CopyFail (CVE-2026-31431): The Linux Privilege Escalation Flaw You Can't Ignore

CopyFail (CVE-2026-31431) is a Linux kernel privilege escalation vulnerability that lets an unprivileged user exploit the AF_ALG Crypto API to write 4 bytes into the page cache of any readable file, enabling them to corrupt executable code in memory and gain root access when a privileged process runs the tampered file. It affects virtually every Linux distribution shipped since 2017, is already being actively exploited in the wild, and the US government has ordered federal agencies to patch by May 15.

May 11, 2026 · 16 min · 3350 words · Vyshak Haridasan

How One HTTP Request Can Compromise Your Next.js App — React2Shell Breakdown

This blog breaks down how the React2Shell vulnerability (CVE-2025-55182) abuses insecure deserialization in React Server Components’ Flight protocol to achieve pre-authentication remote code execution, and provides detection, mitigation, and threat-hunting guidance for defenders.

January 9, 2026 · 15 min · 3068 words · Vyshak Haridasan