ZeroPath at Black Hat USA 2026

ZeroPath Blog & Research

Explore our team's latest research and stay up to date with ZeroPath's capabilities.
OPNsense CVE-2026-44193: Brief Summary of XMLRPC Remote Code Execution via Argument Injection
CVE Analysis

2026-05-13

10 min read

OPNsense CVE-2026-44193: Brief Summary of XMLRPC Remote Code Execution via Argument Injection

A short review of CVE-2026-44193, a CVSS 9.1 argument injection flaw in OPNsense's XMLRPC restore_config_section method that allows authenticated attackers to execute commands as root. Includes patch analysis, detection strategies, and mitigation guidance.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

OPNsense CVE-2026-44194: Root RCE via Email Username Injection — Technical Breakdown with PoC and Patch Analysis
CVE Analysis

2026-05-13

7 min read

OPNsense CVE-2026-44194: Root RCE via Email Username Injection — Technical Breakdown with PoC and Patch Analysis

A brief summary of CVE-2026-44194, a critical OS command injection in OPNsense that allows authenticated users with user management privileges to execute arbitrary commands as root. Includes proof of concept details and patch analysis.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

fast-jwt CVE-2026-44351: Empty HMAC Secret Authentication Bypass with PoC and Patch Analysis
CVE Analysis

2026-05-13

9 min read

fast-jwt CVE-2026-44351: Empty HMAC Secret Authentication Bypass with PoC and Patch Analysis

A brief summary of CVE-2026-44351, a critical authentication bypass in the fast-jwt library where an empty HMAC secret allows attackers to forge arbitrary JWTs. Includes proof of concept details and patch analysis.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Quick Look: CVE-2026-44573 — Next.js Middleware Authorization Bypass via Locale-less Data Routes
CVE Analysis

2026-05-13

7 min read

Quick Look: CVE-2026-44573 — Next.js Middleware Authorization Bypass via Locale-less Data Routes

A brief summary of CVE-2026-44573, a high severity middleware authorization bypass in Next.js affecting the Pages Router with i18n enabled. Includes technical details, patch information, and affected version ranges.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Next.js CVE-2026-44574: Middleware Authorization Bypass via Dynamic Route Parameter Injection — Technical Analysis with PoC
CVE Analysis

2026-05-13

8 min read

Next.js CVE-2026-44574: Middleware Authorization Bypass via Dynamic Route Parameter Injection — Technical Analysis with PoC

A brief summary of CVE-2026-44574, a high severity authorization bypass in Next.js that allows attackers to smuggle dynamic route parameters past middleware security checks. Includes proof of concept details and patch information.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Next.js CVE-2026-44575: App Router Middleware Authorization Bypass via Segment Prefetch URLs — Technical Breakdown with PoC and Detection Guidance
CVE Analysis

2026-05-13

12 min read

Next.js CVE-2026-44575: App Router Middleware Authorization Bypass via Segment Prefetch URLs — Technical Breakdown with PoC and Detection Guidance

A brief summary of CVE-2026-44575, a high severity middleware authorization bypass in Next.js App Router applications. Covers the root cause in matcher regex generation, public PoC details, patch analysis, and practical detection methods.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

OPNsense CVE-2026-45158: Brief Summary of a Critical Root RCE via DHCP Hostname Injection
CVE Analysis

2026-05-13

7 min read

OPNsense CVE-2026-45158: Brief Summary of a Critical Root RCE via DHCP Hostname Injection

A brief summary of CVE-2026-45158, a CVSS 9.1 argument injection flaw in OPNsense that allows authenticated users to achieve root code execution through unsanitized DHCP hostname configuration.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: FortiMail SQL Injection in Admin GUI (CVE-2025-53681)
CVE Analysis

2026-05-12

5 min read

Brief Summary: FortiMail SQL Injection in Admin GUI (CVE-2025-53681)

A short review of CVE-2025-53681, an authenticated SQL injection vulnerability in the FortiMail administrative GUI that allows privileged attackers to execute unauthorized code or commands across multiple FortiMail branches.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: FortiOS CAPWAP Daemon Out of Bounds Write (CVE-2025-53844) Enables Remote Code Execution
CVE Analysis

2026-05-12

5 min read

Brief Summary: FortiOS CAPWAP Daemon Out of Bounds Write (CVE-2025-53844) Enables Remote Code Execution

A short review of CVE-2025-53844, a high severity out of bounds write in the FortiOS CAPWAP daemon that allows authenticated attackers controlling a managed device to execute arbitrary code on FortiGate appliances.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-22924 in Siemens SIMATIC CN 4100 and NX — Missing Authentication and Out of Bounds Read
CVE Analysis

2026-05-12

7 min read

Brief Summary: CVE-2026-22924 in Siemens SIMATIC CN 4100 and NX — Missing Authentication and Out of Bounds Read

A short review of CVE-2026-22924, a critical missing authentication vulnerability in Siemens SIMATIC CN 4100 (CVSS 9.1) and a separate out of bounds read in Siemens NX (CVSS 7.8), both patched by Siemens with firmware and software updates.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-25786 Stored XSS in Siemens SIMATIC S7 PLC Web Interface
CVE Analysis

