{"vulnerability": "CVE-2026-29014", "sightings": [{"uuid": "b1c52e65-e0eb-4b15-92eb-d468b35c7f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-29014.yaml", "content": "", "creation_timestamp": "2026-04-06T03:05:00.000000Z"}, {"uuid": "6d86fd79-c7d5-48d5-922f-fe02b5f75275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3migyydiyl327", "content": "", "creation_timestamp": "2026-04-01T15:28:33.722980Z"}, {"uuid": "2af7161a-eaa1-4489-bcea-49f9ca80969b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mih4fyrdgh2w", "content": "", "creation_timestamp": "2026-04-01T16:29:53.985433Z"}, {"uuid": "2850c396-b201-4fad-b6e4-b6641771a1fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mih4h2yr572w", "content": "", "creation_timestamp": "2026-04-01T16:30:30.329912Z"}, {"uuid": "e2d4a801-ad36-4379-8ea8-3348179ce41c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mkghdhlqwa2t", "content": "", "creation_timestamp": "2026-04-26T21:03:02.959857Z"}, {"uuid": "d69926b2-ebfe-40e6-b2e1-00fdc261464e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "Telegram/LPiyqtmOsuMBSJ4TiscGzigzJ0idlnzzivv75bN9d93RTXE", "content": "", "creation_timestamp": "2026-04-01T15:26:09.000000Z"}, {"uuid": "a897173c-2e1a-4481-8c83-96feafcffa24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10152", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks \u2013 thehackernews.com\n\nTue, 05 May 2026 19:56:00", "creation_timestamp": "2026-05-05T16:03:00.000000Z"}, {"uuid": "9fbff6aa-2801-492f-b776-05d123bb518b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3ml4amncfz227", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-05-05T13:01:29.846896Z"}, {"uuid": "bfa6e951-0382-424e-94a4-2475fc9abdc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3ml4buhm5762b", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks", "creation_timestamp": "2026-05-05T13:24:00.109792Z"}, {"uuid": "5770fd71-f4a0-43cc-8c1c-d3618509544c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3ml4bwabkpp2e", "content": "MetInfo CMS 7.9, 8.0, 8.1\u306b\u8a8d\u8a3c\u306a\u3057PHP\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\uff08CVE-2026-29014\uff09\u3042\u308a\u3002\u653b\u6483\u8005\u306f\u4efb\u610f\u30b3\u30fc\u30c9\u5b9f\u884c\u53ef\u80fd\u3002", "creation_timestamp": "2026-05-05T13:24:45.141531Z"}, {"uuid": "7845a958-a9ff-422b-9ccc-b4611ab69fd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ml4ciibyrd2u", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks", "creation_timestamp": "2026-05-05T13:34:57.542346Z"}, {"uuid": "4f992073-8d25-4974-af96-74a0a7eccdc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29014", "type": "seen", "source": "https://bsky.app/profile/montxt.bsky.social/post/3ml4d7mzeba2v", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks  https://thehackernews.com/2026/05/metinfo-cms-cve-2026-29014-exploited.html", "creation_timestamp": "2026-05-05T13:47:53.781982Z"}, {"uuid": "abd7468a-f611-4225-9c67-d562f4f69c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://t.me/cibsecurity/89306", "content": "\ud83d\udd8b\ufe0f MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks \ud83d\udd8b\ufe0f\n\nThreat actors are actively exploiting a critical security flaw impacting an opensource content management system CMS known as MetInfo, according to new findings from VulnCheck. The vulnerability in question is CVE202629014 CVSS score 9.8, a code injection flaw that could result in arbitrary code execution. \"MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-05-05T13:00:12.000000Z"}, {"uuid": "473c7625-f08f-4043-9650-eae8016c8647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://t.me/ctinow/249768", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks\nhttps://ift.tt/oO9uPZB", "creation_timestamp": "2026-05-05T12:59:52.000000Z"}, {"uuid": "23f7ec49-6816-49d6-9b9a-e229ab446013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://t.me/thehackernews/8935", "content": "\u26a0\ufe0f A critical MetInfo CMS flaw (CVE-2026-29014, CVSS 9.8) is under active exploitation, allowing unauthenticated remote code execution.\n\nAttacks began April 25 and surged by May 1, targeting exposed systems globally.\n\nDetails: https://thehackernews.com/2026/05/metinfo-cms-cve-2026-29014-exploited.html", "creation_timestamp": "2026-05-05T13:09:51.000000Z"}, {"uuid": "c1e7f7e8-814c-4c3a-8e3c-4e453df2e86c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116522561593846577", "content": "\ud83d\udcf0 Critical MetInfo CMS Vulnerability Under Active Exploitation\n\ud83d\udea8 ACTIVE EXPLOITATION! A critical RCE flaw (CVE-2026-29014, CVSS 9.8) in MetInfo CMS is being widely exploited. Unauthenticated attackers can gain full server control. Patch immediately! #CVE #RCE #CyberSecurity #Vulnerability\n\ud83d\udd17 https://cyber.netsecops.io", "creation_timestamp": "2026-05-05T15:00:09.467756Z"}, {"uuid": "d317f017-1d66-44a6-8bfe-f3945c96fc70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3ml4hb3sa4n2m", "content": "\ud83d\udea8 ACTIVE EXPLOITATION! A critical RCE flaw (CVE-2026-29014, CVSS 9.8) in MetInfo CMS is being widely exploited. Unauthenticated attackers can gain full server control. Patch immediately! #CVE #RCE #CyberSecurity #Vulnerability", "creation_timestamp": "2026-05-05T15:00:18.750475Z"}, {"uuid": "99d529aa-fb9a-47ec-8302-4d50a3fcbf70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3ml4imap35s26", "content": "Threat actors are actively exploiting CVE-2026-29014, a critical code injection flaw in MetInfo CMS. The vulnerability allows remote, unauthenticated attackers [\u2026]", "creation_timestamp": "2026-05-05T15:24:26.477979Z"}, {"uuid": "28a3d54f-f20b-4517-9d5d-14cce5571727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://thehackernews.com/2026/05/metinfo-cms-cve-2026-29014-exploited.html", "content": "Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck.