{"vulnerability": "CVE-2026-46333", "sightings": [{"uuid": "04120479-21b4-4220-85cb-469378b5a158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/kiltedtux.bsky.social/post/3mlvh6iykyw2l", "content": "LWN: Seven new stable kernels with patches for CVE-2026-46333\nhttps://lwn.net/Articles/1073060/\n#linux #opensource #tech", "creation_timestamp": "2026-05-15T13:35:24.337253Z"}, {"uuid": "6725e3f4-aec1-428b-88a2-c918c078f1d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/etguenni.bsky.social/post/3mlxnzg2ibk2u", "content": "Neue Linux Kernel Schwachstelle ssh-keysign-pwn (CVE-2026-46333)\n\nborncity.com/blog/2026/05...", "creation_timestamp": "2026-05-16T10:43:04.888495Z"}, {"uuid": "18098098-86cf-4b2a-aaf8-7709040fcf74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/kravietz.agora.echelon.pl.ap.brid.gy/post/3mlvyzmoz5zp2", "content": "What a week\u2026 #Linux ssh-keysign-pwn (CVE-2026-46333):\n\nMitigation (breaks `strace`, `gdb` etc)\n\n\n    sudo sysctl -w kernel.yama.ptrace_scope=3\n    echo 'kernel.yama.ptrace_scope = 3' | sudo tee /etc/sysctl.d/99-ssh-keysign-pwn.conf\n\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-46333", "creation_timestamp": "2026-05-15T18:56:26.542378Z"}, {"uuid": "d3e8a9dc-d8bc-4c69-a113-f8cf603b6160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/aprosdoketon.bsky.social/post/3mlwg3l5gac2r", "content": "CVE-2026-46333", "creation_timestamp": "2026-05-15T22:48:31.311161Z"}, {"uuid": "2d39b550-98ac-4f8a-8de7-55b369872aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/fujiwara.bsky.social/post/3mlwhl3ciuj26", "content": "\"ssh-keysign-pwn (CVE-2026-46333): Patched kernels available in testing\"", "creation_timestamp": "2026-05-15T23:16:39.816231Z"}, {"uuid": "ddb46cd6-0e45-4370-80b5-a91aa8c7e807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46333", "type": "seen", "source": "https://social.tchncs.de/users/gborn/statuses/116583837638116996", "content": "Neue Linux Kernel Schwachstelle ssh-keysign-pwn (CVE-2026-46333)\nhttps://borncity.com/blog/2026/05/16/linux-schwachstelle-ssh-keysign-pwn-cve-2026-46333-ermoeglicht-fremdzugriff-auf-dateien/", "creation_timestamp": "2026-05-16T10:43:07.372079Z"}, {"uuid": "77d64444-0938-494a-8426-d059bfd9c3a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "Telegram/0LL51wE7H3pCot1BGYY3QqExSd1a0DM520erihe1hgvov-s", "content": "", "creation_timestamp": "2026-05-17T09:00:05.000000Z"}, {"uuid": "a8ca22b2-3413-42b8-8496-5d7c7b03d15c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mlzcx6mem62h", "content": "Top 3 CVE for last 7 days:\nCVE-2026-42511: 56 interactions\nCVE-2026-46300: 56 interactions\nCVE-2026-42897: 51 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-45062: 11 interactions\nCVE-2020-17103: 8 interactions\nCVE-2026-46333: 5 interactions\n", "creation_timestamp": "2026-05-17T02:41:52.018844Z"}, {"uuid": "967cefb2-606d-4767-b511-22fe23e5c637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "Telegram/mjKYtwBGh-p48w8zvyK_dmOaa4JWuY9k0ugNTHKD_EJnGeA", "content": "", "creation_timestamp": "2026-05-16T07:00:12.000000Z"}, {"uuid": "c67f3342-739e-489c-9bc4-9b6fc9096389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "Telegram/qFnncewX_FdOxDivGoEqJX19AvA6N2dSwzORt9UZIQWFUQU", "content": "", "creation_timestamp": "2026-05-17T02:07:47.000000Z"}, {"uuid": "0bf2720b-59bb-451f-a6dc-a844fa660af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/siyeonized.bsky.social/post/3mlyui2k5ek2z", "content": "voy a ver si ma\u00f1ana me pongo a intentar explotar la CVE-2026-46333 o  CVE-2026-31431 que parec\u00eda sencilla para m\u00ed TFM", "creation_timestamp": "2026-05-16T22:11:23.020959Z"}, {"uuid": "95d472ec-2f6c-4edf-98ce-e1e9a92bdd31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sn0.bsky.social/post/3mlz5blqdgkk2", "content": "\u3046\u30fc\u3093\u2026Linux\u306e\u5b89\u5168\u795e\u8a71\u3092\u6839\u62e0\u306b\u4f7f\u3046\u306e\u3082\u96e3\u3057\u304f\u306a\u3063\u3066\u304f\u308b\u308f\u306d\nssh-keysign-pwn (CVE-2026-46333)", "creation_timestamp": "2026-05-17T00:51:20.412189Z"}, {"uuid": "40a2872c-80b2-4b13-ad82-4c6ef547a167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/84533", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a public-passwd\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Aurillium\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-17 06:55:55\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nUse CVE-2026-46333 and CVE-2026-31431 to change any user's password.