Security Bulletin
20 May 2026
Biztonsági szemle
CVE-2026-5946: Invalid handling of CLASS != IN
CVE: CVE-2026-5946 Title: Invalid handling of CLASS != IN Document version: 2.0 Posting date: 20 May 2026 Program impacted: BIND 9 Versions affected: BIND 9.11.0 -> 9.16.50 9.18.0 -> 9.18.48 9.20.0 -> 9.20.22 9.21.0 -> 9.21.21 BIND Supported Preview...
20 May 2026
Biztonsági szemle
CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records
CVE: CVE-2026-3592 Title: Amplification vulnerabilities via self-pointed glue records Document version: 2.0 Posting date: 20 May 2026 Program impacted: BIND 9 Versions affected: BIND 9.11.0 -> 9.16.50 9.18.0 -> 9.18.48 9.20.0 -> 9.20.22 9.21.0 -> 9...
20 May 2026
Biztonsági szemle
CVE-2026-3593: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVE: CVE-2026-3593 Title: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation Document version: 2.0 Posting date: 20 May 2026 Program impacted: BIND 9 Versions affected: BIND 9.20.0 -> 9.20.22 9.21.0 -> 9.21.21 BIND Supported...
20 May 2026
Biztonsági szemle
CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVE: CVE-2026-3039 Title: BIND 9 server memory exhaustion during GSS-API TKEY negotiation Document version: 2.0 Posting date: 20 May 2026 Program impacted: BIND 9 Versions affected: BIND 9.0.0 -> 9.16.50 9.18.0 -> 9.18.48 9.20.0 -> 9.20.22 9.21.0 ->...
20 May 2026
Biztonsági szemle
Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East
While the numbers are modest, the crackdown on cybercrime involved 13 countries in the MENA region, the largest law enforcement collaboration to date.
20 May 2026
Biztonsági szemle
What It'll Take to Make AI BOMs Usable in a Modern Security Program
Five ways CISOs can prepare for consuming AI Bill of Materials and influence the direction of how they're generated.
20 May 2026
Biztonsági szemle
ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
20 May 2026
Biztonsági szemle
What Will Make AI BOMs Real?
A brief overview of the forces at play that will get more organizations on board with creating and consuming AI bill of materials (BOMs).
19 May 2026
Biztonsági szemle
Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut
Verizon's "2026 Data Breach Investigations Report" ("DBIR") finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys.
19 May 2026
Biztonsági szemle
Windows Zero-Day Barrage Continues After Patch Tuesday
YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.
19 May 2026
Biztonsági szemle
CISA Exposes Secrets, Credentials in 'Private' Repo
The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."
19 May 2026
Biztonsági szemle
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.