{"total":1653,"page":1,"count":50,"advisories":[{"id":"59254c00-9f5e-449c-8b42-ad31b07d14fe","num":222679,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113","title":"AL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 1","summary":"Number: AL25-007 Date: June 11, 2025 Updated: July 10, 2026 Audience This Alert is intended for IT professionals and managers of notified organizations. Purpose An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security (\"Cyber Centre\") is also available to provide additional assistance regarding the content of this Alert to recipients as requested. Details On June 1, 2025, Roundcube released a security bulletin for a critical vulnerability affecting Webmail. The issue is described as a Post-Auth RCE via PHP Object Deserialization vulnerability (CVE-2025-49113) Footnote 1 . The versions of Roundcube products affected are Footnote 2 : Webmail – versions prior to 1.5.10 Webmail – versions prior to 1.6.11 In response to this vulnerability, the Cyber Centre released AV25-309 on June 2, 2025 Footnote 3 . While the Cyber Centre has not received any reports of exploitation, the existence of a proof of concept (POC) significantly raises the likeness of abuse by malicious actors. The existence of a published POC makes it imperative to take action to assess and mitigate this vulnerability. The Cyber Centre is aware that exploitation of CVE-2024-42009 has been used to obtain valid credentials, which could lead to exploitation of CVE-2025-49113. CISA added CVE-2024-42009 to their Known Exploited Vulnerabilities (KEV) catalog Footnote 4 Footnote 5 on June 9, 2025. Update 1 The Cyber Centre is aware of open-source reporting indicating ongoing exploitation Footnote 7 of CVE-2024-42009 Footnote 8 and CVE-2025-49113 Footnote 1 related to Roundcube Webmail. The Cyber Centre strongly recommends that organizations upgrade to the latest Roundcube Webmail versions as per AV26-657 Footnote 9 : Webmail – version 1.6.17 Webmail – version 1.7.2 On June 9, 2025, Cybersecurity and Infrastructure Security Agency (CISA) added CVE","link":"https://cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113","severity":"critical","cvss":null,"cves":["CVE-2025-49113","CVE-2024-42009","CVE-2025-42009"],"exploited":true,"has_exploit":true,"published_at":"2026-07-10T19:12:59+00:00"},{"id":"dcc64140-c176-4452-b0b9-c98ac539dd8b","num":218702,"source_id":"cisa-kev","external_id":"CVE-2026-48939","title":"CVE-2026-48939: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability","summary":"iCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48939","severity":"critical","cvss":null,"cves":["CVE-2026-48939"],"exploited":true,"has_exploit":true,"published_at":"2026-07-10T00:00:00+00:00"},{"id":"6500fa48-fb72-42bb-b48d-43c18b140b11","num":218701,"source_id":"cisa-kev","external_id":"CVE-2026-56291","title":"CVE-2026-56291: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability","summary":"Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-56291","severity":"critical","cvss":null,"cves":["CVE-2026-56291"],"exploited":true,"has_exploit":false,"published_at":"2026-07-10T00:00:00+00:00"},{"id":"c3c4d962-be4c-4a26-b888-ba1164579aae","num":190595,"source_id":"nvd","external_id":"CVE-2026-56291","title":"CVE-2026-56291: The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.","summary":"The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-56291","severity":"critical","cvss":9.8,"cves":["CVE-2026-56291"],"exploited":true,"has_exploit":false,"published_at":"2026-07-09T11:16:40.99+00:00"},{"id":"d0eb1d34-14aa-49dd-a5cb-484203eb370f","num":19583,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647","title":"Adobe security advisory (AV26-647) – Update 2","summary":"Serial number: AV26–647 Date: July 2, 2026 Updated: July 7, 2026 On June 30, 2026, Adobe published security advisories to address critical vulnerabilities in the following products: Adobe ColdFusion 2025 – Update 9 and prior Adobe ColdFusion 2023 – Update 20 and prior Adobe Campaign Classic – version ACC v7: 7.4.3 build 9396 and prior Update 1 Open-source reporting indicates that CVE-2026-48282 is being exploited. Update 2 On July 7, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-48282 to their Known Exploited Vulnerabilities (KEV) Database. The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. Security update available for Adobe ColdFusion | APSB26-68 Security updates available for Adobe Campaign Classic | APSB26-69 Adobe Security Advisories CISA KEV: CVE-2026-48282","link":"https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647","severity":"critical","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T19:49:45+00:00"},{"id":"33fa5e10-edf4-4749-8060-684f829dce41","num":130111,"source_id":"cisa-kev","external_id":"CVE-2026-55255","title":"CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability","summary":"Langflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-55255","severity":"critical","cvss":null,"cves":["CVE-2026-55255"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"8c639c4a-dbe6-42dc-83bc-2fb5dfcdf035","num":134841,"source_id":"cisa-kev","external_id":"CVE-2026-48282","title":"CVE-2026-48282: Adobe ColdFusion Path Traversal Vulnerability","summary":"Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48282","severity":"critical","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"7a5cd1c5-b226-4cb3-a433-faa253d64916","num":130110,"source_id":"cisa-kev","external_id":"CVE-2026-48908","title":"CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability","summary":"JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48908","severity":"critical","cvss":null,"cves":["CVE-2026-48908"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"c43747d5-690a-4102-a78a-5d16d2df61ec","num":130112,"source_id":"cisa-kev","external_id":"CVE-2026-56290","title":"CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability","summary":"Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution via unauthenticated arbitrary file upload.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-56290","severity":"critical","cvss":null,"cves":["CVE-2026-56290"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"3345f319-15d7-4471-a4a6-aa86761aaea3","num":19588,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/al26-015-critical-vulnerability-impacting-microsoft-sharepoint-server-cve-2026-45659","title":"AL26-015 - Critical vulnerability impacting Microsoft SharePoint Server – CVE-2026-45659","summary":"Number: AL26-015 Date: July 2, 2026 Audience This Alert is intended for IT professionals and managers. Purpose An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security (\"Cyber Centre\") is also available to provide additional assistance regarding the content of this Alert to recipients as requested. Details The Canadian Centre for Cyber Security (Cyber Centre) is aware of active exploitation of a vulnerability affecting Microsoft SharePoint Server. In response to the Microsoft security advisory, released on May 21, 2026 Footnote 1 , the Cyber Centre issued AV26-456 Footnote 2 Update 1 on May 21, 2026. Tracked as CVE-2026-45659 Footnote 3 , this vulnerability is a critical Deserialization of Untrusted Data (CWE-502) Footnote 4 vulnerability affecting multiple versions of Microsoft SharePoint Server and could allow a low privileged remote attacker to execute remote code. This vulnerability was added to the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog Footnote 5 on July 1, 2026. Suggested actions The Cyber Centre recommends that organizations upgrade affected Microsoft SharePoint instances to a fixed version: Affected Product Affected Versions Fixed Versions Microsoft SharePoint Enterprise Server 2016 16.0.0 before 16.0.5552.1002 16.0.5552.1002 Microsoft SharePoint Server 2019 16.0.0 before 16.0.10417.20128 16.0.10417.20128 Microsoft SharePoint Server Subscription Edition 16.0.0 before 16.0.19725.20280 16.0.19725.20280 The Cyber Centre recommends organizations: Identify all on-premises SharePoint Server instances, particularly those exposed to the internet. Use or upgrade to supported versions of on-premises Microsoft SharePoint Server. Apply the latest security updates from Microsoft. Important note: Microsoft SharePoint Enterprise Server 2016","link":"https://cyber.gc.ca/en/alerts-advisories/al26-015-critical-vulnerability-impacting-microsoft-sharepoint-server-cve-2026-45659","severity":"critical","cvss":null,"cves":["CVE-2026-45659"],"exploited":true,"has_exploit":true,"published_at":"2026-07-02T14:37:55+00:00"},{"id":"10f18149-832e-48b5-8e01-9a87846e2667","num":2084,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW","title":"Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability","summary":"A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root . Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root . Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW Security Impact Rating: Critical CVE: CVE-2026-20230","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Communications%20Manager%20Server-Side%20Request%20Forgery%20Vulnerability%26vs_k=1","severity":"critical","cvss":null,"cves":["CVE-2026-20230"],"exploited":true,"has_exploit":true,"published_at":"2026-07-01T15:10:08+00:00"},{"id":"6e2c84a0-e79c-4587-bc49-2b094b806061","num":1935,"source_id":"cisa-kev","external_id":"CVE-2026-45659","title":"CVE-2026-45659: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability","summary":"Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-45659","severity":"critical","cvss":null,"cves":["CVE-2026-45659"],"exploited":true,"has_exploit":true,"published_at":"2026-07-01T00:00:00+00:00"},{"id":"bb0515b0-4513-4e52-998a-f77895f7e782","num":2580,"source_id":"cisa-kev","external_id":"CVE-2026-48558","title":"CVE-2026-48558: SimpleHelp Authentication Bypass Vulnerability","summary":"SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacker can submit a forged token containing arbitrary identity claims to obtain a fully authenticated technician session. In some configurations, this may also allow bypass of multi-factor authentication.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48558","severity":"critical","cvss":null,"cves":["CVE-2026-48558"],"exploited":true,"has_exploit":true,"published_at":"2026-06-29T00:00:00+00:00"},{"id":"4ea687cb-5c5f-4c3c-80b5-277a6e933e9d","num":19602,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547","title":"Cisco security advisory (AV26-547) – Update 1","summary":"Serial number: AV26-547 Date: June 3, 2026 Updated: June 25, 2026 On June 3, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following: Cisco Unified Communications Manager (CM) Release 14 – versions prior to 14SU6 Cisco Unified Communications Manager (CM) Release 15 – versions prior to 15SU5 (Sep 2026) or COP Cisco Unified Communications Manager Session Management Edition (CM SME) release 14 – versions prior to 14SU6 Cisco Unified Communications Manager Session Management Edition (CM SME) release 15 – versions prior to 15SU5 (Sep 2026) or COP Cisco has indicated that a proof-of-concept exploit code is available for CVE-2026-20230. Update 1 On June 25, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20230 to their Known Exploited Vulnerabilities (KEV) Database. The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability Cisco Security Advisories CISA KEV: CVE-2026-20230","link":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547","severity":"critical","cvss":null,"cves":["CVE-2026-20230"],"exploited":true,"has_exploit":true,"published_at":"2026-06-25T19:37:20+00:00"},{"id":"5157e66e-8c3d-4f9a-963f-edd8aabe160e","num":381,"source_id":"cisa-kev","external_id":"CVE-2026-12569","title":"CVE-2026-12569: PTC Windchill and FlexPLM Improper Input Validation Vulnerability","summary":"PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by sending a malicious request to the network.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-12569","severity":"critical","cvss":null,"cves":["CVE-2026-12569"],"exploited":true,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00"},{"id":"b1ce1326-fd0b-45d1-a7a6-121412a848d2","num":1135,"source_id":"cisa-kev","external_id":"CVE-2026-20230","title":"CVE-2026-20230: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability","summary":"Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20230","severity":"critical","cvss":null,"cves":["CVE-2026-20230"],"exploited":true,"has_exploit":true,"published_at":"2026-06-25T00:00:00+00:00"},{"id":"f7a57ff8-7259-4065-a68f-fc33215b40cd","num":19612,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ubiquiti-security-advisory-av26-498","title":"Ubiquiti security advisory (AV26-498) – Update 1","summary":"Serial number: AV26-498 Date: May 22, 2026 Updated: June 23, 2026 On May 21, 2026, Ubiquiti published a security