2026-05-12

6 min read

Brief Summary: CVE-2026-25786 Stored XSS in Siemens SIMATIC S7 PLC Web Interface

A brief summary of CVE-2026-25786, a high severity stored cross site scripting vulnerability in Siemens SIMATIC S7 PLC web servers that allows authenticated attackers to inject malicious scripts via crafted TIA project names, impacting sessions of other privileged users.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

FortiSandbox CVE-2026-26083: Overview of a Critical Unauthenticated RCE via Missing Authorization
CVE Analysis

2026-05-12

7 min read

FortiSandbox CVE-2026-26083: Overview of a Critical Unauthenticated RCE via Missing Authorization

A brief summary of CVE-2026-26083, a critical missing authorization flaw in Fortinet FortiSandbox that allows unauthenticated remote code execution via crafted HTTP requests. Includes patch information and affected version details.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

WHMCS CVE-2026-29204: Brief Summary of a Critical IDOR Leading to Cross Account cPanel Takeover
CVE Analysis

2026-05-12

6 min read

WHMCS CVE-2026-29204: Brief Summary of a Critical IDOR Leading to Cross Account cPanel Takeover

A brief summary of CVE-2026-29204, a CVSS 10.0 Insecure Direct Object Reference in WHMCS that allows any authenticated client area user to access another user's resources and cPanel account by manipulating the addonId parameter.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Quick Look: CVE-2026-32161 — Windows Native WiFi Miniport Driver Race Condition Enables Adjacent Network RCE
CVE Analysis

2026-05-12

7 min read

Quick Look: CVE-2026-32161 — Windows Native WiFi Miniport Driver Race Condition Enables Adjacent Network RCE

A brief summary of CVE-2026-32161, a race condition and use after free vulnerability in the Windows Native WiFi Miniport Driver that allows unauthenticated remote code execution from an adjacent network. Includes patch details and affected version information.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-32177 — Heap Buffer Overflow in .NET Enables Local Privilege Escalation
CVE Analysis

2026-05-12

7 min read

Brief Summary: CVE-2026-32177 — Heap Buffer Overflow in .NET Enables Local Privilege Escalation

A short review of CVE-2026-32177, a heap-based buffer overflow in the .NET runtime that allows local privilege escalation. This post covers the technical details, affected versions across .NET, .NET Framework, and Visual Studio, and the patch information released in Microsoft's May 2026 Patch Tuesday.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Azure Monitor Agent CVE-2026-32204: Brief Summary of a Local Privilege Escalation via Path Manipulation
CVE Analysis

2026-05-12

5 min read

Azure Monitor Agent CVE-2026-32204: Brief Summary of a Local Privilege Escalation via Path Manipulation

A short review of CVE-2026-32204, a CVSS 7.8 local privilege escalation in Azure Monitor Agent caused by insufficient file path validation. Includes technical details, patch information, and threat intelligence context.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-33110 — Microsoft SharePoint Server Remote Code Execution via Unsafe Deserialization
CVE Analysis

2026-05-12

6 min read

Brief Summary: CVE-2026-33110 — Microsoft SharePoint Server Remote Code Execution via Unsafe Deserialization

A short review of CVE-2026-33110, a CVSS 8.8 deserialization vulnerability in Microsoft SharePoint Server that allows authenticated users with Site Member permissions to achieve remote code execution. Includes patch details for all affected SharePoint editions.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: CVE-2026-33112 — Deserialization RCE in Microsoft SharePoint Server
CVE Analysis

2026-05-12

6 min read

Brief Summary: CVE-2026-33112 — Deserialization RCE in Microsoft SharePoint Server

A short review of CVE-2026-33112, a deserialization vulnerability in Microsoft SharePoint Server that allows authenticated users with low privileges to achieve remote code execution. Includes patch details for all affected SharePoint editions.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Azure SDK for Java CVE-2026-33117: Brief Summary of a Critical Authentication Tag Bypass in Key Vault Cryptography
CVE Analysis

2026-05-12

7 min read

Azure SDK for Java CVE-2026-33117: Brief Summary of a Critical Authentication Tag Bypass in Key Vault Cryptography

A brief summary of CVE-2026-33117, a CVSS 9.1 vulnerability in the Azure SDK for Java where a copy-paste error caused the HMAC authentication tag to be compared with itself, completely nullifying integrity checks on encrypted data. Includes patch details and affected version information.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Brief Summary: Azure Machine Learning Notebook Spoofing via Markdown Injection (CVE-2026-33833)
CVE Analysis

2026-05-12

6 min read

Brief Summary: Azure Machine Learning Notebook Spoofing via Markdown Injection (CVE-2026-33833)

A short review of CVE-2026-33833, an injection flaw in Azure Machine Learning Notebook Markdown rendering that enables spoofing with high confidentiality impact. Includes technical details, CVSS breakdown, and patch information for build 1.7.6.

ZeroPath CVE Analysis

ZeroPath CVE Analysis

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization
CVE Analysis | ZeroPath Security Blog - Vulnerability Research & Exploits | Page 17 | ZeroPath