Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First reported
Last updated
Happening score
H score 49
2 unique sources, 2 articles

Summary

Hide ▲

CISA added CVE-2026-31431 to its KEV catalog, putting Federal Civilian Executive Branch (FCEB) agencies on notice to remediate an actively exploited Linux privilege-escalation flaw. The action matters because the bug can let an unprivileged local user gain root on affected systems. Agencies were told to apply fixes by May 15, 2026.

Related Happenings

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Langflow and Trend Micro Apex One exploited flaws (multiple vulnerabilities)

Vulnerability
First: 22.05.2026 08:47 Last: 22.05.2026 08:47 Sources 1

About this happening: **CISA** added **CVE-2025-34291** in **Langflow** and **CVE-2026-34926** in **Trend Micro Apex One** to the **KEV catalog** after evidence of **active exploitation**. The Langflow...

Open Happening

Linux kernel improper privilege management flaw (CVE-2026-46333)

Vulnerability
First: 21.05.2026 10:35 Last: 21.05.2026 10:35 Sources 1

About this happening: A **Linux kernel** privilege-management flaw, **CVE-2026-46333**, can let **unprivileged local users** on **Debian, Fedora, and Ubuntu** disclose **/etc/shadow** and **SSH host ke...

Open Happening

Linux kernel RDS PinTheft local privilege escalation flaw (public PoC)

Vulnerability
First: 20.05.2026 13:52 Last: 20.05.2026 13:52 Sources 1

About this happening: **PinTheft** now has a **public PoC exploit**, turning a recently patched **Linux kernel RDS** flaw into a practical **local privilege escalation** risk for **Arch Linux** systems...

Open Happening

Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)

Vulnerability
First: 18.05.2026 10:18 Last: 18.05.2026 10:18 Sources 1

About this happening: A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...

Open Happening

Timeline

  1. 03.05.2026 09:26 1 articles · 24d ago

    CISA adds CVE-2026-31431 to KEV catalog

    Initial Disclosure

    CISA added CVE-2026-31431, a Linux kernel local privilege escalation flaw also tracked as Copy Fail, to the Known Exploited Vulnerabilities catalog after evidence of active exploitation in the wild.

    Show sources
    Open in new tab
  2. 03.05.2026 09:26 1 articles · 24d ago

    Researchers detail Copy Fail exploit mechanics and testing

    Technical Analysis Update

    Security researchers described Copy Fail as a Linux kernel logic bug that can be triggered with a 732-byte Python-based exploit to corrupt the page cache and elevate a local user to root; Kaspersky said Go and Rust proof-of-concept variants were already in open-source repositories, and Microsoft Defender Security Research Team reported preliminary testing activity.

    Show sources
    Open in new tab
  3. 03.05.2026 09:26 2 articles · 24d ago

    FCEB remediation deadline set for May 15, 2026

    Legal Policy Action Update

    Federal Civilian Executive Branch agencies were advised to apply fixes for CVE-2026-31431 by May 15, 2026 after impacted Linux distributions pushed updates; if patching was not immediate, organizations were told to disable the affected feature, isolate systems, and enforce access controls.

    Show sources
    Open in new tab