European Weather Cloud Knowledge Base

A new Linux kernel vulnerability known as SSH-keysign-pwn (tracked as CVE-2026-46333 https://www.cve.org/CVERecord?id=CVE-2026-46333) was publicly disclosed on 14 May 2026.  This vulnerability allows an unprivileged local user to read any files owned by root. A working exploit is already publicly available. Risk Level: When This Vulnerability Is Dangerous This vulnerability can only be exploited by someone who is able to run local commands on your virtual machine.…

The European Weather Cloud (EWC) teams at ECMWF and EUMETSAT are pleased to invite you to the second thematic EWC webinar of 2026 https://events.ecmwf.int/event/564/. It will take place on Wednesday 10 June 2026 from 08:00 to 09:30 UTC (9:00-10:30 BST, 10:00 - 11:30 CEST, 11:00-12:30 EEST). In this webinar, we will focus on the transition away from Morpheus, which will be phased out at the end of 2026. We will show how users can now perform the same tasks using the new EWC services,…

A new Linux kernel vulnerability known as Dirty Frag was publicly disclosed on 7 May 2026. The flaw affects the IPsec ESP and rxrpc in-place decryption fast paths and is closely related to the same subsystem area impacted by the recent Copy Fail vulnerability. Dirty Frag allows an unprivileged local user to gain immediate root access on all major Linux distributions. A working exploit is already publicly available.…

Dear colleague, This is an invitation to join us for the European Weather Cloud (EWC) User Workshop 2026, hybrid again and this time at EUMETSAT in Darmstadt on 22 September 2026. This full-day event, co-organised by EUMETSAT and ECMWF, will provide an opportunity to explore the latest developments, share experiences, and shape the future of the EWC. You will find all the information in the event page https://user.eumetsat.int/news-events/events/tra.events.2698,…

This vulnerability gives attackers that can run commands locally an immediate path to full system compromise. Please apply the fixes described below it as soon as possible if you haven't done already. Copy Fail — CVE-2026-31431 https://copy.fail/#copy-fail is a critical Linux kernel vulnerability that allows any unprivileged local user to escalate privileges to root. The issue originates from a flaw in the algif_aead cryptographic subsystem,…