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-17T07:00:04.000000Z"}, {"uuid": "4b65bf78-5827-4eaf-9d39-bc4ebb125864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "Telegram/eJ_XuJ4mBNd-lwylDxspegor_v8Aby9HvlFsNuzO9g9tQUM", "content": "", "creation_timestamp": "2026-05-17T11:00:11.000000Z"}, {"uuid": "644f0943-99a5-4579-aa9b-7cfa5f2e0534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "Telegram/AKvzzPS6cRH5e3-Ghbw0kwesBlioL1QWpK2eWbvMSndUnWE", "content": "", "creation_timestamp": "2026-05-17T15:00:07.000000Z"}, {"uuid": "a71002bf-43ff-4788-a217-862533229b65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mm3wjmfexe22", "content": "Linux Kernel ptrace Exit-race Vulnerability / ssh-keysign-pwn (CVE-2026-46333) \u2014 Mitigation and Kernel Update on CloudLinux Right after the kernel privilege-escalation chain in the XFRM/ESP subsy...\n\n#KernelCare #CVE #Vulnerability #Live #Patching #kernel [\u2026] \n\n[Original post on blog.cloudlinux.com]", "creation_timestamp": "2026-05-18T03:31:41.049044Z"}, {"uuid": "8c8f3434-353f-44e6-b117-ef77bf26cd78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/ostechnix.bsky.social/post/3mm4qjgkvbk23", "content": "Linux Kernel 7.0.8 is released with patches to fix the ssh-keysign-pwn (CVE-2026-46333) root exploit flaw. Update your Linux system today.\n\nMore details here: ostechnix.com/linux-kernel... \n\n#Linux #Kernel708 #ssh_keysign_pwn #CVE_2026_46333 #Rootexploit #Security #Kernelpatch", "creation_timestamp": "2026-05-18T11:11:19.137729Z"}, {"uuid": "7237abaf-9ad0-4807-8be9-66a6ba8e4c61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46333", "type": "seen", "source": "https://bsky.app/profile/norviktech.bsky.social/post/3mm5hr3xm5t2n", "content": "La vulnerabilidad CVE-2026-46333 fue divulgada por Qualys el 15 de mayo y se refiere a un error en ptracemayaccess() que puede permitir a los pods de Kubernetes acceder a recursos de manera no autorizada.\n\nhttps://norvik.tech/news/analisis-cve-2026-46333-kubernetes", "creation_timestamp": "2026-05-18T18:07:27.278174Z"}, {"uuid": "c5e6b651-c152-4f2e-99a7-ecf95b4367cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "https://t.me/bdufstecru/3173", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 get_dumpable() \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438\n\nBDU:2026-06912\nCVE-2026-46333\n\n\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2026051554-CVE-2026-46333-662a@gregkh/\nhttps://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730\nhttps://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205\nhttps://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\nhttps://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181\nhttps://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\nhttps://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\nhttps://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2026-46333\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2026-46333", "creation_timestamp": "2026-05-18T14:18:14.000000Z"}, {"uuid": "bc7ae384-24e8-4749-9132-aba5caa2595d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/116598433590858492", "content": "AI Discovers CVE-2026-46333 Linux Kernel Vulnerability #devopsish https://linuxstans.com/ai-just-found-another-linux-zero-day-and-security-researchers-are-freaking-out/", "creation_timestamp": "2026-05-19T00:35:04.585846Z"}, {"uuid": "5dff88a7-80d7-4338-a021-b1cf14d78e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/getpacketai.bsky.social/post/3mm5kqfindv2c", "content": "CVE-2026-46333 lets Kubernetes pods steal file descriptors when seccomp is unset or Unconfined\u2014but RuntimeDefault stops it. Critical findings for securing your\u2026\n\nhttps://www.reddit.com/r/kubernetes/comments/1tg1cd8/cve202646333_in_kubernetes_unset_seccomp_let_pods/\n\n#cloud #AWS", "creation_timestamp": "2026-05-18T19:00:23.809991Z"}, {"uuid": "e38216d0-788e-4738-9815-3e37d59ff74c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/jschauma.mstdn.social.ap.brid.gy/post/3mmcki3g4jrc2", "content": "Qualys has published their full write-up of CVE-2026-46333: https://www.openwall.com/lists/oss-security/2026/05/20/15\n\nThis includes a PoC to full root via `accounts-daemon` demonstrated in Debian 13, Fedora Workstation 43/44, so goes well beyond the initial \"you