Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First reported
Last updated
Happening score
H score 37
2 unique sources, 2 articles

Summary

Hide ▲

CISA added CVE-2026-31431 to its KEV catalog, putting Federal Civilian Executive Branch (FCEB) agencies on notice to remediate an actively exploited Linux privilege-escalation flaw. The action matters because the bug can let an unprivileged local user gain root on affected systems. Agencies were told to apply fixes by May 15, 2026.

Related Happenings

Linux kernel GhostLock root privilege escalation (CVE-2026-43499)

Vulnerability
H score28 First: 08.07.2026 09:16 Last: 08.07.2026 09:16 Sources 1

About this happening: Researchers disclosed **GhostLock (CVE-2026-43499)**, a **Linux kernel** use-after-free that can let a **logged-in local user** gain **full root control** on unpatched systems. Th...

Linux kernel Bad Epoll use-after-free privilege-escalation flaw (CVE-2026-46242)

Vulnerability
H score23 First: 03.07.2026 22:40 Last: 03.07.2026 22:40 Sources 1

About this happening: **Bad Epoll (CVE-2026-46242)** is a newly disclosed **Linux kernel** use-after-free flaw that can let an **unprivileged local user** gain **root** on affected systems. It affects...

Linux kernel act_pedit out-of-bounds write security flaw (CVE-2026-46331)

Vulnerability
H score30 First: 26.06.2026 16:00 Last: 26.06.2026 16:00 Sources 1

About this happening: A **Linux kernel** traffic-control flaw, **CVE-2026-46331**, lets a **local unprivileged user** gain **root** by abusing an **out-of-bounds write** in **act_pedit**. A **public wo...

Linux kernel DirtyClone privilege escalation (CVE-2026-43503)

Vulnerability
H score29 First: 26.06.2026 14:51 Last: 26.06.2026 14:51 Sources 1

About this happening: **CVE-2026-43503** in the **Linux kernel** gives a local user a path to **root** on affected systems, including **multi-tenant servers**, **CI runners**, **container hosts**, and...

Linux kernel maintainers security patch release for CVE-2026-43503

Security Patch Release
H score34 First: 26.06.2026 14:51 Last: 26.06.2026 14:51 Sources 1

About this happening: **Linux kernel** merged and shipped the **DirtyClone** security fix for **CVE-2026-43503**, closing a **CVSS 8.8** local privilege-escalation path that could let affected systems...

Timeline

  1. 03.05.2026 09:26 1 articles · 2mo ago

    CISA adds CVE-2026-31431 to KEV catalog

    Initial Disclosure

    CISA added CVE-2026-31431, a Linux kernel local privilege escalation flaw also tracked as Copy Fail, to the Known Exploited Vulnerabilities catalog after evidence of active exploitation in the wild.

    Show sources
  2. 03.05.2026 09:26 1 articles · 2mo ago

    Researchers detail Copy Fail exploit mechanics and testing

    Technical Analysis Update

    Security researchers described Copy Fail as a Linux kernel logic bug that can be triggered with a 732-byte Python-based exploit to corrupt the page cache and elevate a local user to root; Kaspersky said Go and Rust proof-of-concept variants were already in open-source repositories, and Microsoft Defender Security Research Team reported preliminary testing activity.

    Show sources
  3. 03.05.2026 09:26 2 articles · 2mo ago

    FCEB remediation deadline set for May 15, 2026

    Legal Policy Action Update

    Federal Civilian Executive Branch agencies were advised to apply fixes for CVE-2026-31431 by May 15, 2026 after impacted Linux distributions pushed updates; if patching was not immediate, organizations were told to disable the affected feature, isolate systems, and enforce access controls.

    Show sources