CVE-2026-45257: LPE in FreeBSD via kTLS-RX
8 points by dgst
8 points by dgst
The site seems over the top for this:
Is this remotely exploitable?
No, it requires a local TCP socket and sendfile on a file the attacker can read. That is to say: any local shell, any web hosting container, any jail with the default capability set. It is a local bug.
I think someone is sending up over serious corporate vulnerability sites. It's wonderful :)
Under the FAQ, "Why Comic Sans?"
Because every other "branded vulnerability" website pretends to be a corporate product launch. We thought we'd be honest about being a parody.
EDIT: also tbc the language is directly parodying Trump/MAGA-universe lingo, which is why it seems so "over-the-top"