\nThe vulnerability in question is CVE-2026-29014 (CVSS score: 9.8), a code injection flaw that could result in arbitrary code execution.\n\"MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code", "creation_timestamp": "2026-05-05T09:56:00.000000Z"}, {"uuid": "3460fbc6-2663-4ab3-a8f7-c125b893c1fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml73kh2muk2l", "content": "Critical #MetInfoCMS vulnerability (CVE-2026-29014) exploited for remote code execution. Patch now to secure your systems! #CyberSecurity #InfoSec #WebSecurity Link: thedailytechfeed.com/critical-met...", "creation_timestamp": "2026-05-06T16:08:47.220476Z"}, {"uuid": "87a10290-eaa1-45a6-9000-cb46d48ef99e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "Telegram/mH9W_yuxOmzENs3bQFLbHHEWMwEHnxxDCe_RWaigepYXtg", "content": "", "creation_timestamp": "2026-05-05T17:10:43.000000Z"}, {"uuid": "74efedf7-451b-493c-bb9c-69bf4eaf9790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3ml6gwudqek2g", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks\n\nThreat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck.\nThe vulnerability in question\u2026\n#hackernews #news", "creation_timestamp": "2026-05-06T09:59:55.857241Z"}, {"uuid": "6fe5ad1c-1d1c-4f67-a9d7-b12d37a92564", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29014", "type": "seen", "source": "https://bsky.app/profile/yourdailytechnews.bsky.social/post/3mlb65swm7k2y", "content": "CyberWireDaily: MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks\nThreat actors actively exploit CVE-2026-29014, a critical unauthenticated code injection vulnerability in MetInfo CMS\u2026\n\nhttps://cyberwiredaily.net/article/2026-05-06-metinfo-cms-cve-2026-29014-exploited-for", "creation_timestamp": "2026-05-07T12:00:44.944331Z"}, {"uuid": "7832d5b2-15d8-41d3-ab59-a550f9a0665d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://t.me/true_secator/8179", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u043d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0430\u044f:\n\n1. \u0412 Android \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, CVE-2026-0073, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u041e\u0421 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0431\u0435\u0437 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\u00a0\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 adbd (Android Debug Bridge daemon), \u0444\u043e\u043d\u043e\u0432\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u0441\u0432\u044f\u0437\u044c\u044e \u043c\u0435\u0436\u0434\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u043e\u0442\u043b\u0430\u0434\u043a\u0443 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435.\n\n\u041f\u043e\u043a\u0430 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-0073 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0435\u0442, \u043d\u043e \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n2. Apache \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 HTTP Server \u0438 MINA, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE.\n\n\u0412 Apache HTTP Server 2.4.67 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0434\u043b\u044f 11 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 10 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c - CVE-2026-23918, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u0432\u043e\u0439\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2. \u0418\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044f \u043f\u0440\u0435\u0436\u0434\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0441\u0431\u0440\u043e\u0441, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, CVE-2026-28780, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 AJP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f, \u0432\u044b\u0437\u044b\u0432\u0430\u044f DoS \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043a\u043e\u0434.\n\n\u0422\u0440\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, CVE-2026-29168, CVE-2026-29169 \u0438 CVE-2026-33007, \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a DoS, \u0430 \u0435\u0449\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 (CVE-2026-24072, CVE-2026-33857, CVE-2026-34032 \u0438 CVE-2026-34059) - \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 CRLF (CVE-2026-33523), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c HTTP-\u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438, \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u043e\u0431\u043e\u0447\u043d\u044b\u0445 \u043a\u0430\u043d\u0430\u043b\u043e\u0432 \u043f\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 (CVE-2026-33006), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Digest.