advisory to address vulnerabilities in the following products. Included were critical updates for the following: Express - version 4.0.13 and prior UCG-Industrial - version 5.0.13 and prior UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, EFG, UDW, UDR, UDR7, Express 7, UNVR, UNVR-Pro, UNVR-Instant, ENVR, UCG-Ultra, UCG-Max and UCG-Fiber - version 5.0.16 and prior UDM-Beast, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4 and UNAS-Pro-8 - version 5.1.8 and prior UDR-5G, ENVR-Core, UCKP, UCK and UCK-Enterprise - version 5.0.17 and prior UNVR-G2 and UNVR-G2-Pro - version 5.1.11 and prior UniFi OS Server - version 5.0.6 and prior Update 1 On June 23, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910 to their Known Exploited Vulnerabilities (KEV) Database. The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. Ubiquiti UniFi - Security Advisory Bulletin 064 Ubiquiti UniFi Security Releases CISA KEV: CVE-2026-34908 CISA KEV: CVE-2026-34909 CISA KEV: CVE-2026-34910","link":"https://cyber.gc.ca/en/alerts-advisories/ubiquiti-security-advisory-av26-498","severity":"critical","cvss":null,"cves":["CVE-2026-34908","CVE-2026-34909","CVE-2026-34910"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T20:14:02+00:00"},{"id":"6e37fa25-93a5-42d6-b43d-89b45fac9ef5","num":1103,"source_id":"cisa","external_id":"/node/25067","title":"Impact of Linux Kernel vulnerabilities on B&R products","summary":"View CSAF Summary B&R is aware of publicly reported vulnerabilities affecting the Linux kernel versions shipped with the products listed as affected in the advisory. Successful local exploitation of these vulnerabilities could allow an attacker to escalate privileges on the affected system. Public proof-of-concept exploits are available for the vulnerabilities described herein. At the time of publication of this advisory, B&R had no evidence of active exploitation targeting B&R products. The following versions of Impact of Linux Kernel vulnerabilities on B&R products are affected: Linux for B&R &lt;=12 APROL &lt;APROL-AutoYaST-DVD- V4.4-010.10.260602 X20EDS410 /all CVSS Vendor Equipment Vulnerabilities v3 7.8 B&R Industrial Automation GmbH Impact of Linux Kernel vulnerabilities on B&R products Incorrect Resource Transfer Between Spheres, Write-what-where Condition, Improper Privilege Management, Out-of-bounds Write, Multiple Releases of Same Resource or Handle Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2026-31431 In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. View CVE Details Affected Products Impact of Linux Kernel vulnerabilities on B&R products Vendor: B&R Industrial Automation GmbH Product Version: B&R Industrial Automation GmbH Linux for B&R &lt;=12, B&R Industrial Automation GmbH APROL &lt;APROL-AutoYaST-DVD- V4.4-010.10.260602, B&R Industrial Automation GmbH X20EDS410 /all Product Status: fixed, known_affected Remediations Vendor fix For affected products, softw","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-06","severity":"critical","cvss":null,"cves":["CVE-2026-31431","CVE-2026-43284","CVE-2026-46333","CVE-2026-46300","CVE-2026-43494"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T12:00:00+00:00"},{"id":"20ce7156-b2d4-43bd-a1f5-b4447bb9722f","num":2140,"source_id":"cisa-kev","external_id":"CVE-2025-67038","title":"CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability","summary":"Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-67038","severity":"critical","cvss":null,"cves":["CVE-2025-67038"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T00:00:00+00:00"},{"id":"4e816a84-e8b3-4e49-a7c6-f220e42c7d6e","num":1136,"source_id":"cisa-kev","external_id":"CVE-2026-34910","title":"CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability","summary":"Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injection.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34910","severity":"critical","cvss":null,"cves":["CVE-2026-34910"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T00:00:00+00:00"},{"id":"00dcbdc4-7558-4b1d-9177-75d3d8f47f87","num":1101,"source_id":"cisa-kev","external_id":"CVE-2026-34908","title":"CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability","summary":"Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to the system.