Metasploit Wrap Up 05/22/2026
Metasploit Blog, Monday, May 25th, 2026
Metasploit releases five new exploit and auxiliary modules for recent vulnerabilities in Cisco, HustOJ, Barracuda, cPanel, and Tenable products.
The latest Metasploit update includes five new modules addressing critical vulnerabilities across multiple platforms.
New exploits target a Cisco Catalyst SD-WAN Controller authentication bypass, a zip-slip RCE in HustOJ, arbitrary code execution in Barracuda Email Security Gateway via Excel spreadsheets, and a cPanel/WHM authentication bypass leading to root access.
Additionally, a post-exploitation module for Tenable Security Center extracts and cracks stored credential hashes. The update also includes six enhancements to existing features and four bug fixes to improve overall framework stability and functionality.