Three critical Linux kernel local privilege escalation vulnerabilities are active this week, two of which (Dirty Frag: CVE-2026-43284 and CVE-2026-43500) are confirmed under active exploitation in campaigns targeting GLPI infrastructure. One of the Dirty Frag components (CVE-2026-43500) remains unpatched as of 2026-05-09, meaning organizations that have applied the available Dirty Frag patch are still exposed to a weaponized exploit chain. A third LPE (CVE-2026-31431, ‘Copy Fail’) is corroborated by credible secondary sources but awaits primary source confirmation; it should be treated as high-priority pending NVD and vendor advisory publication.