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34908","severity":"critical","cvss":null,"cves":["CVE-2026-34908"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T00:00:00+00:00"},{"id":"ad60ad3b-58b8-4499-a71f-a37282f44e1f","num":2145,"source_id":"cisa-kev","external_id":"CVE-2026-34909","title":"CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability","summary":"Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that could be manipulated to access an underlying account.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34909","severity":"critical","cvss":null,"cves":["CVE-2026-34909"],"exploited":true,"has_exploit":false,"published_at":"2026-06-23T00:00:00+00:00"},{"id":"2e25ea57-28ea-47b8-a568-10e747152784","num":19625,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/al26-014-fortibleed-leak-thousands-compromised-credentials-impacting-fortinet-devices","title":"AL26-014 – FortiBleed leak of thousands of compromised credentials impacting Fortinet devices","summary":"Number: AL26-014 Date: June 18, 2026 Audience This Alert is intended for IT professionals and managers. Purpose An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security (\"Cyber Centre\") is also available to provide additional assistance regarding the content of this Alert to recipients as requested. Details On June 17, 2026, the Canadian Centre for Cyber Security (Cyber Centre) became aware of open-source reporting Footnote 1 Footnote 2 Footnote 3 Footnote 4 describing a widespread malicious campaign, known as “FortiBleed,” involving exposed credentials affecting Fortinet firewalls and VPN gateways. Exploitation of these credentials could allow malicious actors to gain remote access to affected devices and connected networks, as well as modify various system settings, including critical security controls. Suggested actions The Cyber Centre strongly recommends that organizations : Inventory all accounts on Fortinet devices, identify unauthorized or suspicious accounts (e.g., forticloud-sync , forticloud-tech ) and disable/remove suspected or unneeded accounts. Restrict access to management interfaces to trusted networks and hosts only. Terminate all active SSL VPN and administrative sessions. Reset passwords for all Fortinet VPN and administrative accounts. Enforce Multi-Factor Authentication (MFA) across all external gateways and admin interfaces. Ensure all Fortinet devices are running the latest firmware. Specifically, check for patches related to CVE-2024-55591 (obtain high privileges) Footnote 5 and, CVE-2025-59718 Footnote 6 and CVE-2025-59719 Footnote 7 (authentication bypass) Footnote 8 . In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre’s Top 10 IT Security Actions with an emphasis on the following topics Footnote 9 . Consolidate, mon","link":"https://cyber.gc.ca/en/alerts-advisories/al26-014-fortibleed-leak-thousands-compromised-credentials-impacting-fortinet-devices","severity":"critical","cvss":null,"cves":["CVE-2024-55591","CVE-2025-59718","CVE-2025-59719"],"exploited":true,"has_exploit":true,"published_at":"2026-06-18T13:52:14+00:00"},{"id":"6914c904-a624-4e77-afab-45827fc26892","num":1102,"source_id":"cisa-kev","external_id":"CVE-2026-20253","title":"CVE-2026-20253: Splunk Enterprise Missing Authentication for Critical Function Vulnerability","summary":"Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20253","severity":"critical","cvss":null,"cves":["CVE-2026-20253"],"exploited":true,"has_exploit":true,"published_at":"2026-06-18T00:00:00+00:00"},{"id":"deace2ec-cafa-41b2-828c-1a4c1632dbe2","num":2139,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk","title":"Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","summary":"A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non -root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk Security Impact Rating: Critical CVE: CVE-2026-20127","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Controller%20Authentication%20Bypass%20Vulnerability%26vs_k=1","severity":"critical","cvss":null,"cves":["CVE-2026-20127"],"exploited":true,"has_exploit":true,"published_at":"2026-06-16T17:39:47+00:00"},{"id":"9bf8b2fb-ebee-44fb-85e6-0b0d89a252a6","num":1137,"source_id":"cisa-kev","external_id":"CVE-2026-48907","title":"CVE-2026-48907: Widget Factory Joomla