CVE-2026-7776

Versions sourced from the GitHub Security Advisory.

• Hashicorp/Boundaryinferred

  Range: <0.21.3, <0.20.3, <0.19.5

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

• github.com/advisories/GHSA-7x9r-wcgg-w86fghsaADVISORY
• nvd.nist.gov/vuln/detail/CVE-2026-7776ghsaADVISORY
• discuss.hashicorp.com/t/hcsec-2026-11-boundary-workers-vulnerable-to-denial-of-service-during-tls-handshakenvdWEB

• PoC Code Published for Critical NGINX Vulnerability
  SecurityWeek · May 16, 2026
• Deepfake detection is losing ground to generative models
  Help Net Security · May 15, 2026
• White House cyber official: identity security matters more than ever in the age of AI
  CyberScoop · May 14, 2026
• The time of much patching is coming
  Cisco Talos Intelligence · May 14, 2026
• F5 Patches Over 50 Vulnerabilities
  SecurityWeek · May 14, 2026
• AWS to Quick admins: The access control didn't work, but you weren't using it anyway, so what's the problem?
  The Register Security · May 13, 2026
• May 2026 Patch Tuesday: no zero-days but plenty to fix
  Malwarebytes Labs · May 13, 2026
• When "idle" isn't idle: how a Linux kernel optimization became a QUIC bug
  Cloudflare Blog · May 12, 2026
• Copy.Fail Linux Vulnerability
  Schneier on Security · May 12, 2026
• TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack
  SecurityWeek · May 12, 2026
• State-sponsored actors, better known as the friends you don’t want
  Cisco Talos Intelligence · May 12, 2026
• Cline Kanban Flaw Lets Websites Hijack AI Coding Agents
  Infosecurity Magazine · May 7, 2026
• Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
  Unit 42 · May 5, 2026
• Pipelock: Open-source AI agent firewall
  Help Net Security · May 4, 2026
• Introducing Dynamic Workflows: durable execution that follows the tenant
  Cloudflare Blog · May 1, 2026
• VECT: Ransomware by design, Wiper by accident
  Check Point Research · Apr 28, 2026
• Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
  The Hacker News · Apr 28, 2026
• Parsing Agentic Offensive Security's Existential Threat
  Dark Reading · Apr 27, 2026
• Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents
  Infosecurity Magazine · Apr 23, 2026
• Hypersonic Supply Chain Attacks: One Solution That Didn’t Need to Know the Payload
  SentinelOne Labs · Apr 22, 2026
• Making Rust Workers reliable: panic and abort recovery in wasm‑bindgen
  Cloudflare Blog · Apr 22, 2026
• World-first NCSC-engineered device secures vulnerable display links
  NCSC UK · Apr 22, 2026
• Exploits Turn Windows Defender Into Attacker Tool
  Dark Reading · Apr 21, 2026
• Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool
  Dark Reading · Apr 21, 2026
• Orchestrating AI Code Review at scale
  Cloudflare Blog · Apr 20, 2026
• Attackers Actively Exploiting Critical Vulnerability in Ninja Forms – File Upload Plugin
  Wordfence Blog · Apr 16, 2026
• Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack
  SentinelOne Labs · Apr 14, 2026
• Edge Decay: How a Failing Perimeter Is Fueling Modern Intrusions
  SentinelOne Labs · Apr 9, 2026
• ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime
  Check Point Research · Mar 30, 2026
• Cloud workload security: Mind the gaps
  ESET WeLiveSecurity · Mar 24, 2026
• Siemens SIMATIC
  CISA Alerts
• May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs
  CrowdStrike Blog