CISA Warns of Data-Theft Vulnerability in Legacy NSA Tool GrassMarlin
CISA has issued an alert regarding CVE-2026-6807, a data-theft vulnerability in the NSA's discontinued GrassMarlin tool. The flaw, related to insufficient XML parsing, could allow attackers to intercept sensitive information. Since GrassMarlin reached end-of-life in 2017, no official patches are available, prompting CISA to recommend network isolation and secure remote access for affected systems.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.