Sample of assets impacted by NGINX nginx-poolslip vulnerability, identified by the CyCognito Platform What is CVE-2026-9256? CVE-2026-9256, publicly nicknamed “nginx-poolslip,” is a heap buffer overflow in the ngx_http_rewrite_module component of NGINX Plus and NGINX Open Source. The flaw is triggered when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression captures (for example, ^/((.*))$) and a replacement string that references multiple such captures (for example, $1$2) in a redirect or arguments context. Under these conditions, NGINX underestimates the length of the output after URI escaping, producing an out-of-bounds write inside the worker process memory pool. The…
A critical arbitrary file write vulnerability in Grafana’s SQL expressions feature can be chained with a Grafana Enterprise plugin to achieve full remote code execution on the underlying host.
The instinctive reaction to Mythos is: we need to patch faster. That instinct is understandable. It is also exactly the wrong frame. The real question isn’t how many CVEs are in your queue. It’s how many of your exposed assets can actually be exploited right now, by anyone with an API key and an afternoon.
The latest GigaOm Radar for Attack Surface Management highlights the shift from inventory to contextual prioritization and actionable validation across 32 vendors. CyCognito was named a Leader for the third year in a row and, for the first time, an Outperformer.
Modern security frameworks often fail by surfacing endless vulnerabilities without context. This blog explores how the CTEM framework’s Validation stage provides “permission to ignore” theoretical risks, allowing teams to focus engineering resources exclusively on confirmed, evidence-based, and exploitable threats.
Continuous Threat Exposure Management (CTEM) shifts security metrics from measuring activity to prioritizing impact. This refocuses reporting on urgent, validated issues and continuous testing coverage. By tracking remediation hours and material exposure reduction, organizations can effectively manage risk without creating unnecessary noise or alert fatigue.
CTEM reframed security around what attackers can actually reach and exploit. But Gartner didn’t provide an execution playbook. This blog breaks down what each stage demands in practice – and the anti-patterns that derail most programs.
SolarWinds disclosed multiple critical vulnerabilities in its Web Help Desk platform that may allow unauthenticated attackers to bypass security controls or execute code remotely. Organizations running exposed instances should patch immediately and assess external exposure to reduce risk.
