Book a meeting

› 13:56:22 CCB CVE-2026-10520 CRITICAL ROOT-LEVEL REMOTE CODE EXECUTION AND AUTHENTICATION BYPASS V… · › 12:41:29 CCB — Belgium tests cyber crisis response during Cyber Europe 2026 · › 12:35:37 CCB — Safeonweb fairy tales win another award · › 11:30:53 BSI — Synacor Zimbra: Schwachstelle ermöglicht nicht spezifizierten Angriff · › 11:25:52 BSI CVE-2026-49980 rclone: Schwachstelle ermöglicht Ausführen von beliebigem Programmcod… · › 11:15:54 BSI CVE-2026-48914 QEMU: Schwachstelle ermöglicht Denial of Service · › 11:15:53 BSI — MISP: Mehrere Schwachstellen · › 11:05:53 BSI CVE-2026-11933 MongoDB: Schwachstelle ermöglicht Denial of Service und Offenlegung v… · › 11:00:53 BSI CVE-2026-3329 Sonatype Nexus Repository Manager: Schwachstelle ermöglicht Offenlegu… · › 11:00:53 BSI CVE-2026-53966 xwiki (Live Data): Schwachstelle ermöglicht Privilegieneskalation · › 11:00:00 CERT.PL — UNC1151/Ghostwriter phishing campaign targeting Gmail accounts · › 10:55:53 BSI CVE-2026-7870 IBM i: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode… ·

← Back to console

Critical CCB · Belgium CVE-2026-10520

CRITICAL ROOT-LEVEL REMOTE CODE EXECUTION AND AUTHENTICATION BYPASS V…

Published 12 June 2026 at 13:56

Description

CVE-2026-10520 is an OS command injection vulnerability with a maximum CVSS score of 10.0 that can be exploited remotely without authentication to execute arbitrary code with root privileges. CVE-2026-10523 is an authentication bypass vulnerability (CVSS:3.1 9.9) that allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access. The flaw enables attackers to circumvent normal authentication mechanisms, fundamentally undermining the security model of the system.