need a program that opens a [\u2026]", "creation_timestamp": "2026-05-20T18:39:19.243008Z"}, {"uuid": "8072b07b-bd83-4995-9b3e-766bdce1585e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mmb7g74bycjl", "content": "CVE-2026-46333 (ssh-keysign-pwn) Linux kernel vulnerability mitigations | Ubuntu https://ubuntu.com//blog/ssh-keysign-pwn-linux-vulnerability-fixes-available", "creation_timestamp": "2026-05-20T05:49:07.052677Z"}, {"uuid": "c9f12cfa-5449-496e-9795-b4477d7ec8d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/limura.bsky.social/post/3mmc3zbcskc2s", "content": "\u3075\u3047\u3047 / 2\u4ef6\u306e\u30b3\u30e1\u30f3\u30c8  \u201cLinux Kernel\u306e\u8106\u5f31\u6027(ssh-keygen-pwn: Important: CVE-2026-46333) - SIOS SECURITY BLOG\u201d htn.to/3mugTEWhZD", "creation_timestamp": "2026-05-20T14:20:21.919382Z"}, {"uuid": "208ac6d2-754c-4f56-9479-be0fc2b3e72e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/Linux-Maintainers.activitypub.awakari.com.ap.brid.gy/post/3mmci6mvhshp2", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...\n\n#Vulnerabilities #and #Threat #Research #security #vulnerabilities\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-20T17:58:19.606255Z"}, {"uuid": "5449f6b7-7c45-4c96-8879-c9c56ee7a7e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mmeqcuniaju2", "content": "CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign Qualys disclosed CVE-2026-46333, a nine-year-old Linux privilege escalation flaw that gives local users a reliable path to root on Debi...\n\n#Resources #CVE #Vulnerability #Alerts [\u2026] \n\n[Original post on dailysecurityreview.com]", "creation_timestamp": "2026-05-21T15:28:56.016260Z"}, {"uuid": "4f5db1d2-39da-44f2-848f-663561d8e219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/news.karthihegde.dev/post/3mmclxxaxf22x", "content": "Logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333)\nDiscussion | lobsters | Author: fro", "creation_timestamp": "2026-05-20T19:05:49.841076Z"}, {"uuid": "84a88285-2a72-478b-8619-3ecb081bc316", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/lobsters-feed.bsky.social/post/3mmcm7j5rbt2p", "content": "Logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333) https://lobste.rs/s/nwdn3w #security #linux ", "creation_timestamp": "2026-05-20T19:10:03.744503Z"}, {"uuid": "c30fe6c0-5773-4266-8f76-33d5243be68f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "Telegram/_t5JFSPSOfbQz9kScpjpGdxXGShVNgFAEjUbRg__tg-gk3Q", "content": "", "creation_timestamp": "2026-05-20T07:00:15.000000Z"}, {"uuid": "27eb87f4-9c77-42ce-a0d0-dc500be9cfa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mmdxj4fwrbm2", "content": "9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros TheHackerNews CVE-2026-46333 is a nine-year Linux kernel improper privilege management flaw introduced in November 2016 ...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-21T08:05:05.305824Z"}, {"uuid": "1be51d00-631c-4730-bf96-616f94fc0ead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sec-news-bot.bsky.social/post/3mmdzpjqzqn23", "content": "Linux \u30ab\u30fc\u30cd\u30eb\u306e9\u5e74\u524d\u306e\u8106\u5f31\u6027\u304c\u7279\u5b9a\u3001\u6839\u6a29\u9650\u596a\u53d6\u306e\u5371\u967a\n\n2016\u5e7411\u6708\u306b\u5c0e\u5165\u3055\u308c\u305f CVE-2026-46333 \u306f\u3001Linux \u30ab\u30fc\u30cd\u30eb\u306e\u6a29\u9650\u7ba1\u7406\u306e\u4e0d\u5099\u306b\u3088\u308a root \u6a29\u9650\u3067\u306e\u4efb\u610f\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u3002CVSS \u30b9\u30b3\u30a2 5.5\u3002\u4e3b\u8981 Linux \u30c7\u30a3\u30b9\u30c8\u30ed\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3002\n\n#CVE #\u8106\u5f31\u6027 #\u60c5\u5831\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3", "creation_timestamp": "2026-05-21T08:44:19.159697Z"}, {"uuid": "00939bd9-db0f-44c2-9b1d-478581b179bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mme3qlv3sl2i", "content": "CVE-2026-46333: Nine-Year-Old Linux Kernel Flaw Enables Root Escalation", "creation_timestamp": "2026-05-21T09:20:43.102156Z"}, {"uuid": "fd2eb857-cddb-4d8d-9f0a-40f00cd95635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://t.me/ctinow/250600", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path\nhttps://ift.tt/Dl5d2LC", "creation_timestamp": "2026-05-20T15:49:31.000000Z"}, {"uuid": "53e8a97e-062e-44da-9b41-d20b08a7a0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/Linux-Maintainers.activitypub.awakari.com.ap.brid.gy/post/3mmcf64vjjtf2", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...