Five CVEs to Patch Now: June 2026 Roundup

Five significant vulnerabilities disclosed this week span Linux kernels, Microsoft Outlook, NGINX, and VMware Fusion — with at least two showing signs of active exploitation and one carrying a CVSS score of 9.2. Microsoft’s June 2026 Patch Tuesday addressed 137 flaws in total, while separate disclosures from Broadcom and F5 added urgency for system administrators managing mixed infrastructure.

Dirty Frag: Linux Privilege Escalation Already Under Attack

A local privilege escalation exploit named Dirty Frag chains two Linux kernel vulnerabilities — CVE-2026-43284 and CVE-2026-43500 — to allow an unprivileged user to gain root access. Researcher Hyunwoo Kim responsibly disclosed the flaws, but according to SecurityWeek, someone published the details before patches were ready, prompting Kim to release both the technical write-up and proof-of-concept code himself.

The vulnerabilities affect the xfrm-ESP (IPsec) and RxRPC components of the Linux kernel. Kim noted that the exploit is unusually reliable: “Because it is a deterministic logic bug that does not depend on a timing window, no race condition is required, the kernel does not panic when the exploit fails, and the success rate is very high.”

Microsoft said its Defender product has observed limited in-the-wild activity that may indicate exploitation of Dirty Frag or the related Copy Fail flaw — the latter of which has confirmed wild exploitation. Post-exploitation behavior observed by Microsoft includes modification of a GLPI LDAP authentication file (identified by a `.swp` vim swap file), followed by reconnaissance of the GLPI directory and system configuration.

The attack surface is broadest on bare-metal hosts. In container environments, exploitation for container escape is theoretically possible but has not yet been demonstrated, Ubuntu developers noted. Dirty Frag follows a pattern established by Dirty Pipe in 2022 — a similarly named kernel flaw that affected millions of Linux systems before patches were widely deployed.

CVE-2026-40361: Zero-Click Outlook RCE Needs Immediate Patching

Microsoft’s June Patch Tuesday included a fix for CVE-2026-40361, a critical zero-click remote code execution vulnerability in a DLL shared by both Word and Outlook. Haifei Li, developer of the zero-day detection platform Expmon, reported the flaw and posted on X that it can be triggered the moment a victim reads or previews an email — no link click or attachment interaction required.

“You definitely want to patch this sooner rather than later,” Li wrote. “The danger of such 0-click bugs in Outlook is that they are triggered as soon as the victim reads or previews the email.”

Li compared CVE-2026-40361 to CVE-2015-6172 (BadWinmail), a flaw he discovered over a decade ago that was labeled an “enterprise killer” for its ability to compromise executives simply by sending a crafted email. He described the new vulnerability in similar terms: “Essentially, anyone could compromise a CEO or CFO just by sending an email. The threat perfectly bypasses enterprise firewalls and is delivered directly to the inbox.”

Microsoft has rated the vulnerability “exploitation more likely.” Li noted that he built only a proof-of-concept rather than a fully weaponized exploit achieving code execution. A plain-text rendering mode in Outlook is a valid mitigation, but applying the patch is the definitive fix. The vulnerability resides in Outlook’s email rendering engine, making network-layer blocking unreliable.

NGINX CVE-2026-42945: 16-Year-Old Bug Gets a PoC

A heap buffer overflow in NGINX’s ngxhttprewrite_module, tracked as CVE-2026-42945 with a CVSS score of 9.2, was patched this week as part of F5’s quarterly release — 16 years after the bug was introduced. Proof-of-concept exploit code is now publicly available, raising the urgency for administrators running NGINX with rewrite and set directives.

According to SecurityWeek, the flaw stems from a two-pass process in NGINX’s script engine: one pass computes the required buffer size, the other copies data. When a rewrite replacement containing a question mark (`?`) is used, an unpropagated flag causes an undersized buffer allocation. Attacker-controlled escaped URI data can then be written past the heap boundary.

Research firm Depthfirst explained the mechanics: “By padding the request URI with plus signs, we can force the escaping function to expand each byte into three bytes, overflowing the allocated chunk. The size of the overflow is completely under our control.”

The primary impact is a denial-of-service condition via worker process restart. Remote code execution is possible when ASLR is disabled — a configuration that remains common in certain embedded and legacy deployments. Achieving RCE requires cross-request heap manipulation to corrupt an adjacent memory pool’s cleanup pointer, redirecting execution to a fake structure invoking `system()`. No exploitation in the wild has been reported yet, but the public PoC shortens the window before that changes.

