ZeroPath at Black Hat USA 2026

ZeroPath Blog & Research

Explore our team's latest research and stay up to date with ZeroPath's capabilities.
Brief Summary: CVE-2026-6228 Privilege Escalation in Frontend Admin by DynamiApps for WordPress
CVE Analysis

2026-05-15

6 min read

Brief Summary: CVE-2026-6228 Privilege Escalation in Frontend Admin by DynamiApps for WordPress

A short review of CVE-2026-6228, a high severity privilege escalation vulnerability in the Frontend Admin by DynamiApps WordPress plugin that allows unauthenticated attackers to gain administrator access through crafted edit_user forms.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-8398 Supply Chain Compromise of DAEMON Tools Lite Installers
CVE Analysis

2026-05-15

8 min read

Brief Summary: CVE-2026-8398 Supply Chain Compromise of DAEMON Tools Lite Installers

A short review of CVE-2026-8398, a critical supply chain attack that trojanized official DAEMON Tools Lite installers for nearly a month, delivering multi-stage backdoors signed with the vendor's legitimate code signing certificate.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

MLflow CVE-2026-2652: Quick Look at the FastAPI Authentication Bypass That Leaves Jobs and Traces Wide Open
CVE Analysis

2026-05-14

6 min read

MLflow CVE-2026-2652: Quick Look at the FastAPI Authentication Bypass That Leaves Jobs and Traces Wide Open

A brief summary of CVE-2026-2652, a high severity authentication bypass in MLflow versions 3.9.0 and earlier that allows unauthenticated attackers to submit jobs, read results, and inject trace data through unprotected FastAPI routes.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE 2026 4031 in Database Backup for WordPress Plugin Enables Unauthenticated Database Interception
CVE Analysis

2026-05-14

5 min read

Brief Summary: CVE 2026 4031 in Database Backup for WordPress Plugin Enables Unauthenticated Database Interception

A short review of CVE 2026 4031, a CVSS 7.5 authorization bypass in the Database Backup for WordPress plugin that allows unauthenticated attackers to redirect and intercept scheduled database backups containing credentials and user data.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-41615 — Microsoft Authenticator Token Exposure via Network Attack
CVE Analysis

2026-05-14

5 min read

Brief Summary: CVE-2026-41615 — Microsoft Authenticator Token Exposure via Network Attack

A short review of CVE-2026-41615, a critical information disclosure vulnerability in Microsoft Authenticator (CVSS 9.6) that allows an unauthorized attacker to steal work account access tokens over a network, potentially compromising enterprise applications and data.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Mongoose CVE-2026-42334: Overview of the $nor sanitizeFilter Bypass Enabling NoSQL Injection
CVE Analysis

2026-05-14

8 min read

Mongoose CVE-2026-42334: Overview of the $nor sanitizeFilter Bypass Enabling NoSQL Injection

A brief summary of CVE-2026-42334, a high severity NoSQL injection vulnerability in Mongoose's sanitizeFilter mechanism caused by missing recursive sanitization of the $nor operator, along with patch details and affected version information.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-42897 Microsoft Exchange Server OWA Cross Site Scripting Vulnerability Actively Exploited in the Wild
CVE Analysis

2026-05-14

6 min read

Brief Summary: CVE-2026-42897 Microsoft Exchange Server OWA Cross Site Scripting Vulnerability Actively Exploited in the Wild

A short review of CVE-2026-42897, an actively exploited cross site scripting vulnerability in Microsoft Exchange Server Outlook Web Access that enables spoofing and arbitrary JavaScript execution with no permanent patch currently available.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

PrestaShop CVE-2026-44212: Stored XSS to Back Office Takeover via Contact Form — Technical Breakdown with PoC and Detection Guidance
CVE Analysis

2026-05-14

10 min read

PrestaShop CVE-2026-44212: Stored XSS to Back Office Takeover via Contact Form — Technical Breakdown with PoC and Detection Guidance

A brief summary of CVE-2026-44212, a critical stored XSS in PrestaShop's back office Customer Service view that enables unauthenticated attackers to hijack admin sessions. Includes proof of concept details, patch analysis, and detection methods.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

GitLab EE CVE-2026-6073: Brief Summary of a High Severity XSS in Duo Agent Output Rendering
CVE Analysis

2026-05-14

6 min read

GitLab EE CVE-2026-6073: Brief Summary of a High Severity XSS in Duo Agent Output Rendering

A brief summary of CVE-2026-6073, a high severity stored XSS vulnerability in GitLab Enterprise Edition's Duo Agent output rendering feature, including technical details, affected versions, and patch information.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

PostgreSQL CVE-2026-6473: Brief Summary of Integer Wraparound Leading to Out of Bounds Write
CVE Analysis

2026-05-14

9 min read

PostgreSQL CVE-2026-6473: Brief Summary of Integer Wraparound Leading to Out of Bounds Write

A brief summary of CVE-2026-6473, a high severity integer wraparound vulnerability in PostgreSQL that allows undersized memory allocations and out of bounds writes, with patch details covering the systemic fix introduced across all supported branches.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

