cybr.cx | Daily Digest — May 11, 2026

Critical Vulnerabilities

CVE-2026-8234 — EFM ipTIME A8004T Router (CVSS 8.8) A remotely exploitable stack-based buffer overflow lives in the formWifiBasicSet function of the WifiBasicSet endpoint on firmware 14.18.2. An attacker can trigger it by manipulating the security_5g argument — no physical access required. A public exploit already exists and the vendor has not responded to disclosure. If you have these routers on your network, isolate them now.

CVE-2021-47935 — Sentry 8.2.0 (CVSS 8.8) Authenticated superusers can achieve remote code execution by injecting malicious pickle-serialised objects through the audit log entry data parameter. A crafted POST request to the admin audit log endpoint carrying a base64-encoded compressed pickle payload is enough to run arbitrary commands at application privilege level. Pickle deserialisation as an attack vector is an old story — that it still shows up in production tooling is the real vulnerability.

CVE-2021-47949 — CyberPanel 2.1 (CVSS 8.8) The filemanager controller is vulnerable to symlink attacks via the completeStartingPath parameter, allowing authenticated attackers to read arbitrary files — including database credentials — and escalate to full RCE. CyberPanel has a history of critical vulnerabilities being actively weaponised in the wild. Treat any internet-exposed instance as compromised until patched.

CVE-2021-47937 / CVE-2021-47938 / CVE-2021-47939 / CVE-2021-47943 / CVE-2022-50944 — Multiple CMS Platforms (CVSS 8.8 each) A batch of RCE vulnerabilities affects e107 CMS 2.3.0, ImpressCMS 1.4.2, Evolution CMS 3.1.6, TextPattern CMS 4.8.7, and Aero CMS 0.0.1. All share the same pattern: authenticated users with elevated permissions (theme installer, module creator, file uploader) can deploy web shells or inject PHP. If you're running any of these platforms — especially on shared hosting — verify your user trust model and check for unexpected files in theme and upload directories.

Headline News

A college student stopped four high-speed trains in Taiwan using a software-defined radio. The incident, which has drawn significant attention in security circles, stems from a cryptographic failure that had been accumulating risk for 19 years: the rail system's authentication keys had never been rotated. The student reportedly intercepted and replicated control signals with commodity SDR hardware, disrupting rail operations without any insider access or sophisticated tooling. This is a near-perfect case study in why "it hasn't failed yet" is not a security posture — legacy OT and transport systems frequently carry cryptographic debt that looks manageable right up until it isn't. For practitioners working in critical infrastructure or ICS/SCADA environments, this is worth a hard look at your own key rotation policies and RF attack surface.

A proposal is circulating in the Linux kernel community to introduce a "killswitch" mechanism following a series of high-profile vulnerability disclosures that have highlighted how difficult it is to rapidly neutralise a compromised or malicious kernel subsystem. The concept would allow specific kernel modules or contributors' code to be remotely or administratively disabled without a full kernel update cycle — a recognition that the current patch-and-reboot model is too slow for certain threat scenarios. The proposal is controversial: critics argue it introduces a new centralised control plane that itself becomes an attractive target, while supporters point to the increasing pace of kernel-level exploitation. Nothing is merged yet, but the conversation signals that even the kernel community is feeling the pressure of compressed exploit timelines.

Ollama, the widely-used local LLM inference framework, has an out-of-bounds read vulnerability that allows remote attackers to leak process memory contents — a serious concern given how many developers and organisations are now running Ollama instances exposed beyond localhost. Memory leaks of this class can expose model weights, prompt history, API keys loaded into environment variables, or other sensitive runtime data depending on what the process has in memory at the time. The attack does not require authentication. If you're running Ollama in any environment where the API port is reachable from untrusted networks — including misconfigured cloud deployments — restrict access immediately and review your network exposure.

Schrödinger's Feed

Scientists have transmitted quantum keys across 120 kilometres — a distance that meaningfully closes the gap between quantum key distribution (QKD) lab demonstrations and practical deployment over existing fibre infrastructure. QKD's security guarantee is physics-based: any interception attempt disturbs the quantum state and is detectable in principle, which is a fundamentally different security model from computational hardness assumptions. The milestone matters because many previous long-distance QKD results relied on trusted relay nodes that reintroduced classical attack surface. For practitioners navigating the post-quantum transition, QKD and NIST's PQC standards are complementary rather than competing tracks — and results like this suggest the former is moving from theoretical to deployable faster than most roadmaps assumed.

/dev/random

A post making the rounds argues that local AI should be the default — not the exception — with the core thesis being that routing your queries through a third-party cloud inference endpoint is, functionally, handing an unknown third party a transcript of everything you're thinking about. It's the kind of argument that sounds slightly paranoid until you remember that "send all your documents to our servers for processing" was also once considered normal groupware behaviour. The irony is that the same SDR-wielding, pickle-deserialising, web-shell-uploading threat landscape covered above is what makes centralised AI infrastructure an increasingly interesting target. Local inference isn't perfect security — but it does keep your threat model pleasingly simple.