The Linux GNU C Library (glibc) versions 2.2 and other 2.x versions before 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu, Red Hat, and Debian. The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-41940 WebPros…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-1708 ConnectWise ScreenConnect Path…