Corrections log
Corrections & Updates
Vulnerability details change after publication. This page records material updates so readers can see what changed, when it changed, and whether the recommendation changed.
-
Changed: 2026-05-04 12:00 UTC
Copy Fail (CVE-2026-31431) article
- What changed
- Corrected RHEL mitigation guidance: the modprobe rule (echo “install algif_aead /bin/false”) does not work on RHEL because RHEL compiles algif_aead into the kernel (CONFIG_CRYPTO_USER_API_AEAD=y). Added the initcall_blacklist boot parameter as the correct RHEL workaround. Also refreshed distro patch status (SUSE now patched, Ubuntu shipped kmod mitigation USN-8226-1) and added the CrowdStrike Jenkins incident as the first confirmed in-the-wild exploitation.
- Recommendation impact
- Yes. RHEL users following the original modprobe mitigation were unprotected. The correct mitigation for RHEL is the initcall_blacklist boot parameter or a seccomp policy blocking AF_ALG socket creation.
-
Changed: 2026-05-04 14:00 UTC
cPanel (CVE-2026-41940) article
- What changed
- Added post-disclosure exploitation section: 44,000+ hosts confirmed compromised (Shadowserver), three parallel campaigns identified (Sorry ransomware, Mirai nuclear.x86 botnet, Southeast Asian espionage targeting Philippine military and Lao government via AdaptixC2). Added CISA KEV listing (April 30, May 21 federal deadline). Expanded IOCs and post-exploitation detection guidance. Corrected timeline detail: staging server active since March 8, seven weeks before the advisory (not three).
- Recommendation impact
- Expanded. Original advice to scan for compromise indicators now includes specific post-exploitation artifacts: .sorry file extension, Mirai hash, AdaptixC2 outbound connections to 95.111.250[.]175 on ports 4444/4455/1194.
-
Changed: 2026-05-02 09:15 UTC
Methodology page
- What changed
- Added a dedicated “Corrections & Updates” page with structured entries and clear change fields.
- Recommendation impact
- No recommendation changed. This update improves transparency around future recommendation changes.