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Apache\u00a0\u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 MINA 2.2.7 \u0438 MINA 2.1.12, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - CVE-2026-42778 \u0438 CVE-2026-42779. \n\n\u041f\u0435\u0440\u0432\u0430\u044f - \u044d\u0442\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41409, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u044f CVE-2024-52046, \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f RCE.\n\n\u0412\u0442\u043e\u0440\u0430\u044f - \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2026-41635, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u0441\u043e\u0431\u043e\u0439 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0441\u043f\u0438\u0441\u043a\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n3. VulnCheck \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2026-29014\u00a0(CVSS: 9,8) \u0432 CMS \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c MetInfo.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 MetInfo CMS 7.9, 8.0 \u0438 8.1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0441\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c PHP-\u043a\u043e\u0434\u043e\u043c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0443\u044e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043b\u044f RCE \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.", "creation_timestamp": "2026-05-06T18:50:06.000000Z"}, {"uuid": "8822cc11-1e90-40ea-bdaf-5d6f5ebe2a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29014", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/116532518658350479", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks https://thehackernews.com/2026/05/metinfo-cms-cve-2026-29014-exploited.html", "creation_timestamp": "2026-05-07T09:12:01.892449Z"}, {"uuid": "43625ca8-da8b-4fa2-9517-da72e98feaae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/librecanada.bsky.social/post/3mlbhjm2dus2c", "content": "The Hacker News - Article \n\"MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks\"...\n\nthehackernews.com/2026/05/meti...\n\n==========================\n#librecanada #linux #opensource", "creation_timestamp": "2026-05-07T14:48:23.871494Z"}, {"uuid": "f8f87b7b-eee0-49ec-bbf3-5441187db25f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibk6c2m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:35.852470Z"}, {"uuid": "d06ceff5-547e-4433-bef4-68cc2671961d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibsxk2m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:36.606543Z"}, {"uuid": "38fc66b7-6b64-4118-a0e8-0220c88bff14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibtws2m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:37.267406Z"}, {"uuid": "9f35d042-84f0-4395-be43-6fe75787e6e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibuw22m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:39.717651Z"}, {"uuid": "a9c11cfa-ad79-412b-9cb2-2c9841ee1ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibvvc2m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:40.652421Z"}, {"uuid": "d23cb80c-94ed-4e17-bb6b-2d3c02977734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibwuk2m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:41.452405Z"}, {"uuid": "2f9ca4b3-ca78-4064-975a-768a3106f5e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibxtt2m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:42.947631Z"}, {"uuid": "de87ff37-0c47-48c8-97e7-5aa827a8a509", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibxts2m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:42.187734Z"}, {"uuid": "c0b8ced4-60a6-4349-bb6d-e4ca7ccd3adc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mlblvibyt32m", "content": "4/ \ud83d\udd10 Critical patches this week: CVE-2026-29014 (MetInfo, CVSS 9.8, actively exploited). CVE-2026-0073 (Android zero-click RCE). Palo Alto PAN-OS zero-day being exploited by state actors. Patch. Now.", "creation_timestamp": "2026-05-07T16:06:43.743766Z"}, {"uuid": "1c34a3ec-629e-4c41-be9d-e61d7963b47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-29014", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mllm4itiel2o", "content": "\ud83d\udccc Critical Code Injection Vulnerability CVE-2026-29014 Actively Exploited in MetInfo CMS https://www.cyberhub.blog/article/25694-critical-code-injection-vulnerability-cve-2026-29014-actively-exploited-in-metinfo-cms", "creation_timestamp": "2026-05-11T15:37:10.036374Z"}, {"uuid": "109bee25-e3cf-4d32-9359-f9b8be4544ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3mlcfdv6dxb2u", "content": "MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks thehackernews.com/2026/05/meti...", "creation_timestamp": "2026-05-07T23:42:06.093052Z"}, {"uuid": "5ba7cadd-3770-4fa6-8fab-4c683be31842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29014", "type": "seen", "source": "https://t.me/realcodeb0ss/446", "content": "https://nvd.nist.gov/vuln/detail/CVE-2026-29014\n\n\nFofa : app=\"MetInfo\" or \"MetInfo CMS\"\n\nShodan : http.title:\"MetInfo\"\n\nEnjoy;", "creation_timestamp": "2026-05-30T13:12:13.000000Z"}]}