VMware Fusion Patches TOCTOU Privilege Escalation

Broadcom released a VMware Fusion update patching CVE-2026-41702, a high-severity time-of-check time-of-use (TOCTOU) flaw rated “important” by the vendor. SecurityWeek reported that the issue occurs during an operation performed by a SETUID binary, allowing a local non-administrative user to escalate privileges to root.

The flaw was reported by researcher Mathieu Farrell. Broadcom’s advisory does not mention active exploitation, but the company’s track record warrants caution: CISA’s Known Exploited Vulnerabilities catalog currently includes 26 VMware flaws, and attackers have historically moved quickly on newly patched VMware issues.

The timing is notable. VMware products are targets at this week’s Pwn2Own hacking competition, where ESX exploits can earn participants up to $200,000. Broadcom has sent security team members to the event. VMware Workstation, historically a lucrative Pwn2Own target, has been removed from this year’s target list — suggesting Broadcom may be preparing additional patches in the days ahead.

Claude Mythos Finds One curl Flaw, Raising Questions About AI Hype

A third-party test of Anthropic’s restricted Claude Mythos model against the curl codebase — 178,000 lines of C — produced five claimed vulnerabilities, of which only one was confirmed as an actual security issue, assigned a low severity rating. Daniel Stenberg, curl’s lead developer, published the findings on his blog after being given access to the third-party report.

Three of the five reported findings were known issues already described in official documentation; one was a non-security bug. The single confirmed vulnerability will be patched in late June.

The result stands in contrast to Anthropic’s pre-launch claims that Mythos had identified thousands of zero-days. Stenberg noted that other AI tools — including Zeropath, AISLE, and OpenAI’s Codex — had previously analyzed curl and identified 200–300 issues, including “a dozen or more” confirmed vulnerabilities. He acknowledged that AI-powered code analysis is “significantly better” than traditional static analysis tools overall, but concluded that Mythos’ performance on curl did not match its billing.

Some security researchers pushed back, arguing the result reflects curl’s unusually mature security posture rather than a weakness in Mythos. Anthropic limits Mythos access to a few dozen major organizations due to misuse concerns, meaning independent verification remains difficult.

What This Means

This week’s disclosures illustrate two persistent problems in vulnerability management: patch timing and exploit availability.

Dirty Frag’s premature public disclosure before patches were ready is a recurring failure mode in coordinated disclosure. Once PoC code is public, the window between patch release and active exploitation compresses from weeks to days — or, as Copy Fail demonstrates, exploitation can precede the patch entirely.

The NGINX case is a textbook example of technical debt. A 9.2-CVSS bug sitting undetected for 16 years in one of the internet’s most widely deployed web servers underscores that age and maturity do not equal security. The public PoC means administrators should treat this as an emergency patch, not a scheduled maintenance item.

CVE-2026-40361 in Outlook is the highest-priority item for enterprise security teams. Zero-click email vulnerabilities that bypass perimeter defenses and require no user interaction are among the most dangerous classes of flaw. Microsoft’s “exploitation more likely” rating, combined with Li’s public comparison to BadWinmail, signals that a working exploit in attacker hands is a realistic near-term scenario.

The Claude Mythos controversy is a useful corrective to vendor claims about AI security tooling. A single datapoint on a well-audited codebase is not a definitive verdict, but it reinforces the principle that extraordinary claims require independent, reproducible evidence — not curated demos.

FAQ

What is Dirty Frag and which Linux systems are affected?

Dirty Frag chains CVE-2026-43284 and CVE-2026-43500 to escalate an unprivileged local user to root via flaws in the Linux kernel’s xfrm-ESP (IPsec) and RxRPC components. It affects major Linux distributions and is most dangerous on bare-metal hosts; container environments reduce — but do not eliminate — the risk.

Do I need to restart Outlook to be protected from CVE-2026-40361?

Applying Microsoft’s June 2026 Patch Tuesday update is the definitive fix. Until patched, setting Outlook to render emails in plain text only is a partial mitigation, though it does not fully eliminate risk and reduces email formatting functionality.

Is the NGINX CVE-2026-42945 vulnerability being actively exploited?

No active exploitation has been reported as of the patch release, but proof-of-concept code is now publicly available. Administrators running NGINX with rewrite and set directives should apply F5’s quarterly patch immediately, particularly on systems where ASLR is disabled.