Content Editor Improper Access Control Vulnerability","summary":"Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48907","severity":"critical","cvss":null,"cves":["CVE-2026-48907"],"exploited":true,"has_exploit":true,"published_at":"2026-06-16T00:00:00+00:00"},{"id":"35c9839f-0665-42b8-844b-731db62ecfd3","num":1146,"source_id":"cisa-kev","external_id":"CVE-2026-54420","title":"CVE-2026-54420: LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability","summary":"LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-54420","severity":"critical","cvss":null,"cves":["CVE-2026-54420"],"exploited":true,"has_exploit":true,"published_at":"2026-06-15T00:00:00+00:00"},{"id":"85d9721d-49bc-49dd-ab88-db2164228349","num":1147,"source_id":"cisa-kev","external_id":"CVE-2026-20262","title":"CVE-2026-20262: Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability","summary":"Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20262","severity":"critical","cvss":null,"cves":["CVE-2026-20262"],"exploited":true,"has_exploit":true,"published_at":"2026-06-15T00:00:00+00:00"},{"id":"e6f84de6-9403-465a-8618-73fda66b54b4","num":1152,"source_id":"cisa-kev","external_id":"CVE-2026-35273","title":"CVE-2026-35273: Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability","summary":"Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of PeopleSoft Enterprise PeopleTools.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-35273","severity":"critical","cvss":null,"cves":["CVE-2026-35273"],"exploited":true,"has_exploit":true,"published_at":"2026-06-12T00:00:00+00:00"},{"id":"94254d48-34ce-47a0-a882-91e97f16298f","num":239,"source_id":"cisa-kev","external_id":"CVE-2026-10520","title":"CVE-2026-10520: Ivanti Sentry OS Command Injection Vulnerability","summary":"Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged state with its endpoints externally reachable. The use of mTLS with EPMM or restricted HTTPS access through Neurons for MDM makes interfaces inaccessible to external actors.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-10520","severity":"critical","cvss":null,"cves":["CVE-2026-10520"],"exploited":true,"has_exploit":true,"published_at":"2026-06-11T00:00:00+00:00"},{"id":"8bd2462e-b76b-4282-a80b-f6802e45aa33","num":1153,"source_id":"cisa-kev","external_id":"CVE-2026-11645","title":"CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability","summary":"Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-11645","severity":"critical","cvss":null,"cves":["CVE-2026-11645"],"exploited":true,"has_exploit":true,"published_at":"2026-06-09T00:00:00+00:00"},{"id":"3fc91eb9-8623-4972-a2a1-bc309c353f63","num":2379,"source_id":"cisa-kev","external_id":"CVE-2026-7473","title":"CVE-2026-7473: Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability","summary":"Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-7473","severity":"critical","cvss":null,"cves":["CVE-2026-7473"],"exploited":true,"has_exploit":true,"published_at":"2026-06-09T00:00:00+00:00"},{"id":"8f856955-9284-4c1c-abd2-71be71461d87","num":240,"source_id":"cisa-kev","external_id":"CVE-2026-20245","title":"CVE-2026-20245: Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability","summary":"Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20245","severity":"critical","cvss":null,"cves":["CVE-2026-20245"],"exploited":true,"has_exploit":true,"published_at":"2026-06-09T00:00:00+00:00"},{"id":"56cf9fac-706d-40ca-ab27-aa7469563a89","num":2632,"source_id":"cisa-kev","external_id":"CVE-2026-50751","title":"CVE-2026-50751: Check Point Security Gateway Improper Authentication Vulnerability","summary":"Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-50751","severity":"critical","cvss":null,"cves":["CVE-2026-50751"],"exploited":true,"has_exploit":true,"published_at":"2026-06-08T00:00:00+00:00"},{"id":"1790db02-45bf-49ef-af78-d28c2376556b","num":2391,"source_id":"cisa-kev","external_id":"CVE-2026-42271","title":"CVE-2026-42271: BerriAI LiteLLM Command Injection Vulnerability","summary":"BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-42271","severity":"critical","cvss":null,"cves":["CVE-2026-42271"],"exploited":true,"has_exploit":true,"published_at":"2026-06-08T00:00:00+00:00"},{"id":"4b1461e8-3907-4350-8283-a122125208ed","num":2633,"source_id":"cisa-kev","external_id":"CVE-2026-28318","title":"CVE-2026-28318: SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability","summary":"SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-28318","severity":"critical","cvss":null,"cves":["CVE-2026-28318"],"exploited":true,"has_exploit":true,"published_at":"2026-06-05T00:00:00+00:00"},{"id":"1567f040-d8f9-4837-9e74-0446dc11d814","num":386,"source_id":"cisa-kev","external_id":"CVE-2026-45247","title":"CVE-2026-45247: Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability","summary":"Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-45247","severity":"critical","cvss":null,"cves":["CVE-2026-45247"],"exploited":true,"has_exploit":true,"published_at":"2026-06-03T00:00:00+00:00"},{"id":"e64c0039-998e-47c3-b797-255397408659","num":241,"source_id":"cisa-kev","external_id":"CVE-2025-48595","title":"CVE-2025-48595: Android Framework Integer Overflow Vulnerability","summary":"Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48595","severity":"critical","cvss":null,"cves":["CVE-2025-48595"],"exploited":true,"has_exploit":true,"published_at":"2026-06-02T00:00:00+00:00"},{"id":"78a98d12-b4d6-47e2-8e5d-6119b2607435","num":2634,"source_id":"cisa-kev","external_id":"CVE-2022-0492","title":"CVE-2022-0492: Linux Kernel Improper Authentication Vulnerability","summary":"Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-0492","severity":"critical","cvss":null,"cves":["CVE-2022-0492"],"exploited":true,"has_exploit":true,"published_at":"2026-06-02T00:00:00+00:00"},{"id":"8b370c5a-75e1-42fa-ac18-9aefc88a8b2e","num":242,"source_id":"cisa-kev","external_id":"CVE-2024-21182","title":"CVE-2024-21182: Oracle WebLogic Server Unspecified Vulnerability","summary":"Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data.","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21182","severity":"critical","cvss":null,"cves":["CVE-2024-21182"],"exploited":true,"has_exploit":true,"published_at":"2026-06-01T00:00:00+00:00"},{"id":"ffbf71ed-c478-4a40-8c9c-c7e7240618b8","num":2150,"source_id":"cisa-kev","external_id":"CVE-2026-0257","title":"CVE-2026-0257: Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","summary":"Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-0257","severity":"critical","cvss":null,"cves":["CVE-2026-0257"],"exploited":true,"has_exploit":true,"published_at":"2026-05-29T00:00:00+00:00"},{"id":"aa8281e7-899a-4a41-a75f-d7b481bd3516","num":86921,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0300","title":"CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal (Severity: CRITICAL)","summary":null,"link":"https://security.paloaltonetworks.com/CVE-2026-0300","severity":"critical","cvss":null,"cves":["CVE-2026-0300"],"exploited":true,"has_exploit":true,"published_at":"2026-05-28T00:00:00+00:00"},{"id":"c590724c-f826-4b81-86fb-e70b4364378a","num":243,"source_id":"cisa-kev","external_id":"CVE-2026-45321","title":"CVE-2026-45321: TanStack Unspecified Vulnerability","summary":"TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a trusted identity.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-45321","severity":"critical","cvss":null,"cves":["CVE-2026-45321"],"exploited":true,"has_exploit":true,"published_at":"2026-05-27T00:00:00+00:00"},{"id":"41680753-8556-48dc-aa62-97e157430a5f","num":244,"source_id":"cisa-kev","external_id":"CVE-2026-8398","title":"CVE-2026-8398: Daemon Tools Lite Embedded Malicious Code Vulnerability","summary":"Daemon Tools contains an unspecified vulnerability that has a high impact on confidentiality, integrity, and availability.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-8398","severity":"critical","cvss":null,"cves":["CVE-2026-8398"],"exploited":true,"has_exploit":false,"published_at":"2026-05-27T00:00:00+00:00"},{"id":"2a5efcd6-53b3-4e8e-9f69-fa54b7cbff6a","num":2314,"source_id":"cisa-kev","external_id":"CVE-2026-48027","title":"CVE-2026-48027: Nx Console Embedded Malicious Code Vulnerability","summary":"Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfuscated payload that could harvested credentials from multiple sources on disk and in memory.