cybr.cx | Daily Digest — April 24, 2026

Critical Vulnerabilities

CVE-2026-41455 — WeKan (before 8.35) | CVSS 8.5 | HIGH
WeKan's webhook integration accepts arbitrary URLs with no protocol or destination validation, meaning any authenticated user who can create or modify an integration can point webhook callbacks at internal network addresses. This is a classic SSRF vector for pivoting into private infrastructure — cloud metadata endpoints included. Patch to 8.35 immediately and audit existing webhook configurations for suspicious internal URLs.

CVE-2026-41461 — SocialEngine (≤7.8.0) | CVSS 8.5 | HIGH
A blind SSRF in the /core/link/preview endpoint lets authenticated users pass arbitrary URIs — including loopback and RFC 1918 addresses — directly into outbound HTTP requests. No sanitisation whatsoever. The "blind" nature makes it harder to detect in logs and harder to diagnose once exploited. Restrict or firewall the endpoint at the perimeter while awaiting a vendor patch.

CVE-2026-41454 — WeKan (before 8.35) | CVSS 8.3 | HIGH
A missing authorisation flaw in WeKan's Integration REST API allows standard board members to enumerate, create, modify, and delete integrations — actions that should require admin privileges. Paired with CVE-2026-41455 above, an attacker with basic board access can both read existing webhook URLs and plant malicious ones. One more reason to treat the 8.35 update as urgent.

CVE-2026-40517 — radare2 (before 6.1.4) | CVSS 7.8 | HIGH
A command injection flaw in radare2's PDB parser allows a crafted PDB file containing newline characters in symbol names to inject and execute arbitrary radare2 commands when the file is analysed. Reverse engineers regularly open untrusted binaries — exactly the scenario this targets. Update to 6.1.4 and treat unknown PDB files as hostile inputs.

CVE-2026-33999 / CVE-2026-34001 / CVE-2026-34003 — X.Org X Server | CVSS 7.8 | HIGH
Three separate memory-safety flaws hit the X.Org X server this cycle: an integer underflow in XKB compatibility map handling (33999), a use-after-free in XSYNC fence logic (34001), and an out-of-bounds read in XKB key types request validation (34003). Each can lead to DoS or memory corruption; the use-after-free in particular carries potential for further system compromise. Linux desktop environments, thin clients, and anything running a remote X session should prioritise patching.

CVE-2026-3621 — IBM WebSphere Liberty (17.0.0.3–26.0.0.4) | CVSS 7.5 | HIGH
Under specific conditions — where an application is deployed without authentication and authorisation configured — WebSphere Liberty is vulnerable to identity spoofing. The precondition narrows real-world exposure, but misconfigured Liberty deployments are common enough to warrant a sweep. Check deployment configs and apply IBM's fix.

Headline News

Anthropic's Restricted AI Model Accessed by Unauthorised Users
Anthropic's high-capability Mythos model — not yet in general release — was accessed by a small number of unauthorised individuals who apparently exploited a combination of contractor-linked credentials and open-source intelligence to find their way in. Anthropic says it is investigating and has seen no evidence of access beyond a limited group, but the incident raises uncomfortable questions about how AI labs manage access tiers for frontier models still under internal evaluation. For security practitioners, the story is a reminder that "restricted" and "air-gapped from curious people" are not synonyms, and that contractor access chains are perennially under-scrutinised. As AI capabilities accelerate, the attack surface around model access — not just model outputs — is becoming a serious operational concern.

Apple Patches iOS Bug That Retained Deleted Notification Data
Apple pushed an out-of-band update to iOS and iPadOS to fix a flaw in Notification Services that caused notification content to persist on-device even after users believed it had been deleted. The real-world significance became apparent when it emerged the bug had enabled recovery of deleted Signal message notifications — the kind of forensic capability typically associated with state-level adversaries and specialist tooling, not a default iOS behaviour. For users relying on Signal's disappearing messages as a genuine operational security measure, this is a sharp reminder that the security of any messaging app is bounded by the security of the OS it runs on. Apple's rapid out-of-band release signals they treated this seriously; users should apply the update without delay and audit what notification data their devices may have retained.

Bitwarden CLI Targeted in Active npm Supply Chain Campaign
A supply chain attack linked to an ongoing Checkmarx campaign has targeted the Bitwarden CLI via malicious npm packages designed to mimic or intercept legitimate tooling. The implications are particularly sharp here: Bitwarden CLI is used to programmatically access password vaults in CI/CD pipelines and developer workflows, meaning a compromised package could silently exfiltrate credentials at scale. This fits a broader pattern of attackers going after developer tooling rather than end-user software — the blast radius of a compromised CLI used in automation far exceeds that of a single infected machine. Security teams should audit their npm dependency trees, verify package integrity against known-good hashes, and treat any pipeline touching secrets managers with heightened scrutiny.

Schrödinger's Feed

MIT researchers have demonstrated a new chip design capable of running post-quantum cryptographic algorithms on energy-constrained edge devices — think biomedical implants, sensors, and IoT hardware that currently lack the compute budget for PQC. The efficiency gains reportedly make previously impractical algorithms viable on hardware that runs on microwatts. This matters because the PQC migration conversation has largely centred on servers and endpoints, quietly leaving an enormous tail of low-power connected devices exposed. Practitioners working on IoT security or medical device assurance should watch this space closely — the "too constrained for PQC" objection is starting to lose its footing.

/dev/random

In a deeply ironic twist, the Bitwarden CLI — software whose entire purpose is to keep your secrets safe — was itself compromised in an npm supply chain attack, making it today's entry in the "weapons-grade awkward" category. To be clear: this is genuinely serious and covered properly above. But one does have to appreciate the adversarial poetry of targeting a password manager's CLI via a package manager with a long and distinguished history of being exactly this kind of attack surface. The lesson, as always: trust nothing you installed without verifying, including the thing you use to store your proof of trust. Security is turtles all the way down, and apparently some of those turtles have been substituted.