\n\n#Uncategorized #Vulnerabilities #and #Threat #Research [\u2026] \n\n[Original post on blog.qualys.com]", "creation_timestamp": "2026-05-20T17:05:33.200476Z"}, {"uuid": "fb0dfd6f-0fc9-4f93-9d4a-0c9cc6eaffa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/cyberkendra.com/post/3mmdky5t32s2v", "content": "\ud83d\udd34 CVE-2026-46333 \u2014 Linux Kernel ptrace Flaw, Full Advisory Released\nQualys today published the complete advisory for a nine-year-old Linux kernel flaw that lets any local unprivileged user.\n\nRead Detail- www.cyberkendra.com/2026/05/nine...\n#linux #security #vulnerability #infosec", "creation_timestamp": "2026-05-21T04:20:50.340207Z"}, {"uuid": "d6f75376-9703-4512-8749-e6a3c57db5a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://gist.github.com/alon710/9c0d20e9d0fe058b907c7e32ba953536", "content": "# CVE-2026-46333: CVE-2026-46333: Local Information Disclosure in Linux Kernel Process Exit Path\n\n> **CVSS Score:** 7.1\n> **Published:** 2026-05-15\n> **Full Report:** https://cvereports.com/reports/CVE-2026-46333\n\n## Summary\nCVE-2026-46333 is a high-severity race condition in the Linux kernel process management subsystem, specifically involving the get_dumpable() logic during process exit. Local attackers can exploit this timing window to hijack file descriptors belonging to privileged SUID/SGID processes, leading to the disclosure of sensitive files such as SSH private keys and shadow password hashes.\n\n## TL;DR\nA race condition in the Linux kernel process exit sequence allows local unprivileged users to steal open file descriptors from SUID processes. By targeting binaries like ssh-keysign, attackers can read root-owned files such as SSH host keys.\n\n## Exploit Status: WEAPONIZED\n\n## Technical Details\n\n- **Vulnerability Class**: Race Condition (CWE-362)\n- **Attack Vector**: Local (AV:L)\n- **CVSS v3.1 Score**: 7.1 (High)\n- **EPSS Score**: 0.01% (0.44th percentile)\n- **Exploit Status**: Weaponized PoC Available\n- **CISA KEV**: Not Listed\n- **Primary Target**: /usr/lib/openssh/ssh-keysign\n\n## Affected Systems\n\n- Linux Kernel\n- Ubuntu\n- Red Hat Enterprise Linux\n- **Linux Kernel Mainline**: < 7.1-rc4 (Fixed in: `7.1-rc4`)\n- **Linux Kernel Stable (6.18.x)**: < 6.18.31 (Fixed in: `6.18.31`)\n- **Ubuntu Linux**: 14.04 - 26.04 (Fixed in: `TBD`)\n\n## Mitigation\n\n- Upgrade the Linux kernel to a version containing commit 93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6.\n- Restrict ptrace access globally using the Yama security module.\n- Monitor audit logs for unexpected pidfd_getfd usage or unprivileged ptrace attempts against SUID binaries.\n\n**Remediation Steps:**\n1. Verify the current kernel version using 'uname -r'.\n2. Apply updates via the distribution package manager (e.g., 'apt upgrade linux-image-generic' or 'dnf update kernel').\n3. Reboot the system to load the patched kernel.\n4. If patching is delayed, execute 'sudo sysctl -w kernel.yama.ptrace_scope=2' as a temporary measure.\n5. Persist the workaround by running 'echo \"kernel.yama.ptrace_scope=2\" | sudo tee /etc/sysctl.d/99-ptrace.conf'.\n\n## References\n\n- [NVD Vulnerability Details](https://nvd.nist.gov/vuln/detail/CVE-2026-46333)\n- [Red Hat Advisory RHSB-2026-004](https://access.redhat.com/security/vulnerabilities/RHSB-2026-004)\n- [Ubuntu Security Blog: ssh-keysign-pwn](https://ubuntu.com/blog/ssh-keysign-pwn-linux-vulnerability-fixes-available)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-46333) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-21T04:00:50.000000Z"}, {"uuid": "78735610-3538-4bee-b283-c1cc42d15aba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mme5n32ldx22", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path", "creation_timestamp": "2026-05-21T09:54:32.090306Z"}, {"uuid": "e1b5c119-4cc8-4f81-839e-f53ab737b742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html", "content": "Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years.\n\nThe vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major", "creation_timestamp": "2026-05-21T05:35:53.000000Z"}, {"uuid": "3bb662a7-72d1-40e6-8cea-71f9b621bbcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mmefcrbdn2y2", "content": "Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, exposes a serious local privilege escalat...