Title: Linux Security: NGINX Poolslip, BIND 9 & PinTheft Explained
A second critical NGINX vulnerability ("poolslip") was just disclosed, and the previous patch didn't fix it. In this week's Linux security roundup, we break down CVE-2026-9256, plus a massive cluster of BIND 9 vulnerabilities including a remote code execution flaw in DNS-over-HTTPS. We also cover the stealthy "PinTheft" local privilege escalation affecting Arch, Ubuntu, and Fedora, Evince RCE, and 11 new PostgreSQL CVEs. -- OFFICIAL PATCH LINKS -- NGINX CVE-2026-9256 (poolslip) Official advisory: https://nginx.org/en/security_advisor... CVE record: https://www.cve.org/CVERecord?id=CVE-... F5/NGINX article: https://my.f5.com/manage/s/article/K0... Download NGINX 1.30.2 / 1.31.1: https://nginx.org/en/download.html BIND 9 Cluster (USN-8293-1) Ubuntu security notice: https://ubuntu.com/security/notices/U... ISC BIND 9 vulnerability matrix: https://kb.isc.org/docs/aa-00913 PinTheft - CVE-2026-43494 NVD detail: https://nvd.nist.gov/vuln/detail/CVE-... TuxCare writeup: https://tuxcare.com/blog/cve-pintheft/ CloudLinux analysis: https://blog.cloudlinux.com/pintheft-... Evince CVE-2026-46529 (USN-8295-1) Ubuntu security notice: https://ubuntu.com/security/notices/U... PostgreSQL (USN-8294-1) Ubuntu security notice: https://ubuntu.com/security/notices/U... Timestamps: 00:00 - Intro: A new batch of critical vulnerabilities 00:41 - The problem with incomplete patches 01:03 - NGINX "poolslip" (CVE-2026-9256) 01:34 - How NGINX poolslip works 02:32 - NGINX poolslip Mitigation 03:25 - BIND 9 Vulnerabilities Intro 04:01 - BIND 9 DoH Use-After-Free (CVE-2026-3593) 04:55 - PinTheft (CVE-2026-43494) Intro 05:38 - How PinTheft works and Mitigation 06:23 - Evince RCE (CVE-2026-46529) 07:12 - PostgreSQL Vulnerabilities and Outro 🔗 Subscribe for weekly Linux security updates: https://tondoeslinux.com/subscribe 🐦 Twitter/X: https://x.com/tondoeslinux 💬 Community: https://tondoeslinux.com ======================================================= "Please like, comment, and subscribe to receive more videos of this kind." https://goo.gl/a9JwXB Subscribe to the weekly newsletter: https://tondoeslinux.com/subscribe Use VidIQ for your channel: https://vidiq.com/TonDoesLinux Use the best VPN: https://surfshark.club/friend/FN3Sduq4 Learn Linux: • Learn Linux Desktop Learn Arch: • Learn Arch Linux 2019 Website: www.tondoeslinux.com Like my Facebook page: / tondoeslinux See me on Twitter / tondoes #tondoeslinux #linuxtutorial #linux #apple #tech #shorts
Linux Security: Gogs Zero-Day, Samba RCE & Kernel Flaws (June 2026)
Microsoft Just Released Their Own Linux Distro: Should You Be Worried?
Proxmox VE 9.2 Is Here: 7 New Features That Actually Matter
Linus Torvalds: AI Is Changing Linux Fast
Do NOT Ignore NGINX Rift: Single GET Request Will Destroy Your Ingress CVE-2026-42945 #cybersecurity
5 CLI Tools That Actually Changed How I Work in 2026
Android 17 sucks. So I put Linux on a phone.
Secure Boot Certificate Expiry (Windows & Linux)
The Flipper One is Finally Here (And It's Huge)
Google PANICS As GrapheneOS EXPLODES And Android Users WALK AWAY
CVE-2026-23111: One Typo Gives Full Root Access on Linux
5 Critical UniFi CVEs and How to Avoid the Risk
Linux Kernel 7.1 Released: New NTFS Driver, AMD Zen 6 & AI Policy
Linux Kernel 7.1 RC5: Linus Torvalds vs AI Codenal video
Rufus JUST DESTROYED Windows 11 As Millions Watch Microsoft COLLAPSE!
Flatpak Next: Dropping Systemd and X11?
Don't Get Trapped: Moving from Windows 10 to Linux
CIFSwitch & Samba RCE: Two Linux Flaws You Must Patch Now
x86vsARM difference explained for Beginners
