Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 28 May 2026 14:07:06 +0000 eb709cf7-7ad7-44ca-a015-b7852182fa71 https://vulnerability.circl.lu/sighting/eb709cf7-7ad7-44ca-a015-b7852182fa71/export {"uuid": "eb709cf7-7ad7-44ca-a015-b7852182fa71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mmqnbdggm72p", "content": "A critical vulnerability (CVE-2026-5426) in the Japanese LMS Digital Knowledge KnowledgeDeliver allowed unauthenticated remote code execution. Attackers exploited this flaw [\u2026]", "creation_timestamp": "2026-05-26T09:06:15.188461Z"} {"uuid": "eb709cf7-7ad7-44ca-a015-b7852182fa71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mmqnbdggm72p", "content": "A critical vulnerability (CVE-2026-5426) in the Japanese LMS Digital Knowledge KnowledgeDeliver allowed unauthenticated remote code execution. Attackers exploited this flaw [\u2026]", "creation_timestamp": "2026-05-26T09:06:15.188461Z"} https://vulnerability.circl.lu/sighting/eb709cf7-7ad7-44ca-a015-b7852182fa71/export Tue, 26 May 2026 09:06:15 +0000 23bb807c-e919-4f40-892a-f387aa28f671 https://vulnerability.circl.lu/sighting/23bb807c-e919-4f40-892a-f387aa28f671/export {"uuid": "23bb807c-e919-4f40-892a-f387aa28f671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5426", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mmqwyadgzi2x", "content": "\ud83d\udce2 Exploitation zero-day de KnowledgeDeliver via d\u00e9s\u00e9rialisation ViewState ASP.NET (CVE-2026-5426)\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nFin 2025, Mandia\u2026\nhttps://cyberveille.ch/posts/2026-05-26-exploitation-zero-day-de-knowledgedeliver-via-deserialisation-viewstate-asp-net-cve-2026-5426/ #ASP_NET_MachineKey #Cyberveille", "creation_timestamp": "2026-05-26T12:00:06.872142Z"} {"uuid": "23bb807c-e919-4f40-892a-f387aa28f671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5426", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mmqwyadgzi2x", "content": "\ud83d\udce2 Exploitation zero-day de KnowledgeDeliver via d\u00e9s\u00e9rialisation ViewState ASP.NET (CVE-2026-5426)\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nFin 2025, Mandia\u2026\nhttps://cyberveille.ch/posts/2026-05-26-exploitation-zero-day-de-knowledgedeliver-via-deserialisation-viewstate-asp-net-cve-2026-5426/ #ASP_NET_MachineKey #Cyberveille", "creation_timestamp": "2026-05-26T12:00:06.872142Z"} https://vulnerability.circl.lu/sighting/23bb807c-e919-4f40-892a-f387aa28f671/export Tue, 26 May 2026 12:00:06 +0000 9c618aef-7edd-425b-bbf8-c6c5e05d1e18 https://vulnerability.circl.lu/sighting/9c618aef-7edd-425b-bbf8-c6c5e05d1e18/export {"uuid": "9c618aef-7edd-425b-bbf8-c6c5e05d1e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://t.me/true_secator/8244", "content": "\u041f\u043e\u0434\u0432\u0435\u0434 Google, Mandiant \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e 0-day \u0432 KnowledgeDeliver, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\u043c (LMS) KnowledgeDeliver, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0430\u044f Digital Knowledge, \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0438 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u0443\u0447\u0435\u043d\u0438\u044f, \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0432 \u042f\u043f\u043e\u043d\u0438\u0438.\n\n0-day, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2026-5426 (CVSS 7,5), \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u0432\u0438\u0434\u0443 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0432 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f\u0445 Digital Knowledge \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b web.config, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f machineKey, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u043e\u0439 ASP.NET \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u0432 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0437\u043d\u0430\u044e\u0449\u0438\u043c \u043a\u043b\u044e\u0447\u0438, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u0432 \u0430\u0442\u0430\u043a\u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 ViewState.\n\nAPP.NET ViewState \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u043c\u0435\u0436\u0434\u0443 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u043c\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438. \u041a\u043e\u0433\u0434\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d machineKey, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0434\u043b\u044f ViewState. \u041e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u044d\u0442\u0443 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0435, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0451.