\n\n#Cyber #Security #News #Linux #Vulnerability #News [\u2026] \n\n[Original post on cybersecuritynews.com]", "creation_timestamp": "2026-05-21T12:12:01.204782Z"}, {"uuid": "d30cb28d-008b-483c-9f76-918f0524766e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmefeedwn523", "content": "Linux\u30ab\u30fc\u30cd\u30eb\u306e9\u5e74\u9593\u672a\u691c\u51fa\u306e\u8106\u5f31\u6027(CVE-2026-46333)\u306b\u3088\u308a\u3001\u7279\u6a29\u306e\u306a\u3044\u30ed\u30fc\u30ab\u30eb\u30e6\u30fc\u30b6\u30fc\u304croot\u6a29\u9650\u3067\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u53ef\u80fd\u3002", "creation_timestamp": "2026-05-21T12:12:49.850998Z"}, {"uuid": "15018486-524a-487f-a6e5-54b2ceb5deb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/appinn.bsky.social/post/3mmem7jjypv2y", "content": "\u8fd9\u662f\u4eca\u5929\uff082026\u5e745\u670821\u65e5\uff09\u65e9\u4e0a\uff1a \u8fd9\u662f\u4eca\u5929\u665a\u4e0a\uff1a \u4e5f\u4e0d\u77e5\u9053\u8bf4\u4ec0\u4e48\u4e86\uff0c\u76f4\u63a5\u770b\u5427\u3002 Linux \u7b2c4\u6f0f\u6d1e\uff1aCVE-2026-46333\uff087.1\u5206\uff09 \u8fd9\u662f\u7ee7 Copy Fail\uff084 \u6708 29 \u65e5\uff09\u3001Dirty Frag\uff085 \u6708 7 \u65e5\uff09\u548c Fragnesia\uff085 \u6708 13", "creation_timestamp": "2026-05-21T14:15:23.541269Z"}, {"uuid": "bddba5ee-da6a-45e8-9b7d-e8a471fece22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/rspinternetgroup.bsky.social/post/3mmfrfk7r4c2t", "content": "\u3010\u304a\u77e5\u3089\u305b\u3011[RisuPu] Linux\u30ab\u30fc\u30cd\u30eb\u306b\u304a\u3051\u308b\u30ed\u30fc\u30ab\u30eb\u6a29\u9650\u6607\u683c\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\uff08CVE-2026-46300\uff0fCVE-2026-46333\uff09\u306b\u95a2\u3059\u308b\u5bfe\u5fdc\u306b\u3064\u3044\u3066\nrspig.jp/notice/fragn...", "creation_timestamp": "2026-05-22T01:23:06.445224Z"}, {"uuid": "d4e9e752-7617-4963-a8c8-27f2cd709c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mmg56svosc2g", "content": "9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros\n\nCybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years.\n\nThe vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case\u2026\n#hackernews #news", "creation_timestamp": "2026-05-22T04:51:53.303110Z"}, {"uuid": "c16c9851-4642-45ce-ad0f-723f9049da37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "Telegram/eGNnV304XEqDFAANRXhi1HE7X9MoKYAjwKK0DWUVMn_blw", "content": "", "creation_timestamp": "2026-05-21T12:29:26.000000Z"}, {"uuid": "bc9c314a-7613-44c5-9f20-adf31ffac7af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://www.cert.dk/news/2026-05-22/Gammel-Linux-fejl-giver-lokal-root-adgang", "content": "", "creation_timestamp": "2026-05-22T00:22:03.000000Z"}, {"uuid": "0dda4a5f-ced9-4ee9-9940-c9522773b686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmgyqvvbua2x", "content": "\ud83d\udd17 CVE : CVE-2025-21999, CVE-2025-38024, CVE-2025-71238, CVE-2026-23191, CVE-2026-23243, CVE-2026-23401, CVE-2026-31419, CVE-2026-31532, CVE-2026-43284, CVE-2026-46300, CVE-2026-46333", "creation_timestamp": "2026-05-22T13:05:12.537893Z"}, {"uuid": "50aa2c20-5133-44da-84a1-41dfec3ac142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmgyr4kgoa2u", "content": "\ud83d\udd17 CVE : CVE-2025-54518, CVE-2026-43284, CVE-2026-43500, CVE-2026-46300, CVE-2026-46333", "creation_timestamp": "2026-05-22T13:05:18.717283Z"}, {"uuid": "14649b53-d0d3-4abb-bd5d-890b8b228260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63jtyfc2k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:36.053413Z"}, {"uuid": "0c2e7326-18d4-40ab-9636-e3f16b9ed2e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63jub6k2k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:36.602683Z"}, {"uuid": "c9f53249-6e69-4c92-8369-a0e107b59362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63juc5s2k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:37.242928Z"}, {"uuid": "e126ff6e-2417-4dae-a682-5c3eb258d378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63jud522k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:37.904350Z"}, {"uuid": "e49736fa-bbd9-4fcc-b96d-e5cafa6eb3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63juf3k2k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:38.455380Z"}, {"uuid": "86592e85-afc4-4fb0-95b2-266bbda16065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63jug2s2k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:39.000503Z"}, {"uuid": "894f8ffc-9dad-4b15-8683-29edc968b14c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63juh222k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:39.539793Z"}, {"uuid": "33f2f4cd-7e44-4c9f-b2e6-b85aa188df92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63juh232k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:40.110289Z"}, {"uuid": "d4a7e87d-c5cc-40bc-b2ab-236007e5803d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmh63juhzd2k", "content": "4/ \u26a0\ufe0f CVE-2026-46333 (ssh-keysign-pwn): 9-year Linux kernel flaw dormant since Nov 2016. Unprivileged user \u2192 root access \u2192 steal SSH keys + /etc/shadow. PoC is public. Affects Debian, Fedora, Ubuntu. Update your kernel. Right now.", "creation_timestamp": "2026-05-22T14:40:40.709167Z"}, {"uuid": "42e8c844-00f2-49e7-a5f6-4dc69329dc9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/Linux-Maintainers.activitypub.awakari.com.ap.brid.gy/post/3mmhsvh2fts32", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...\n\n#Vulnerabilities #and #Threat #Research #security #vulnerabilities\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-22T20:53:08.346831Z"}, {"uuid": "144fd36a-2d07-4609-9fa0-f2ee6151d92d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmifqkvtg52v", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45584: 64 interactions\nCVE-2026-45250: 63 interactions\nCVE-2026-46333: 28 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-46333: 13 interactions\nCVE-2026-31431: 6 interactions\nCVE-2026-39821: 6 interactions\n", "creation_timestamp": "2026-05-23T02:31:25.478309Z"}, {"uuid": "c85b172e-cf15-4cdd-ba7c-7b4c34d2e645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/technology-news.bsky.social/post/3mmiqk7l24s2m", "content": "CVE-2026-46333 is a nine-year Linux kernel improper privilege management flaw introduced in November 2016 with a CVSS score of 5.5.", "creation_timestamp": "2026-05-23T05:43:37.072611Z"}, {"uuid": "7ecc3ac9-5c9b-4c22-8461-dcef919b9af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46333", "type": "seen", "source": "https://bsky.app/profile/raptor.infosec.exchange.ap.brid.gy/post/3mmexv3kq4ix2", "content": "#Qualys #Security #Advisory\n\nLogic bug in the #Linux kernel's __ptrace_may_access() function\n(CVE-2026-46333)\n\nhttps://cdn2.qualys.com/advisory/2026/05/20/cve-2026-46333-ptrace.txt", "creation_timestamp": "2026-05-21T17:44:28.337920Z"}, {"uuid": "eaba4af3-7c5c-4a3d-87b0-f002cea62e61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46333", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mmf2e4h5zo2u", "content": "CVE-2026-46333: Linux Kernel ptrace Race Condition Allows Local Information D...\n\nCVE-2026-46333 (ssh-keysign-pwn) is a Linux kernel race condition in ptrace's exit path. It allows unpr...\n\n\ud83d\udd17 https://ipsec.live/blog/2026-05-21-cve-2026-46333-linux-kernel-ptrace-race\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-21T18:28:29.531605Z"}, {"uuid": "96acc9fa-4b34-4c1d-a6ed-2af366c84517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/Linux-Maintainers.activitypub.awakari.com.ap.brid.gy/post/3mmf2qo373kc2", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...\n\n#Vulnerabilities #and #Threat #Research #security #vulnerabilities\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-21T18:35:42.252793Z"}, {"uuid": "48617c39-e751-45fc-a44d-9c0d6bbf5547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mmf5iibufo22", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...\n\n#Vulnerabilities #and #Threat #Research #security #vulnerabilities\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-21T19:24:50.583323Z"}, {"uuid": "e18ecb53-36d2-4924-83ff-28f812ce2795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/calculito.bsky.social/post/3mmgxbdvqn32y", "content": "\ud83d\udd34 Qualys flagged a local logic flaw in the Linux kernel (CVE-2026-46333), potentially letting unprivileged users mess with memory access. Just another day in the world of cybersecurity where the gaps keep showing up. #LinuxFlaw #mikronews", "creation_timestamp": "2026-05-22T12:38:34.987597Z"}, {"uuid": "f51ced41-fc1f-4fc3-af16-96fe99a438f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://gist.github.com/ichintu/5cc436746984e120454764f225990464", "content": "**Key take\u2011aways**\n\n**Microsoft \u2013 Active Exploitation of Defender Vulnerabilities**  \n- CVE\u20112026\u201141091 & CVE\u20112026\u201145498 in the Defender ecosystem are being actively exploited.  \n- Both issues carry CVSS scores (exact values can be found in the article).  \n- Published\u202fMay\u202f22\u202f2026; full article includes a link, plus additional CVEs referenced:  \n  CVE\u20112026\u201120223, CVE\u20112026\u201145584, CVE\u20112026\u201145829, CVE\u20112026\u20115140, CVE\u20112026\u201133825, CVE\u20112010\u20110806, CVE\u20112010\u20110249, CVE\u20112009\u20113459, CVE\u20112009\u20111537, CVE\u20112008\u20114250.  \n\n**Microsoft \u2013 Temporary Script for Windows\u202fBitLocker Leak**  \n- Vulnerability allows a physically\u2011present attacker to read encrypted data.  \n- CVE\u20112026\u201145585.  \n- Microsoft released a script that blocks the data leak.  \n- Publication\u202fMay\u202f22\u202f2026 (approx. 2\u202fh\u202f19\u202fmin ago).  \n\n**Linux \u2013 Local Attackers Steal SSH Keys & Run Root Code**  \n- CVE\u20112026\u201146333 enables local attackers to exfiltrate SSH keys and execute code with root privileges.  \n- Patches and mitigations are available; administrators urged to deploy promptly.  \n- Published\u202fMay\u202f22\u202f2026 (\u2248\u202f2\u202fh\u202f40\u202fmin ago).  \n- CVE details at: https://cvefeed.io/vuln/detail/CVE-2026-46333  \n\n**Cisco Secure Workload \u2013 CVE\u20112026\u201120223**  \n- Critical flaw with a CVSS rating of 10.0; affects the Secure Workload platform.  \n- Cisco has issued a patch.  \n- Publication\u202fMay\u202f22\u202f2026.  \n- Related CVE\u20112026\u20115140 also mentioned.  \n\n**INJ3CTOR3 \u2013 Advanced FreePBX Attacks**  \n- Campaign uses the JOMANGY webshell; attributed with high confidence to threat actor INJ3CTOR.  \n- Publication\u202fMay\u202f22\u202f2026 (\u2248\u202f3\u202fh\u202f28\u202fmin ago).  \n- Highlights vulnerabilities exploited in the attacks.  \n\n**CVE\u20112026\u201125606 \u2013 SQL Injection in STER**  \n- Improper input sanitization in STER\u2019s search filters allows authenticated attackers to inject SQL and exfiltrate data.  \n- Severity: 8.7 (HIGH).  \n- Fixed in version\u202f9.5.  \n- Published\u202fMay\u202f22\u202f2026.  \n\n**AI Strategy in OT \u2013 Lessons from the Field**  \n- Legacy Windows\u202f7 laptops remain the sole link to industrial control systems, lacking patches or EDR.  \n- Dragos data: <10\u202f% of OT networks have meaningful monitoring; in 30\u202f% of incidents investigation begins with a floor\u2011level alert.  \n- AI fails when it never receives real OT telemetry; the CIA triangle is inverted\u2014availability is paramount.  \n- Passive network monitoring is essential; active polling risks crashing legacy controllers.  \n- Focus on \u201ccrown jewel\u201d processes (the three processes a plant cannot afford to lose for an hour) instead of blanket AI rollouts.  \n- Recommendations: inventory physical floor, segment the network, collect passive Level\u202f0\u20112 telemetry, then overlay AI.  \n\n**Kimwolf DDoS Botnet \u2013 Canadian Arrest**  \n- DOJ announced arrest of a Canadian citizen allegedly operating the Kimwolf DDoS botnet.  \n- Individual: Jacob Butler (aka \u201cDort\u201d), 23, Ottawa, Canada.  \n- Charged with developing and operating the botnet; Kimwolf identified as a variant of AISURU.", "creation_timestamp": "2026-05-22T12:00:42.000000Z"}, {"uuid": "b07d2294-0a1f-46ea-8a3b-f9df1d489f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmgyri3mmq2x", "content": "\ud83d\udd17 CVE : CVE-2026-31499, CVE-2026-43088, CVE-2026-43109, CVE-2026-43220, CVE-2026-43490, CVE-2026-46333", "creation_timestamp": "2026-05-22T13:05:30.987237Z"}, {"uuid": "e2fdd9a4-37f6-4df0-bdcd-37e0542fe4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmgyzqwfpo2k", "content": "\ud83d\udd17 CVE : CVE-2026-46333", "creation_timestamp": "2026-05-22T13:10:07.643278Z"}, {"uuid": "de9aadc5-04de-45c4-94f4-bf4578c2e864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mmhh7sxp2sl2", "content": "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CV...