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48027","severity":"critical","cvss":null,"cves":["CVE-2026-48027"],"exploited":true,"has_exploit":false,"published_at":"2026-05-27T00:00:00+00:00"},{"id":"788cb5a7-66aa-4add-a90e-07abaa1eabaf","num":1154,"source_id":"cisa-kev","external_id":"CVE-2026-48172","title":"CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability","summary":"LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which can be abused by any cPanel user account to execute arbitrary scripts with root privileges.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48172","severity":"critical","cvss":null,"cves":["CVE-2026-48172"],"exploited":true,"has_exploit":true,"published_at":"2026-05-26T00:00:00+00:00"},{"id":"bbfe3f4d-5784-48b4-a897-a5b1b8181a75","num":2332,"source_id":"cisa-kev","external_id":"CVE-2026-9082","title":"CVE-2026-9082: Drupal Core SQL Injection Vulnerability","summary":"Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstraction API.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-9082","severity":"critical","cvss":null,"cves":["CVE-2026-9082"],"exploited":true,"has_exploit":true,"published_at":"2026-05-22T00:00:00+00:00"},{"id":"341e6d18-110d-466b-a310-28d2c4b287fe","num":288,"source_id":"cisa-kev","external_id":"CVE-2026-34926","title":"CVE-2026-34926: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability","summary":"Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34926","severity":"critical","cvss":null,"cves":["CVE-2026-34926"],"exploited":true,"has_exploit":true,"published_at":"2026-05-21T00:00:00+00:00"},{"id":"61d17da8-837c-4181-a4aa-5e8e29b2f6f8","num":1155,"source_id":"cisa-kev","external_id":"CVE-2025-34291","title":"CVE-2025-34291: Langflow Origin Validation Error Vulnerability","summary":"Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. This could allow the attacker to execute arbitrary code and achieve full system compromise via obtained tokens that permit access to authenticated endpoints.","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-34291","severity":"critical","cvss":null,"cves":["CVE-2025-34291"],"exploited":true,"has_exploit":true,"published_at":"2026-05-21T00:00:00+00:00"},{"id":"2787611d-5bbf-4738-ad66-c1ab8cf65ad9","num":87126,"source_id":"drupal","external_id":"3591142 at https://www.drupal.org","title":"Drupal core - Highly critical - SQL injection - SA-CORE-2026-004","summary":"Project: Drupal core Date: 2026-May-20 Security risk: Highly critical 23 ∕ 25 AC:None/A:None/CI:All/II:All/E:Exploit/TD:Uncommon Vulnerability: SQL injection Affected versions: >= 8.9.0 < 10.4.10 || >= 10.5.0 < 10.5.10 || >= 10.6.0 < 10.6.9 || >= 11.0.0 < 11.1.10 || >= 11.2.0 < 11.2.12 || >= 11.3.0 < 11.3.10 CVE IDs: CVE-2026-9082 Description: Drupal core includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests, resulting in arbitrary SQL injection for sites using PostgreSQL databases. This can lead to information disclosure, and in some cases privilege escalation, remote code execution, or other attacks. This vulnerability can be exploited by anonymous users. This SQL injection vulnerability only affects sites using PostgreSQL . However, the third-party dependency updates in these releases apply to all sites. Updates May 22 2026, 04:30 UTC: The risk score has been updated to reflect that exploit attempts are now being detected in the wild. Upstream security advisories The Drupal releases for supported branches (11.3, 11.2, 10.6, and 10.5) in this advisory also include security updates for Symfony and Twig. Those projects have released important Security Advisories that were coordinated with this Drupal release, and Drupal is affected by some of the vulnerabilities. Depending on your site configuration and contrib modules, you may be vulnerable to one or more of these upstream issues, so updating these dependencies is highly recommended whether the SQL Injection vulnerability affects you or not . It is also recommended to review which user roles have the ability to update Twig templates, for example via Views or contributed modules. Solution: Install the latest version. Drupal 11 If you use Drupal 11.3.x, update to Drupal 11.3.10 . If you use Drupal 11.2.x, update to Drupal 11.2.12 . If you use Drupal 11.1.","link":"https://www.drupal.org/sa-core-2026-004","severity":"critical","cvss":null,"cves":["CVE-2026-9082"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T18:08:21+00:00"}]}