\n\n\u0414\u0430\u043d\u043d\u044b\u0439 \u0442\u0438\u043f \u0430\u0442\u0430\u043a\u0438 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u0438\u043d\u043a\u043e\u0439 \u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0441\u044f \u0432 \u0445\u043e\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Sitecore\u00a0\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439 CentreStack, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u00a0\u0430\u0442\u0430\u043a\u0430\u0445\u00a0\u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Godzilla.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Mandiant, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0443\u043b\u044f \u0432 KnowledgeDeliver \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0430 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a Godzilla (\u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u0430\u043a Bluebeam).\n\n\u0420\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0435\u043c\u043e\u0435 \u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u044d\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 Godzilla \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0444\u0430\u0439\u043b\u0430 JavaScript \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u0446\u0435\u043b\u044c\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0438 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043b\u043e\u0436\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d.\n\n\u0412 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c Cobalt Strike. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0430 \u043a\u043b\u044e\u0447\u043e\u043c, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438-\u0436\u0435\u0440\u0442\u0432\u044b, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Mandiant \u0441\u0447\u0438\u0442\u0430\u0435\u0442, \u0447\u0442\u043e \u0431\u044d\u043a\u0434\u043e\u0440 \u0431\u044b\u043b \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 IOCs, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0430\u0442\u0430\u043a\u043e\u0439, \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439. \u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043c\u0435\u043d\u044f\u0442\u044c \u043a\u043b\u044e\u0447\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0432\u043e\u0438\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a LMS.\n\n\u0412\u0441\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f KnowledgeDeliver, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0434\u043e 24 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2026 \u0433\u043e\u0434\u0430, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b 0-day \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.", "creation_timestamp": "2026-05-26T14:50:06.000000Z"} {"uuid": "9c618aef-7edd-425b-bbf8-c6c5e05d1e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://t.me/true_secator/8244", "content": "\u041f\u043e\u0434\u0432\u0435\u0434 Google, Mandiant \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e 0-day \u0432 KnowledgeDeliver, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a \u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\u043c (LMS) KnowledgeDeliver, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0430\u044f Digital Knowledge, \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0438 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u0443\u0447\u0435\u043d\u0438\u044f, \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0432 \u042f\u043f\u043e\u043d\u0438\u0438.\n\n0-day, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2026-5426 (CVSS 7,5), \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u0432\u0438\u0434\u0443 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0432 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f\u0445 Digital Knowledge \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b web.config, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f machineKey, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u043e\u0439 ASP.NET \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u0432 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0437\u043d\u0430\u044e\u0449\u0438\u043c \u043a\u043b\u044e\u0447\u0438, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u0432 \u0430\u0442\u0430\u043a\u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 ViewState.\n\nAPP.NET ViewState \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u043c\u0435\u0436\u0434\u0443 \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u043c\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438. \u041a\u043e\u0433\u0434\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d machineKey, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0434\u043b\u044f ViewState. \u041e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u044d\u0442\u0443 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0435, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0451.