We Counted Six Ways This Week's Bugs Chain Into Full Host Takeover. CISA Hasn't Flagged a Single Link.
- Patrick Duggan
- 2 hours ago
- 6 min read
We spent this week publishing bugs one at a time — ColdFusion, Bad Epoll, DirtyClone, Januscape, BeyondTrust — the way the wire reports them: a CVE, a severity, a patch note, next. Then a reader asked the question that reorganizes the whole picture. Not "how bad is each bug," but "are you thinking about how they combine?" We weren't, not on the page, and that was a failure of framing. Because attackers don't operate CVEs one at a time. They operate chains. So we did the arithmetic, and here is the uncomfortable result: this week's public exploits compose into six distinct paths from the open internet to full control of a physical host — and not one link in any of them is on CISA's Known Exploited Vulnerabilities list yet.
The reframe: a bug is an item, a chain is an attack
A single privilege-escalation bug is a 7.8. Unpleasant, patch it Tuesday. A single hypervisor-escape proof-of-concept that only panics the host is a denial-of-service — annoying, not fatal. Rated alone, on the CVSS scale, most of this week's flaws are the kind of thing a busy team defers behind the 9s.
But an attacker never rates a bug alone. They rate the path: can I get from where I am to where the data is. And a path is built by snapping together links — get code running (entry), become root (escalate), break out of the box (escape). Each link can be individually mediocre and the assembled chain still ends in catastrophe. This is the oldest truth in offensive security and the one defenders' prioritization systems are worst at pricing, because every scoring model we use rates the link, not the chain.
The ingredients: four bugs, public exploits, none on the list
Here is this week's parts bin — the flaws that have a working public proof-of-concept and are not yet on CISA's KEV catalog. That second filter is the whole point, and we verified it against the catalog directly.
[CVE-2026-48282](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-48282) — Adobe ColdFusion. Unauthenticated path-traversal remote code execution. This is your entry link: no credentials, straight to code running as the web application. It went from public technical detail to in-the-wild exploitation in under two hours earlier this week. Public PoC. Not on KEV.
[CVE-2026-46242](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-46242) — "Bad Epoll." A use-after-free race in the Linux kernel's epoll facility. Unprivileged local user to root, roughly 99% reliable, on kernels 6.4 and newer. This is an escalate link. Public PoC. Not on KEV.
[CVE-2026-46331](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-46331) — "DirtyClone." A second Linux kernel local-root bug the same week, rewriting a setuid binary in the page cache and never touching disk. Interchangeable with Bad Epoll as an escalate link. Public PoC. Not on KEV.
[CVE-2026-53359](https://analytics.dugganusa.com/api/v1/dredd/kev-gap?cve=CVE-2026-53359) — "Januscape." A sixteen-year-old KVM use-after-free that lets a guest VM reach the host — triggerable on both Intel and AMD. The public exploit panics the host; a private version reaches host code execution. This is the escape link. Public PoC. Not on KEV.
Four links. One entry, two interchangeable escalators, one escape. Every one weaponized in public. Every one absent from the list that compliance-driven patching actually obeys.
The six chains
Snap the links together in kill-chain order — entry, then escalate, then escape — and treat Bad Epoll and DirtyClone as substitutes, because chaining two root bugs together is pointless once you have root. That yields six live combinations.
Two two-link chains that turn an unauthenticated web request into root on the box:
ColdFusion (48282) into Bad Epoll (46242)
ColdFusion (48282) into DirtyClone (46331)
Two two-link chains that turn a foothold you already have inside a guest VM into control of the hypervisor underneath it:
Bad Epoll (46242) into Januscape (53359)
DirtyClone (46331) into Januscape (53359)
And two full three-link chains — the complete distance, from a stranger on the internet to the physical machine hosting every tenant on it:
ColdFusion into Bad Epoll into Januscape
ColdFusion into DirtyClone into Januscape
Six paths. The three-link versions describe an attacker with no credentials reaching code execution on an exposed ColdFusion server, escalating to root on that guest, and then stepping out of the guest onto the hypervisor — where every other virtual machine on the hardware becomes reachable. No password is guessed. No user is phished. And no defender running a "patch what's on KEV first" program is required to have touched a single link.
