KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell

A newly disclosed zero-day vulnerability in the KnowledgeDeliver Learning Management System (LMS) has been actively exploited in the wild to deploy the BLUEBEAM in-memory web shell, according to Mandiant’s incident response findings. The flaw, now tracked as CVE-2026-5426, enables unauthenticated remote code execution (RCE) and affects deployments that relied on default ASP.NET configuration settings prior […] The post KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell appeared first on Cyber Security News.