\n\n\u0414\u0430\u043d\u043d\u044b\u0439 \u0442\u0438\u043f \u0430\u0442\u0430\u043a\u0438 \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u0438\u043d\u043a\u043e\u0439 \u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0441\u044f \u0432 \u0445\u043e\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Sitecore\u00a0\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439 CentreStack, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u00a0\u0430\u0442\u0430\u043a\u0430\u0445\u00a0\u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Godzilla.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Mandiant, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0443\u043b\u044f \u0432 KnowledgeDeliver \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0430 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a Godzilla (\u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u0430\u043a Bluebeam).\n\n\u0420\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0435\u043c\u043e\u0435 \u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u044d\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 Godzilla \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0444\u0430\u0439\u043b\u0430 JavaScript \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u0446\u0435\u043b\u044c\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u0438 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043b\u043e\u0436\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d.\n\n\u0412 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c Cobalt Strike. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0430 \u043a\u043b\u044e\u0447\u043e\u043c, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438-\u0436\u0435\u0440\u0442\u0432\u044b, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Mandiant \u0441\u0447\u0438\u0442\u0430\u0435\u0442, \u0447\u0442\u043e \u0431\u044d\u043a\u0434\u043e\u0440 \u0431\u044b\u043b \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 IOCs, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0430\u0442\u0430\u043a\u043e\u0439, \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439. \u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043c\u0435\u043d\u044f\u0442\u044c \u043a\u043b\u044e\u0447\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0432\u043e\u0438\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a LMS.\n\n\u0412\u0441\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f KnowledgeDeliver, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0434\u043e 24 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2026 \u0433\u043e\u0434\u0430, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b 0-day \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.", "creation_timestamp": "2026-05-26T14:50:06.000000Z"} https://vulnerability.circl.lu/sighting/9c618aef-7edd-425b-bbf8-c6c5e05d1e18/export Tue, 26 May 2026 14:50:06 +0000 4814c8d5-368c-4c80-af11-1b4b018c27c3 https://vulnerability.circl.lu/sighting/4814c8d5-368c-4c80-af11-1b4b018c27c3/export {"uuid": "4814c8d5-368c-4c80-af11-1b4b018c27c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mmreekkxak2q", "content": "\ud83d\udea8 #Alerta de #Ciberseguridad: Explotaci\u00f3n Zero-Day CVE-2026-5426 en #LMS \" #KnowledgeDeliver\" www.newstecnicas.com/2026/05/aler...", "creation_timestamp": "2026-05-26T15:59:49.484719Z"} {"uuid": "4814c8d5-368c-4c80-af11-1b4b018c27c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mmreekkxak2q", "content": "\ud83d\udea8 #Alerta de #Ciberseguridad: Explotaci\u00f3n Zero-Day CVE-2026-5426 en #LMS \" #KnowledgeDeliver\" www.newstecnicas.com/2026/05/aler...", "creation_timestamp": "2026-05-26T15:59:49.484719Z"} https://vulnerability.circl.lu/sighting/4814c8d5-368c-4c80-af11-1b4b018c27c3/export Tue, 26 May 2026 15:59:49 +0000 6112ceae-6368-4b70-915a-a547c6b5b78f https://vulnerability.circl.lu/sighting/6112ceae-6368-4b70-915a-a547c6b5b78f/export {"uuid": "6112ceae-6368-4b70-915a-a547c6b5b78f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmryjq4to32s", "content": "Mandiant says attackers used CVE-2026-5426 in KnowledgeDeliver LMS as a zero-day to deploy Godzilla web shells, abuse reused ASP.NET machine keys, and trigger Cobalt Strike via ViewState deserialization. #KnowledgeDeliver #Mandiant #CobaltStrike", "creation_timestamp": "2026-05-26T22:00:27.686846Z"} {"uuid": "6112ceae-6368-4b70-915a-a547c6b5b78f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmryjq4to32s", "content": "Mandiant says attackers used CVE-2026-5426 in KnowledgeDeliver LMS as a zero-day to deploy Godzilla web shells, abuse reused ASP.NET machine keys, and trigger Cobalt Strike via ViewState deserialization. #KnowledgeDeliver #Mandiant #CobaltStrike", "creation_timestamp": "2026-05-26T22:00:27.686846Z"} https://vulnerability.circl.lu/sighting/6112ceae-6368-4b70-915a-a547c6b5b78f/export Tue, 26 May 2026 22:00:27 +0000 9f3a1b37-89ac-410f-9daf-14a0df049473 