HomeCVE Intelligence › CVE-2026-46331
CVSS 8.0 HIGH 🔴 ACTIVELY EXPLOITED Vulnerability

CVE-2026-46331: PEdit-CoW (CVE-2026-46331): another page-cache write in the DirtyPipe family

<!-SC_OFF --><div class="md"><p>A working POC for PEdit-CoW (CVE-2026-46331) is public, by sgkdev.</p> <ul> <li><a href="https://github.com/rafaeldtinoco/security/tr…

8.0CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-46331
Vendorreddit_cyber
Affected ProductThreat Intelligence
Vulnerability TypeVulnerability
CVSS Score8.0 (HIGH)
Actively Exploited✅ Yes
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via reddit_cyber)

🔬 Technical Analysis

<!-- SC_OFF --><div class="md"><p>A working POC for PEdit-CoW (CVE-2026-46331) is public, by sgkdev.</p> <ul> <li><a href="https://github.com/rafaeldtinoco/security/tree/main/exploits/peditcow">POC and explanations</a></li> </ul> <p>Our write-ups on detecting this family by thinking outside the box:</p> <ul> <li><a href="https://medium.com/@miggo-engineering/detecting-copyfail-dirtyfrag-by-thinking-outside-the-box-3cae021ca94c">Detecting CopyFail and DirtyFrag</a></li> <li><a href="https://medium.com/@miggo-engineering/detecting-the-nftables-catchall-use-after-free-cve-2026-23111-by-thinking-outside-the-box-2227654d5acf">Detecting nf_tabl

🎯 Known Indicators of Compromise

{"type":"url","value":"https://github.com/rafaeldtinoco/security/tree/main/exploits/peditcow">POC","confidence_score":0.82,"first_seen":"2026-06-26","source_count":1} {"type":"url","value":"https://medium.com/@miggo-engineering/detecting-copyfail-dirtyfrag-by-thinking-outside-the-box-3cae0","confidence_score":0.82,"first_seen":"2026-06-26","source_count":1} {"type":"url","value":"https://medium.com/@miggo-engineering/detecting-the-nftables-catchall-use-after-free-cve-2026-23111-","confidence_score":0.82,"first_seen":"2026-06-26","source_count":1} {"type":"url","value":"https://medium.com/@miggo-engineering">blog","confidence_score":0.82,"first_seen":"2026-06-26","source_count":1} {"type":"url","value":"https://github.com/sgkdev/packet_edit_meme">the","confidence_score":0.82,"first_seen":"2026-06-26","source_count":1} {"type":"domain","value":"medium.com","confidence_score":0.75,"first_seen":"2026-06-26","source_count":1} {"type":"domain","value":"thehackernews.com","confidence_score":0.75,"first_seen":"2026-06-26","source_count":1} {"type":"domain","value":"www.reddit.com","confidence_score":0.75,"first_seen":"2026-06-26","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-46331 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence