This Week in Security: Ubiquiti Fixes, and FreeBSD Joins the Club you Don’t Want to Join
Ubiquiti has released a security bulletin addressing six vulnerabilities, including critical issues that could allow unauthorized access and command execution. FreeBSD has also reported a new root exploit that could lead to kernel stack overflow attacks. Additionally, a coordinated takedown of the Glassworm botnet has disrupted its operations targeting open source package repositories.
- ▪Ubiquiti's security bulletin details fixes for six vulnerabilities, including one rated 9.1 and another scoring a perfect 10.0 on the CVE risk scale.
- ▪The FatGid vulnerability in FreeBSD allows for a kernel stack overflow without needing to manipulate disk cache.
- ▪CrowdStrike, Google, and the ShadowServer Foundation have successfully disrupted the Glassworm supply-chain botnet's control infrastructure.
Opening excerpt (first ~120 words) tap to expand
This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join No comments by: Mike Kershaw May 29, 2026 Title: Copy Short Link: Copy Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities range from path traversal revealing configuration files (escaping from the web server by requesting a path like “../../../../../etc/passwd” for instance), to command injection (running arbitrary shell commands on the system), and actually changing device configurations. Some of the reported vulnerabilities require an account on the management server, but some only require network access .
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Hackaday.
Discussion
0 commentsMore from Hackaday
