cybr.cx — Daily Digest | April 18, 2026

Critical Vulnerabilities

CVE-2026-3464 | WP Customer Area Plugin (WordPress) | CVSS 8.8
Authenticated attackers with as little as Subscriber-level access can read or delete arbitrary files on the server through the ajax_attach_file function in versions up to and including 8.3.4. The access requirement is low and configurable by admins, meaning a site with open registration is functionally exposed. Update immediately and audit who has been granted plugin access roles.

CVE-2026-40516 | OpenHarness (pre-commit bd4df81) | CVSS 8.3
A server-side request forgery flaw in the web_fetch and web_search tools allows an attacker who can influence an agent session to pivot into loopback, RFC1918, or link-local addresses — effectively turning your AI agent framework into an internal network scanner. SSRF in agentic tooling is a growing attack surface; patch to post-bd4df81 and enforce strict egress controls at the network layer.

CVE-2026-5718 | Drag and Drop Multiple File Upload for CF7 (WordPress) | CVSS 8.1
A subtle but dangerous misconfiguration flaw: adding custom blacklisted extensions replaces the default dangerous extension denylist rather than appending to it, leaving the door open for arbitrary file uploads in versions through 1.3.9.6. Combined with a bypassed sanitisation function, this is a realistic path to remote code execution. Patch or disable the plugin until updated.

CVE-2026-40515 | OpenHarness (pre-commit bd4df81) | CVSS 7.5
A companion flaw to CVE-2026-40516: incomplete path normalisation in the permission checker allows attackers to invoke grep and glob tools against sensitive root directories, leaking credentials and key material that should be protected by configured path rules. Both OpenHarness CVEs should be treated as a paired fix — one without the other leaves meaningful exposure.

CVE-2026-6506 | dnsmasq (--dhcp-split-relay) | CVSS 7.5
A remotely triggerable out-of-bounds write via a crafted BOOTREPLY packet can crash dnsmasq when the --dhcp-split-relay option is enabled, resulting in denial of service. Any network infrastructure using dnsmasq in relay mode — common in segmented enterprise and IoT environments — should patch promptly and consider temporarily disabling split-relay if exposure is high.

CVE-2026-4659 | Unlimited Elements for Elementor (WordPress) | CVSS 7.5
Path traversal in the URLtoRelative() and urlToPath() functions allows arbitrary file reads via a Repeater widget's JSON/CSV URL parameter in versions up to 2.0.6. Debug output can be enabled in widget settings, making exfiltration trivial once exploited. Another reminder that enabling debug modes on production WordPress installs is never a good idea.

CVE-2026-6490 | QueryMine SMS (≤7ab5a9ea) | CVSS 7.3
A publicly disclosed SQL injection in admin/deletecourse.php via a GET parameter is remotely exploitable and has a working PoC already in the wild. The affected product appears to be a niche LMS-adjacent tool, but any exposed admin interface running this version should be treated as compromised until patched or taken offline.

Headline News

Microsoft Defender "RedSun" Zero-Day PoC Enables SYSTEM Privilege Escalation
A proof-of-concept exploit dubbed "RedSun" has surfaced publicly, targeting Microsoft Defender and enabling attackers to elevate privileges to SYSTEM level on affected Windows machines. The fact that Defender itself — the default endpoint protection layer on most Windows deployments — is the attack surface makes this particularly uncomfortable: the tool designed to stop privilege escalation is the vector for achieving it. At the time of writing, Microsoft has not issued an out-of-band patch, meaning defenders should monitor process creation from Defender components and consider compensating controls around privileged access. This class of vulnerability, where security tooling introduces its own LPE risk, continues to be an underappreciated threat model for enterprise environments.

Critical SSRF Flaw in Anthropic's MCP Protocol Affects Estimated 200,000 Servers
A systemic server-side request forgery vulnerability in Anthropic's Model Context Protocol (MCP) has been identified as affecting an estimated 200,000 servers that have adopted the emerging AI integration standard. MCP is increasingly used to connect large language models to external tools and data sources, and the flaw allows attackers to manipulate those connections to reach internal or restricted services. The scale of exposure reflects how rapidly the protocol has been adopted without the security scrutiny that comes with maturity — a pattern that has historically preceded significant breach events in young ecosystems. For practitioners managing environments where MCP-enabled tooling is deployed, network-level egress controls and input validation on tool parameters should be treated as urgent priorities, not future work.

Russian Crypto Exchange Grinex Halts After $13M Exploit, Blames Foreign Intelligence
Grinex, a Russian cryptocurrency exchange, has suspended trading following what it describes as a $13 million exploit carried out by "Western special services" — state-level foreign intelligence actors. The attribution claim is unverified and consistent with Russia's tendency to frame financially motivated or opportunistic breaches as geopolitical attacks, but the incident is notable regardless of who is responsible. Cryptocurrency exchanges operating under sanctions-adjacent conditions have historically been targeted both by state actors seeking intelligence and by financially motivated threat groups drawn to low-oversight platforms. The incident is a useful reminder that crypto infrastructure remains a high-value target, and that attribution in this space is almost always contested.

Schrödinger's Feed

C12's Carbon Nanotube Roadmap Targets Fault-Tolerant Quantum by 2033
Paris-based C12 has published a four-generation technology roadmap toward commercial fault-tolerant quantum computing, beginning with their Aïdôs system in 2027 and targeting utility-scale capability by 2033. Their approach — using carbon nanotube spin qubits — is a less-travelled path compared to superconducting or trapped-ion architectures, but one that promises better coherence times and scalability at room temperature. Fault tolerance is the critical threshold: it's the point at which quantum error correction outpaces error generation, making Shor's algorithm and other cryptographically relevant computations plausible at scale. Practitioners invested in PQC migration timelines should watch hardware roadmaps like this one closely — the gap between "theoretically possible" and "available to a well-resourced adversary" is narrowing, and 2033 is well within the planning horizon of critical infrastructure.

/dev/random

FIM: The Linux Framebuffer Image Viewer Nobody Asked For (But Here We Are)
FIM — "FBI Improved," a name that presumably causes interesting moments during government security reviews — is a lightweight framebuffer image viewer for Linux that renders images directly to /dev/fb0, bypassing X11, Wayland, and the general tyranny of display servers entirely. It supports vim-style keybindings, scripting, and a frankly unreasonable number of image formats for something that runs in a terminal. The kind of tool that lives on air-gapped analyst workstations and ancient server consoles, quietly doing its job while the rest of the stack catches fire. Respect.