CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Actively Exploited Vulnerabilities

Every advisory below covers a vulnerability with exploitation observed in the wild, cross-referenced against the CISA Known Exploited Vulnerabilities (KEV) catalog and refreshed every 3 hours. If your patch queue is long, start here: KEV listing means real attacks are happening now, and US federal agencies are required to remediate these under BOD 22-01.

1,706 exploited-vulnerability advisories · page 1 / 35

Langflow security advisory (AV26-670)

Serial number: AV26-670 Date: July 8, 2026 On July 7, 2026, Langflow updated a security advisory to address vulnerabilities in the following product: Langflow – versions prior to 1.9.1 On July 7, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-55255 t

unknownexploitedCVE-2026-55255cccs2026-07-08

Adobe security advisory (AV26-647) – Update 2

Serial number: AV26–647 Date: July 2, 2026 Updated: July 7, 2026 On June 30, 2026, Adobe published security advisories to address critical vulnerabilities in the following products: Adobe ColdFusion 2025 – Update 9 and prior Adobe ColdFusion 2023 – Update 20 and prior Adobe Campa

criticalexploitedCVE-2026-48282cccs2026-07-07

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48282 Adobe ColdFusion Path Traversal Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and

highexploitedCVE-2026-48282cisa2026-07-07

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-45659 Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector

highexploitedCVE-2026-45659cisa2026-07-01

SimpleHelp security advisory (AV26-642)

Serial number: AV26-642 Date: June 30, 2026 On May 26, 2026, SimpleHelp published a security update to address vulnerabilities in the following product: SimpleHelp – versions 5.5.0 to versions prior to 5.5.16 SimpleHelp – versions 6.0 to versions prior to 6.0 RC2 On June 29, 2026

unknownexploitedCVE-2026-48558cccs2026-06-30

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48558 SimpleHelp Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors an

highexploitedCVE-2026-48558cisa2026-06-29

Cisco security advisory (AV26-547) – Update 1

Serial number: AV26-547 Date: June 3, 2026 Updated: June 25, 2026 On June 3, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following: Cisco Unified Communications Manager (CM) Release 14 – version

criticalexploitedCVE-2026-20230cccs2026-06-25

Splunk security advisory (AV26-586) – Update 1

Serial number: AV26-586 Date: June 10, 2026 Update: June 18, 2026 On June 10, 2026, Splunk published security advisories to address vulnerabilities in the following products: Splunk SOAR – versions prior to 8.5.0 Splunk Enterprise – multiple versions and platforms Splunk Cloud Pl

unknownexploitedCVE-2026-20253cccs2026-06-18
Older →