THREAT OPS › Threat News › Qinglong task scheduler RCE vulnerabilities exploited in the wild for cryptomining
Qinglong task scheduler RCE vulnerabilities exploited in the wild for cryptomining
Two authentication bypass vulnerabilities (CVE-2026-3965, CVE-2026-4047) in the Qinglong task scheduling panel were exploited in the wild to deploy cryptomining malware. Here's what happened, how the attacks worked, and what self-hosted application operators should learn from this incident.
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- CVE-2026-3965cve
- CVE-2026-4047cve
Original source: https://snyk.io/blog/qinglong-task-scheduler-rce-vulnerabilities/