenticated Privilege Escalation in Divi Form Builder for WordPress
CVE Analysis

2026-05-21

5 min read

Brief Summary: CVE-2026-5118 — Unauthenticated Privilege Escalation in Divi Form Builder for WordPress

A short review of CVE-2026-5118, a critical privilege escalation vulnerability in the Divi Form Builder WordPress plugin that allows unauthenticated attackers to create administrator accounts by tampering with a POST parameter during registration.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: ConnectWise Automate Agent CVE-2026-9089 — Integrity Verification Bypass in Plugin Loading and Self Update
CVE Analysis

2026-05-21

6 min read

Brief Summary: ConnectWise Automate Agent CVE-2026-9089 — Integrity Verification Bypass in Plugin Loading and Self Update

A short review of CVE-2026-9089, a high severity vulnerability in the ConnectWise Automate Agent where plugin loading and self update operations fail to fully verify component authenticity, potentially enabling code execution from an adjacent network position.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Splunk Enterprise and Cloud Platform CVE-2026-20239: Brief Summary of Session Cookie Exposure via Internal Index Logging
CVE Analysis

2026-05-20

7 min read

Splunk Enterprise and Cloud Platform CVE-2026-20239: Brief Summary of Session Cookie Exposure via Internal Index Logging

A brief summary of CVE-2026-20239, a high severity vulnerability in Splunk Enterprise and Splunk Cloud Platform where unsanitized buffer logging in the splunkd TcpChannel component writes session cookies and sensitive response data into the _internal index, accessible to lower privilege users.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: NVIDIA DGX OS SSH Host Key Cloning Vulnerability (CVE-2026-24218)
CVE Analysis

2026-05-20

6 min read

Brief Summary: NVIDIA DGX OS SSH Host Key Cloning Vulnerability (CVE-2026-24218)

A short review of CVE-2026-24218, a high severity flaw in NVIDIA DGX OS where factory provisioning clones identical SSH host keys across multiple systems, enabling host impersonation and attacker in the middle attacks.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Rsync CVE-2026-29518: Overview of a TOCTOU Race Condition Enabling Symlink Based Arbitrary File Write
CVE Analysis

2026-05-20

8 min read

Rsync CVE-2026-29518: Overview of a TOCTOU Race Condition Enabling Symlink Based Arbitrary File Write

A brief summary of CVE-2026-29518, a high severity TOCTOU race condition in rsync daemon mode that allows symlink based arbitrary file writes and privilege escalation. Includes patch analysis and mitigation guidance.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: BIND 9 CVE-2026-3039 Memory Exhaustion via GSS-API TKEY Negotiation
CVE Analysis

2026-05-20

6 min read

Brief Summary: BIND 9 CVE-2026-3039 Memory Exhaustion via GSS-API TKEY Negotiation

A short review of CVE-2026-3039, a high severity memory exhaustion vulnerability in BIND 9 affecting servers configured with GSS-API TKEY authentication, commonly found in Active Directory and Kerberos DNS environments.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: BIND 9 CVE-2026-3593 — Heap Use After Free in DNS over HTTPS via HTTP/2 SETTINGS Frame Flood
CVE Analysis

2026-05-20

5 min read

Brief Summary: BIND 9 CVE-2026-3593 — Heap Use After Free in DNS over HTTPS via HTTP/2 SETTINGS Frame Flood

A brief summary of CVE-2026-3593, a high severity use after free vulnerability in BIND 9's DNS over HTTPS implementation triggered by HTTP/2 SETTINGS frame floods, affecting versions 9.20.0 through 9.20.22 and 9.21.0 through 9.21.21.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-41091 — Microsoft Defender Elevation of Privilege via Link Following
CVE Analysis

2026-05-20

5 min read

Brief Summary: CVE-2026-41091 — Microsoft Defender Elevation of Privilege via Link Following

A short review of CVE-2026-41091, a high severity link following vulnerability in Microsoft Defender's Malware Protection Engine that allows local privilege escalation to SYSTEM and is confirmed to be actively exploited in the wild.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-45444 — Critical Arbitrary File Upload in WP Swings Gift Cards For WooCommerce Pro
CVE Analysis

2026-05-20

5 min read

Brief Summary: CVE-2026-45444 — Critical Arbitrary File Upload in WP Swings Gift Cards For WooCommerce Pro

A short review of CVE-2026-45444, a CVSS 10.0 unauthenticated arbitrary file upload vulnerability in the Gift Cards For WooCommerce Pro plugin by WP Swings, currently being exploited in the wild with no vendor patch available.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: Microsoft Defender RCE via Heap Buffer Overflow (CVE-2026-45584)
CVE Analysis

2026-05-20

7 min read

Brief Summary: Microsoft Defender RCE via Heap Buffer Overflow (CVE-2026-45584)

A short review of CVE-2026-45584, a heap-based buffer overflow in the Microsoft Malware Protection Engine that enables remote code execution. Includes technical details, patch information, and threat intelligence context.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

AcyMailing CVE-2026-5200: Brief Summary of a Missing Authorization Flaw Leading to Admin Takeover
CVE Analysis

2026-05-20

6 min read

AcyMailing CVE-2026-5200: Brief Summary of a Missing Authorization Flaw Leading to Admin Takeover

A short review of CVE-2026-5200, a high severity missing authorization vulnerability in the AcyMailing WordPress plugin that allows authenticated subscribers to escalate privileges and take over administrator accounts.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

BIND 9 CVE-2026-5946: Overview of Assertion Failures via Non-IN Class DNS Messages
CVE Analysis

2026-05-20

8 min read

BIND 9 CVE-2026-5946: Overview of Assertion Failures via Non-IN Class DNS Messages

A brief summary of CVE-2026-5946, a high severity denial of service vulnerability in ISC BIND 9 caused by improper handling of non-Internet class DNS messages. Includes technical details, patch analysis, and affected version ranges.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Quick Look: CVE-2026-5947 — BIND 9 Use After Free via SIG(0) Validation Race Condition
CVE Analysis

2026-05-20

8 min read

Quick Look: CVE-2026-5947 — BIND 9 Use After Free via SIG(0) Validation Race Condition

A brief summary of CVE-2026-5947, a high severity race condition in BIND 9 that leads to a use after free during SIG(0) signature validation under query flood conditions, along with patch details and affected version information.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Avada Builder CVE-2026-6279: Brief Summary of Unauthenticated RCE via PHP Function Injection
CVE Analysis

2026-05-20

8 min read

Avada Builder CVE-2026-6279: Brief Summary of Unauthenticated RCE via PHP Function Injection

A brief summary of CVE-2026-6279, a critical unauthenticated remote code execution vulnerability in the Avada Builder WordPress plugin affecting up to one million sites. Includes technical details, patch information, and vendor context.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Quick Look: CVE-2026-9111, a Critical Use After Free in Google Chrome WebRTC on Linux
CVE Analysis

2026-05-20

5 min read

Quick Look: CVE-2026-9111, a Critical Use After Free in Google Chrome WebRTC on Linux

A brief summary of CVE-2026-9111, a critical use after free vulnerability in Google Chrome's WebRTC component on Linux that enables remote code execution via a crafted HTML page.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization
CVE Analysis | ZeroPath Security Blog - Vulnerability Research & Exploits | Page 12 | ZeroPath