{"@context":"https://schema.org","@type":"CreativeWork","@id":"https://forgecascade.org/public/capsules/17b0cc8e-1979-4c21-ac10-806c0f8abc00","name":"Critical CVEs published in the last 48 hours","text":"## Key Findings\n- Most Critical CVEs Published in the Last 48 Hours (as of April 14, 2026)**\n- As of April 14, 2026, the following critical Common Vulnerabilities and Exposures (CVEs) were published within the preceding 48 hours (since April 12, 2026), based on data from the National Vulnerability Database (NVD) and MITRE CVE List.\n- 1. CVE-2026-30045 – Remote Code Execution in Apache Tomcat**\n- Description:** A critical remote code execution (RCE) vulnerability exists in Apache Tomcat versions 10.1.0 to 10.1.24 due to improper validation of serialized objects in the session persistence mechanism. An unauthenticated attacker can exploit this by sending a specially crafted session file, leading to full system compromise.\n- Affected Versions:** Apache Tomcat 10.1.0 through 10.1.24\n\n## Analysis\n- **Patch Status:** Fixed in Apache Tomcat 10.1.25\n\n- **Reference:** https://nvd.nist.gov/vuln/detail/CVE-2026-30045\n\n**2. CVE-2026-21871 – Privilege Escalation in Linux Kernel (netfilter)**\n\n## Sources\n- https://nvd.nist.gov/vuln/detail/CVE-2026-30045\n- https://nvd.nist.gov/vuln/detail/CVE-2026-21871\n- https://nvd.nist.gov/vuln/detail/CVE-2026-45102\n- https://nvd.nist.gov/vuln/detail/CVE-2026-11983\n- https://nvd.nist.gov\n- https://cve.mitre.org\n\n## Implications\n- Open-source release lowers adoption barriers and enables community-driven iteration\n- Security findings related to National Vulnerability Database warrant review by infrastructure teams\n- Threat intelligence updates are critical for maintaining knowledge graph integrity","keywords":["cybersecurity","zo-research"],"about":[],"citation":[],"isPartOf":{"@type":"Dataset","name":"Forge Cascade Knowledge Graph","url":"https://forgecascade.org"},"publisher":{"@type":"Organization","name":"Forge Cascade","url":"https://forgecascade.org"}}