PostgreSQL CVE-2026-6476: Brief Summary of SQL Injection via pg_createsubscriber Subscription Names
CVE Analysis

2026-05-14

7 min read

PostgreSQL CVE-2026-6476: Brief Summary of SQL Injection via pg_createsubscriber Subscription Names

A brief summary of CVE-2026-6476, a high severity SQL injection in PostgreSQL's pg_createsubscriber utility that allows privilege escalation to superuser. Includes patch analysis and affected version details.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

PostgreSQL libpq CVE-2026-6477: Brief Summary of a Client Side Stack Buffer Overwrite via Large Object Functions
CVE Analysis

2026-05-14

8 min read

PostgreSQL libpq CVE-2026-6477: Brief Summary of a Client Side Stack Buffer Overwrite via Large Object Functions

A short review of CVE-2026-6477, a high severity stack buffer overwrite in PostgreSQL's libpq library that allows a malicious server superuser to corrupt client memory in psql and pg_dump. Includes patch analysis and affected version details.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

PostgreSQL CVE-2026-6479: Brief Summary of Unauthenticated DoS via SSL/GSS Negotiation Recursion
CVE Analysis

2026-05-14

8 min read

PostgreSQL CVE-2026-6479: Brief Summary of Unauthenticated DoS via SSL/GSS Negotiation Recursion

A brief summary of CVE-2026-6479, a high severity denial of service vulnerability in PostgreSQL caused by uncontrolled recursion during SSL and GSS negotiation. Includes patch analysis and affected version details.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

PostgreSQL CVE-2026-6637: Brief Summary of the refint Stack Buffer Overflow and SQL Injection
CVE Analysis

2026-05-14

8 min read

PostgreSQL CVE-2026-6637: Brief Summary of the refint Stack Buffer Overflow and SQL Injection

A short review of CVE-2026-6637, a CVSS 8.8 vulnerability in PostgreSQL's refint module that enables arbitrary code execution via stack buffer overflow and SQL injection. Includes patch analysis and affected version details.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

GitLab EE CVE-2026-7377: Brief Summary of a Stored XSS in Analytics Dashboards
CVE Analysis

2026-05-14

6 min read

GitLab EE CVE-2026-7377: Brief Summary of a Stored XSS in Analytics Dashboards

A brief summary of CVE-2026-7377, a stored Cross-site Scripting vulnerability in GitLab Enterprise Edition's customizable analytics dashboards, including patch details and affected version ranges.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

GitLab EE CVE-2026-7481: Brief Summary of a High Severity Stored XSS in Analytics Dashboard Charts
CVE Analysis

2026-05-14

6 min read

GitLab EE CVE-2026-7481: Brief Summary of a High Severity Stored XSS in Analytics Dashboard Charts

A short review of CVE-2026-7481, a stored Cross-Site Scripting vulnerability in GitLab Enterprise Edition's Analytics dashboard chart rendering, along with patch details and affected version ranges.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-8181 Authentication Bypass in Burst Statistics WordPress Plugin
CVE Analysis

2026-05-14

6 min read

Brief Summary: CVE-2026-8181 Authentication Bypass in Burst Statistics WordPress Plugin

A short review of CVE-2026-8181, a critical authentication bypass in the Burst Statistics WordPress plugin (versions 3.4.0 through 3.4.1.1) that allows unauthenticated attackers to impersonate administrators via flawed return value handling in the MainWP proxy authentication logic.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Amazon SageMaker Python SDK CVE-2026-8596: Brief Summary of HMAC Key Leak Enabling Model Artifact Forgery and RCE
CVE Analysis

2026-05-14

10 min read

Amazon SageMaker Python SDK CVE-2026-8596: Brief Summary of HMAC Key Leak Enabling Model Artifact Forgery and RCE

A short review of CVE-2026-8596, a cleartext HMAC key storage flaw in the Amazon SageMaker Python SDK that allows authenticated attackers to forge model artifacts and achieve code execution in inference containers. Includes patch analysis and affected version details.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: GitLab CE/EE CVE-2025-14869 Unauthenticated Denial of Service via Improper Input Validation
CVE Analysis

2026-05-13

4 min read

Brief Summary: GitLab CE/EE CVE-2025-14869 Unauthenticated Denial of Service via Improper Input Validation

A short review of CVE-2025-14869, a high severity unauthenticated denial of service vulnerability in GitLab CE/EE caused by improper validation of input quantities on certain API endpoints. Covers technical details, affected versions, and mitigation guidance.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: GitLab CE/EE CVE-2025-14870 Unauthenticated DoS in Duo Workflows API
CVE Analysis

2026-05-13

6 min read

Brief Summary: GitLab CE/EE CVE-2025-14870 Unauthenticated DoS in Duo Workflows API

A short review of CVE-2025-14870, a high severity unauthenticated Denial of Service vulnerability in GitLab's Duo Workflows API caused by insufficient JSON input validation. Includes patch details and affected version ranges.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization
CVE Analysis | ZeroPath Security Blog - Vulnerability Research & Exploits | Page 15 | ZeroPath