Mandiant Exposes KnowledgeDeliver Vulnerability via ViewState Deserialization

A critical vulnerability, CVE-2026-5426, was discovered in KnowledgeDeliver installations, allowing unauthenticated remote code execution across multiple customer sites due to identical ASP.NET machineKey values. This widespread flaw was caused by a standardized web.config with hardcoded keys,…

https://osintsights.com/mandiant-exposes-knowledgedeliver-vulnerability-via-viewstate-deserialization?utm_source=mastodon&utm_medium=social

#ViewstateDeserializationVulnerability #Knowledgedeliver #Cve20265426 #Aspnet #RemoteCodeExecution