https://vulnerability.circl.lu/sighting/9f3a1b37-89ac-410f-9daf-14a0df049473/export {"uuid": "9f3a1b37-89ac-410f-9daf-14a0df049473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-486a-16a3-a903-786386626250", "content": "CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON\n@informaticaMandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni.RE: insicurezzadigitale.com/?p=977\u2026", "creation_timestamp": "2026-05-27T07:56:52.045931Z"} {"uuid": "9f3a1b37-89ac-410f-9daf-14a0df049473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-486a-16a3-a903-786386626250", "content": "CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON\n@informaticaMandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni.RE: insicurezzadigitale.com/?p=977\u2026", "creation_timestamp": "2026-05-27T07:56:52.045931Z"} https://vulnerability.circl.lu/sighting/9f3a1b37-89ac-410f-9daf-14a0df049473/export Wed, 27 May 2026 07:56:52 +0000 de1c8b31-7a9b-414e-a2a1-c47de03eaf5f https://vulnerability.circl.lu/sighting/de1c8b31-7a9b-414e-a2a1-c47de03eaf5f/export {"uuid": "de1c8b31-7a9b-414e-a2a1-c47de03eaf5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/cybersecurity.poliverso.org.ap.brid.gy/post/3mmszuhdmsjq2", "content": "# **CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON**\n\n\n@informatica\nMandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise [\u2026]", "creation_timestamp": "2026-05-27T07:57:03.424559Z"} {"uuid": "de1c8b31-7a9b-414e-a2a1-c47de03eaf5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/cybersecurity.poliverso.org.ap.brid.gy/post/3mmszuhdmsjq2", "content": "# **CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON**\n\n\n@informatica\nMandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise [\u2026]", "creation_timestamp": "2026-05-27T07:57:03.424559Z"} https://vulnerability.circl.lu/sighting/de1c8b31-7a9b-414e-a2a1-c47de03eaf5f/export Wed, 27 May 2026 07:57:03 +0000 46c0336c-5678-4faf-9289-c3a763c2be79 https://vulnerability.circl.lu/sighting/46c0336c-5678-4faf-9289-c3a763c2be79/export {"uuid": "46c0336c-5678-4faf-9289-c3a763c2be79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/nuke86.rfeed.it/post/3mmtcnajjkr24", "content": "CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON\nil blog: insicurezzadigitale.com/cve-2026-542...\n\n#cybersecurity #apt #backdoor #cobaltstrike #infosec #malware #zeroday", "creation_timestamp": "2026-05-27T10:34:06.319794Z"} {"uuid": "46c0336c-5678-4faf-9289-c3a763c2be79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/nuke86.rfeed.it/post/3mmtcnajjkr24", "content": "CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON\nil blog: insicurezzadigitale.com/cve-2026-542...\n\n#cybersecurity #apt #backdoor #cobaltstrike #infosec #malware #zeroday", "creation_timestamp": "2026-05-27T10:34:06.319794Z"} https://vulnerability.circl.lu/sighting/46c0336c-5678-4faf-9289-c3a763c2be79/export Wed, 27 May 2026 10:34:06 +0000 021f9c9b-f2db-44bb-ba8e-1d26ee24f63a https://vulnerability.circl.lu/sighting/021f9c9b-f2db-44bb-ba8e-1d26ee24f63a/export {"uuid": "021f9c9b-f2db-44bb-ba8e-1d26ee24f63a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/Mozilla.activitypub.awakari.com.ap.brid.gy/post/3mmu7muiluxh2", "content": "\ud83d\udea9 Critical KnowledgeDeliver RCE (CVE-2026-5426) abused via shared ASP.NET machine keys to deliver web shells and Cobalt Strike KnowledgeDeliver exploit (CVE-2026-5426) enables RCE via ViewState ...\n\n#TIGR #malware #vulnerability\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-27T19:12:55.396158Z"} {"uuid": "021f9c9b-f2db-44bb-ba8e-1d26ee24f63a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://bsky.app/profile/Mozilla.activitypub.awakari.com.ap.brid.gy/post/3mmu7muiluxh2", "content": "\ud83d\udea9 Critical KnowledgeDeliver RCE (CVE-2026-5426) abused via shared ASP.NET machine keys to deliver web shells and Cobalt Strike KnowledgeDeliver exploit (CVE-2026-5426) enables RCE via ViewState ...\n\n#TIGR #malware #vulnerability\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-27T19:12:55.396158Z"} https://vulnerability.circl.lu/sighting/021f9c9b-f2db-44bb-ba8e-1d26ee24f63a/export Wed, 27 May 2026 19:12:55 +0000 d47dc552-4bdc-4f31-8b24-23e8a1ce21fa https://vulnerability.circl.lu/sighting/d47dc552-4bdc-4f31-8b24-23e8a1ce21fa/export {"uuid": "d47dc552-4bdc-4f31-8b24-23e8a1ce21fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "Telegram/IqAYll4ZzjxpeZQ_8CUvuT_fob3B5lJjEUBfv2EUXY56hck", "content": "", "creation_timestamp": "2026-05-27T21:12:27.000000Z"} {"uuid": "d47dc552-4bdc-4f31-8b24-23e8a1ce21fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "Telegram/IqAYll4ZzjxpeZQ_8CUvuT_fob3B5lJjEUBfv2EUXY56hck", "content": "", "creation_timestamp": "2026-05-27T21:12:27.000000Z"} https://vulnerability.circl.lu/sighting/d47dc552-4bdc-4f31-8b24-23e8a1ce21fa/export Wed, 27 May 2026 21:12:27 +0000