A PoC/exploit has been discovered for vulnerability CVE-2026-46242
PT ID: PT-2026-45095
Vendor: Linux
Product: Linux kernel
Description:
A race condition in the epoll subsystem allows an unprivileged local user to escalate privileges to root. The issue occurs in the ep remove() function (via ep remove file()), which clears file->f ep under file->f lock but continues to use the @file object within the critical section during hlist del rcu() and spin unlock(). A concurrent fput() can trigger the eventpoll release() fastpath, leading to a Use-After-Free (UAF) condition where the watched struct eventpoll is freed via ep free(), causing subsequent memory corruption. Additionally, because struct file is SLAB TYPESAFE BY RCU, the memory slot could be recycled by alloc empty file(), potentially allowing an attacker to control kmem cache free() against the wrong slab cache.
Link: https://t.co/tK5dSXEyT3
#dbugs_vuln
“Don’t just judge a book by its cover”
Even the payment to is enough even got once. Also consider the “darkside” of it.
“Only if accepted”🫤
750$x3
35000$
~37100$
#BugHunterLife#BugBounty
My main dork for (The Manual Testing) of the target's subs functionalities for ATO, Business logic, BAC, IDORs and Auth vulnerabilities
("login"|"signup"|"signin"|"register"|"create"|"portal"|"registeration"|"join"|"internal"|"logon") site:*.target.com -www
#bugbountytips
Did a quick SOC lab
Set up Kali (attacker) and Ubuntu (target), established SSH access, and simulated login activity.
Analyzed /var/log/auth.log to identify failed and successful login attempts — understanding how real attacks begin and how logs capture them.
#cybersecurity#SOC
‼️ M6Plus Proof of Concept (POC) CVE-2026-4583 (Missing Replay Protection)
The M6PLUS Bluetooth protocol lacks cryptographic authentication mechanisms. The only integrity check is a trivial single-byte XOR checksum, which can be easily recalculated by an attacker.
This allows any Bluetooth device to inject arbitrary transaction commands without the terminal being able to verify the command's origin or authenticity.
@InsiderPhD Have you gotten a chance to watch the unprompted talk about Claude finding a 0 day? Would love to hear your thoughts about that.
https://t.co/OAmgNeTC6K
someone at ANTHROPIC just showed CLAUDE finding ZERO DAY vulnerabilities in a live conference demo
claude has found zero day in Ghost, 50,000 stars on github, never had a critical security vulnerability in its entire, history...
it found the blind SQL injection in 90 minutes, stole the admin api key, then did the exact, same thing to the linux kernel
Spent more than 4 years me and Mr @wadgamaraldeen gathering and preparing full bug bounty methodology that you need to start bug bounty
I think You need to look at it , gathered alot of scenarios that can't be inside courses
Let's Do it
https://t.co/CaQ7eaxeow
#WebSecurity #AppSec #WebAppSecurity #Pentesting #PenTest #RedTeam #Vulnerability #VulnerabilityResearch #ExploitDevelopment #OWASP #OWASPTop10 #XSS #SQLInjection #IDOR #RCE #SSRF #LFI #bugbountytips #bugbounty #SecurityTesting
#BugBounty #CyberSecurity #EthicalHacking #InfoSec #HackerOne #Bugcrowd #SecurityResearch #OWASP
Did you know you can perform SQL injection tests on mobile applications using Ghauri or SQLmap? 🥳🥳🥰🥰 I managed to test potentially critical endpoints by combining both applications.
This way, you won't have to connect to the Android application via proxy or deal with SSL Pinning issues; you can directly subject the application to SQL injection tests.
I'll be sharing a great article and my tools about this soon, so stay tuned! 🌹🥳🥳
#bugbountytip #bugbountytips #infosec #recon #Android