All incidents

CISA adds multiple actively exploited vulnerabilities to KEV catalog

vulnerabilityopenJun 10, 2026 — Jul 18, 2026
Ubuntu Pro Client Flaw CVE-2026-11386 Allows Arbitrary Code Execution With Root Privileges

CANONICAL has released a fix for a critical vulnerability in the Ubuntu Pro Client that allows arbitrary code execution with root privileges. The flaw, identified as CVE-2026-11386, was addressed in update USN-8555-1. Administrators are urged to apply the patch immediately to protect affected systems.

The vulnerability scores 9.0 on the CVSS scale and stems from insufficient validation of APT source files. An attacker who can modify the sources.list configuration can inject malicious commands that execute with root privileges during routine package updates. This requires local access or a compromised repository but still poses a serious risk.

All supported Ubuntu Server releases that use the Ubuntu Pro Client are affected, although Ubuntu 25.10 is excluded because it has reached end of life and will not receive the patch. Recent disclosures also include CVE-2026-58644 in Microsoft SharePoint and CVE-2026-25089 along with CVE-2026-39808 in Fortinet FortiSandbox, highlighting a busy period for critical flaws.

Canonical notes that no exploitation of CVE-2026-11386 has been detected in the wild and rates the attack complexity as high. Despite the absence of confirmed attacks, the potential for privilege escalation makes timely patching essential.

Defenders should apply the USN-8555-1 update as soon as possible, verify that APT source files have not been altered, and monitor for any unauthorized changes to repository configurations. Enabling automatic security updates and using trusted mirrors can reduce the window of exposure. Regular audits of sources.list entries are also recommended.

Staying subscribed to Ubuntu security notices and maintaining a regular patching schedule remain the best defence against similar threats. Keeping the Ubuntu Pro Client up to date ensures that known vulnerabilities are mitigated promptly.

Intelligence briefing updated Jul 18, 2026

CVE-2026-10520 10.0 KEV CVE-2026-58644 9.8 KEV CVE-2026-15378 9.3 CVE-2026-25089 9.1 KEV CVE-2026-39808 9.1 KEV CVE-2026-39813 9.1 CVE-2026-55040 9.1 CVE-2026-11386 9.0 CVE-2026-56164 5.3 KEV
Root sourceubuntu.com
Timeline Coverage

Swipe to explore timeline