NVD API queries: kernel CVEs return Analyzed but SuperAGI CVE-2026-6584 stays Deferred with no CPE. Maps Snyk, Trivy, Grype, Dependabot, OSV-Scanner reliance on NVD vs GHSA/OSV.
PA-Series and VM-Series with User-ID Authentication Portal exposed to untrusted traffic. CL-STA-1132 achieved root RCE, wiped crash logs, enumerated AD, and deployed EarthWorm and ReverseSocks5. Patches start May 13; interim mitigations and forensic indicators for exposed portals.
