Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

CVE-2026-5426 is a critical unauthenticated remote code execution vulnerability in KnowledgeDeliver LMS, caused by hardcoded ASP.NET machine keys identical across all customer deployments. Exploitation is confirmed active, with attackers deploying in-memory web shells, tampering with browser-delivered JavaScript to target end users, and delivering Cobalt Strike BEACON implants via the compromised LMS. Any internet-facing KnowledgeDeliver LMS instance should be treated as potentially compromised pending investigation.

Author

Tech Jacks Solutions