Where the chain gets shorter, not longer
Proxmox is the worst-case host for this week specifically, because it runs both container and virtual-machine tenants, and it swallowed every one of these bugs at once. On the virtual-machine side, the escape link is real: a rooted guest uses Januscape to reach the host. But on the container side — Proxmox's LXC tenants — the math collapses in the attacker's favor. Containers share the host's kernel. There is no hypervisor wall to escape. So Bad Epoll or DirtyClone, fired from inside an unprivileged container, is not an escalation within a guest — it is root on the host itself, in a single CVE, no chain required. On that architecture two of this week's "moderate" LPEs are direct, single-shot, host-takeover bugs. Proxmox's own maintainers have confirmed fixes for both Bad Epoll and Januscape are in preparation, which is the right response and also a quiet confirmation that the platform sat exposed to the whole set.
The honesty, because a scary number is worthless without it
We hold this at 95 percent, and here the caveats are load-bearing, not decoration.
These are capability-exists chains, not works-everywhere chains. ColdFusion-into-Bad-Epoll requires the ColdFusion box to be Linux on a 6.4-or-newer kernel; if it's Windows, that link doesn't snap. Januscape requires nested virtualization enabled and root inside the guest — the escalators hand you the root, but nested virt has to be on. So "six chains" is the count of combinations that are individually demonstrated and logically composable, not a promise that all six fire against any given target. Real environments break links all the time; that is exactly why defense in depth works.
And we are deliberately undercounting. We excluded BeyondTrust's new pre-authentication bypasses — CVE-2026-40138 and 40139 — because as of this writing they have no public PoC, only an advisory. They are pre-KEV, and they are a devastating entry link into the exact privileged-access appliances that broker credentials for everything else. The day a working PoC for them appears, the entry column doubles, and every ColdFusion-rooted chain above gets a BeyondTrust-rooted twin. The count we are giving you is the floor.
The point, which is about the list
The recurring thread of everything we published this week — the holiday gauges that read "quiet," the ColdFusion window that was two hours, the sixteen-year-old wall under the cloud — is that the absence of a signal is not the absence of a threat. The KEV catalog is one more gauge, and this is its blind spot. KEV is a lagging, evidence-of-active-exploitation list; it is excellent at what it does and structurally late by design. A pre-KEV window is precisely the interval in which weaponization is public but the catalog hasn't caught up — and it is the interval an attacker most wants, because the defender's obligation clock hasn't started. Six composable chains, every link exploit-ready, zero links on the list. If your patching strategy is "KEV first, everything else when we get to it," this is the week that strategy is quietly betting against you.
Patch by reachability, not by list membership. Get ColdFusion and privileged-access appliances off the open internet. Patch host kernels and hypervisors — Bad Epoll, DirtyClone, and Januscape are host patches, and on a shared-kernel container host they are the only wall you've got. Disable nested virtualization for guests you don't trust. And when you triage, ask the question our reader asked us, the one the scoring models don't: not "how bad is this bug," but "what does it connect to."
Sources: DugganUSA coverage this week of CVE-2026-48282 (ColdFusion), CVE-2026-46242 (Bad Epoll), CVE-2026-46331 (DirtyClone), CVE-2026-53359 (Januscape), and CVE-2026-40138/40139 (BeyondTrust) — all at dugganusa.com; CISA KEV catalog checked July 7 2026; Proxmox community advisory thread for CVE-2026-46242 and CVE-2026-53359. Chain enumeration and KEV-status verification are ours and reproducible.
Every indicator in this post is in the feed. Free.
1.58M+ IOCs, STIX 2.1 / TAXII, 88% novel vs ThreatFox, exploited-CVE leads ahead of CISA. No credit card — a free API key in 30 seconds, and you can audit every claim above against the live endpoints.




Comments