\n\n#Vulnerabilities #and #Threat #Research #security #vulnerabilities\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-22T17:24:04.939101Z"}, {"uuid": "2b162fd8-4a19-4c1c-a8b4-7c9dba2afd72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/almalinux.org/post/3mmhkc55lud24", "content": "CVE-2026-46333 patches are live for AlmaLinux 8, 9 & 10. \n\nCommunity testing pushed them from testing \u2192 production faster than we could've managed alone. Get the patched kernels now if you haven't already! almalinux.org/blog/2026-05...", "creation_timestamp": "2026-05-22T18:19:06.339053Z"}, {"uuid": "49349a61-e29e-42c3-9289-8148b341e1bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/insomnisec.bsky.social/post/3mmhvklxchw2i", "content": "\ud83d\udce1 DirtyDecrypt (CVE-2026-31635) and ssh-keysign-pwn (CVE-2026-46333): Sorting Out May's Linux LPE Pair", "creation_timestamp": "2026-05-22T21:40:37.752805Z"}, {"uuid": "c2a6fc06-a633-4364-abba-4d64f55ed0c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "Cve-2026-46333", "type": "seen", "source": "https://bsky.app/profile/mineabot.xyz/post/3mmhwngrmjb2s", "content": "Cve-2026-46333 details a logic bug found in the Linux kernel\u2019s __ptrace_may_access() function. This impacts debugging capabilities and could potentially allow privilege escalation. Patches are rolling out now; system administrators should review...\n\n#devops #linux #sre", "creation_timestamp": "2026-05-22T22:00:07.183710Z"}, {"uuid": "fe44e392-9b51-4609-a500-97095b934691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmkwa6j64z2e", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45584: 65 interactions\nCVE-2026-45250: 64 interactions\nCVE-2026-46333: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-69: 18 interactions\nCVE-2026-20223: 3 interactions\nCVE-2026-41091: 3 interactions\n", "creation_timestamp": "2026-05-24T02:30:41.542652Z"}, {"uuid": "35bc095e-ea5e-4f7a-ad78-9a266d50fd17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mml5xohpk572", "content": "Oracle Linux 9 Kernel Important ptrace Issue ELSA-2026-50280 CVE-2026-46333 The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:\n\n#Oracle #Linux #Distribution #- #Security #Advisories\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-24T04:49:08.352050Z"}, {"uuid": "82b9eb77-81ac-41b2-af78-8282c99c3742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://mastodon.social/users/knoppix95/statuses/116628399794111630", "content": "Researchers disclosed CVE-2026-46333, a Linux kernel flaw present since 2016 that enables local users to access sensitive files and execute commands as root. \ud83d\udc27Qualys said Debian, Fedora and Ubuntu default installs are affected, while admins are urged to patch kernels and rotate exposed SSH keys. \ud83d\udd11\n\ud83d\udd17 https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html\n#TechNews #Linux #Kernel #CVE202646333 #CVE #Cybersecurity #Qualys #Ubuntu #Debian #Fedora #OpenSource #FOSS #Security #Exploit #Infosec #SysAdmin #Privacy #SSH #Admin", "creation_timestamp": "2026-05-24T07:38:02.535708Z"}, {"uuid": "5469c4e6-46f0-4ee0-8a9c-22342b1e6658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mmjp7ulgujz2", "content": "\u0412 Linux \u0431\u0435\u0448\u0435 \u043e\u0442\u043a\u0440\u0438\u0442\u0430 \u043f\u043e\u0440\u0435\u0434\u043d\u0430\u0442\u0430 \u0441\u0435\u0440\u0438\u043e\u0437\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442 \u2013 \u0442\u044f \u0441\u044a\u0449\u0435\u0441\u0442\u0432\u0443\u0432\u0430 \u043e\u0442 \u0446\u0435\u043b\u0438 10 \u0433\u043e\u0434\u0438\u043d\u0438 \u0412 Linux \u0431\u0435\u0448\u0435 \u043e\u0442\u043a\u0440\u0438\u0442\u0430 \u043f\u043e\u0440\u0435\u0434\u043d\u0430 ...\n\n#IT #\u041d\u043e\u0432\u0438\u043d\u0438 #CVE-2026-46333 #Linux #\u043a\u0438\u0431\u0435\u0440\u0441\u0438\u0433\u0443\u0440\u043d\u043e\u0441\u0442 #\u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430 #\u0441\u0438\u0441\u0442\u0435\u043c\u0430 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-23T14:52:39.620858Z"}, {"uuid": "e74b505d-fcf6-4927-a6e2-a65351e63646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46333", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/9053", "content": "\ud83d\uded1 [New] 9-Year-Old Linux Kernel Bug = Local Root on Default Debian, Ubuntu & Fedora.\n\nhttps://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html\n\nCVE-2026-46333 (ssh-keysign-pwn) lets any unprivileged user steal /etc/shadow + SSH host keys and run commands as root.\n\n\ud83d\udd38 Public PoC available\n\ud83d\udd38 Patch your kernel NOW\n\ud83d\udd38 Quick temp fix - sysctl kernel.yama.ptrace_scope=2", "creation_timestamp": "2026-05-21T07:42:55.000000Z"}]}