EresusSecurity

Security Advisories

Vulnerabilities and coordinated disclosures published by the Eresus research team.

eresus-adv-2026-007HighCVSS 7.8

Fragnesia: Linux Kernel XFRM ESP-in-TCP Local Privilege Escalation (CVE-2026-46300)

Fragnesia (CVE-2026-46300) is a Linux kernel local privilege escalation vulnerability in the XFRM ESP-in-TCP subsystem disclosed May 14, 2026. Third in a series following Copy Fail and Dirty Frag. Discovered by William Bowling (Zellic) and the V12 security team. Patch available.

2026-05-17
eresus-adv-2026-006HighCVSS 7.8

Dirty Frag: Linux Kernel Local Privilege Escalation via xfrm-ESP and RxRPC (CVE-2026-43284, CVE-2026-43500)

Dirty Frag (CVE-2026-43284, CVE-2026-43500) is a chained Linux kernel local privilege escalation vulnerability exploiting page-cache write primitives in the xfrm-ESP (IPsec) and RxRPC subsystems. Microsoft Defender confirmed limited active exploitation. Patch available; module blocklist workaround provided.

2026-05-17
mcphub-unauthenticated-rce-via-server-registrationCriticalCVSS 10

Unauthenticated Remote Code Execution via Arbitrary Command Injection in MCPHub Server Registration

MCPHub accepts attacker-controlled command and args values during server registration and spawns them through STDIO, enabling full remote code execution on the host.

2026-04-16
mcphub-sse-username-impersonationCriticalCVSS 9.1

SSE Endpoint Accepts Arbitrary Username from URL Path, Enabling User Impersonation in MCPHub

MCPHub accepts an attacker-controlled username from the SSE URL path and creates internal user context without authenticating or validating the account, enabling user impersonation.

2026-04-16
mcphub-skipauth-authentication-bypassCriticalCVSS 9.8

Authentication Bypass via skipAuth Configuration Grants Full Admin Access in MCPHub

When skipAuth is enabled, MCPHub bypasses both authentication and admin authorization checks, allowing any unauthenticated user to access privileged API functionality.

2026-04-16
eresus-adv-2026-005CriticalCVSS 9.8

Remote Code Execution via nodeIntegration: true in Cherry Studio SearchService

Cherry Studio SearchService creates hidden Electron BrowserWindow instances with nodeIntegration enabled, allowing attacker-controlled web pages to execute OS commands.

2026-04-14
eresus-adv-2026-004CriticalCVSS 8.6

Zero-Day Analysis: Authenticated SSRF in n8n-mcp (GHSA-4ggg-h7ph-26qr)

Authenticated SSRF in n8n-mcp multi-tenant HTTP mode allows attackers with a valid token to force server-side requests to internal and cloud metadata resources.

2026-04-09
eresus-adv-2026-003CriticalCVSS 9.8

Critical Authentication Bypass via JWT Signature Verification Disabled in yargi-mcp

yargi-mcp decodes Clerk JWT tokens with signature verification disabled, enabling authentication bypass, forged identities, and arbitrary scope escalation.

2026-04-04
eresus-adv-2026-002HighCVSS 8.6

ERESUS-ADV-2026-002: Server-Side Request Forgery (SSRF) via Cloud Metadata Endpoints

Server-side request forgery in cloud-hosted URL fetch flows can expose metadata services, temporary IAM credentials, and internal configuration.

2026-03-28
eresus-adv-2026-001CriticalCVSS 9.8

Critical RCE Vulnerability in Legacy Enterprise Gateway

Unauthenticated remote code execution in a legacy enterprise API gateway allows command execution with root privileges through crafted forwarding headers.

2026-03-15