Tag

#kev

2 posts tagged #kev.

Analysis · May 10, 2026 · The Commentary Desk

Array Networks patched in a week and forgot to build a security program

CVE-2023-28461 is a CVSS 9.8 auth bypass on an SSL VPN that Earth Kasha was already exploiting. The fix shipped fast. The disclosure infrastructure around it doesn't exist.
Analysis · May 8, 2026 · The Field Notes Desk

Your LiteLLM proxy needs to be on 1.83.10 by May 11

CISA gave a three-day deadline on a pre-auth SQL injection in LiteLLM. The patch is one version bump; the rotation work after it is the real job.