{"uuid": "6344a9c8-2efa-439d-8f37-657492850374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5426", "type": "seen", "source": "https://thehackernews.com/2026/05/knowledgedeliver-lms-flaw-exploited-to.html", "content": "A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon.\n\nThe vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to", "creation_timestamp": "2026-05-26T03:19:38.000000Z"}