Tag: cve
-
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure
Hackers exploited Cisco Catalyst SD-WAN flaw CVE-2026-20245 as a zero-day months before disclosure, enabling privileged command execution. Google-owned Mandiant reported that an unknown threat actor exploited Cisco Catalyst SD-WAN vulnerability CVE-2026-20245 (CVSS base score of 7.8) as a zero-day at least two months before it was publicly disclosed. The flaw allows an authenticated attacker with…
-
Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access
New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/
-
ManageEngine AD360 Integrated Products Hit by Account Takeover Vulnerability
ManageEngine has disclosed a critical account takeover vulnerability, tracked as CVE-2026-11374, affecting various integrated products within its AD360 identity and access management suite. The flaw affects ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus when used with AD360 and via single sign-on (SSO) integration. This vulnerability stems from predictable SSO ticket generation, which…
-
Langflow RCE Flaw Lets Attackers Execute Arbitrary Python Code Without Authentication
Tags: ai, authentication, cve, cyber, data-breach, exploit, flaw, framework, open-source, rce, remote-code-execution, vulnerabilityA critical unauthenticated remote code execution (RCE) vulnerability in Langflow, tracked as CVE-2026-33017, is being actively exploited in the wild within hours of its disclosure. This vulnerability allows attackers to execute arbitrary Python code on exposed instances without any authentication. It affects the widely used open-source AI workflow framework designed for building large language model…
-
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant.The vulnerability, tracked as CVE-2026-20245 (CVSS score: 7.8), allows an authenticated, local attacker to execute arbitrary commands with elevated privileges First seen…
-
CVE-2026-20262 erlaubt Rechteausweitung durch Datei-Upload – Aktiv ausgenutzte Lücke im Cisco SD-WAN Manager gibt Root-Zugriff
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-sd-wan-manager-cve-2026-20262-root-zugriff-a-4b5a04fcc33f1f4144727d80f9c3d037/
-
CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warned of active exploitation of a critical security flaw impacting Lantronix EDS5000 Series devices, urging Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 26, 2026.The vulnerability in question is CVE-2025-67038 (CVSS score: 9.8), a code injection flaw that could result in…
-
Why Frontier AI makes prioritization the most important part of your CTEM program
Frontier AI could drive a 10x surge in vulnerabilities. CTEM helps organizations continuously identify, prioritize, and reduce real cyber risk. Your vulnerability management program was not designed for what is coming next. More than 40,000 CVEs were reported in 2025, breaking yet another record. Today, security experts anticipate that frontier AI-powered systems could drive a…
-
Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild
Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnerability, tracked as CVE-2026-20230 (CVSS score of 8.6), that attackers are already exploiting. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without…
-
Dawn of the Apex Agentic Adversary
We are standing at the end of an era we never thought to mourn: the era of human-speed threats.For years, cybersecurity moved to a rhythm organizations could follow. A researcher found a bug, a CVE was cataloged, a vendor navigated a patch cycle, and weeks or even months later, a fix was deployed. In this…
-
Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)
CVE-2026-20230, a server-side request forgery (SSRF) vulnerability affecting Cisco’s Unified Communications Manager (Unified CM), is being exploited to drop webshells … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/24/cisco-unified-cm-flaw-exploited-to-drop-webshells-cve-2026-20230/
-
PoC Released for Microsoft Exchange Server EWS InstallApp SSRF Vulnerability
A proof-of-concept exploit has been released for CVE-2026-45502, a server-side request forgery (SSRF) vulnerability in the Microsoft Exchange Server’s Exchange Web Services (EWS) InstallApp operation. This vulnerability poses risks to organisations that have not yet deployed the security updates from June 2026. The flaw affects Exchange Server versions 2016 CU23, 2019 CU14 and CU15, and…
-
Webmin Stored XSS Vulnerability Lets Attackers Exploit Root Users
A newly disclosed stored cross-site scripting (XSS) vulnerability in Webmin has raised significant security concerns, as it allows attackers with limited privileges to target and potentially compromise root users. This vulnerability, tracked as CVE-2026-22678, affects Webmin versions before 2.641 and resides in the System and Server Status module, a commonly used component for monitoring system…
-
Cisco Unified Communications Manager Flaw Exposes Systems to SSRF Attacks and Root Access
Cisco has disclosed a critical server-side request forgery (SSRF) vulnerability affecting its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME). This vulnerability could enable unauthenticated remote attackers to write files to the underlying operating system and potentially escalate their privileges to root. Identified as CVE-2026-20230 and documented in…
-
Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME).The vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a case of improper input validation for specific HTTP requests that could allow an unauthenticated, remote First seen…
-
Samsung KNOX Kernel Flaw Exposes Galaxy Devices to Memory Corruption Attacks
Samsung has addressed a critical kernel vulnerability in its KNOX security framework that puts millions of Galaxy devices at risk of memory-corruption attacks, potentially allowing full device compromise. This issue, tracked as CVE-2026-20971, was discovered by LucidBit Labs and affects a wide range of Samsung smartphones released over the past eight years, including devices from…
-
CISA Adds Ubiquiti UniFi OS Flaws to KEV Catalog
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, network, office, risk, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities affecting Ubiquiti UniFi OS to its Known Exploited Vulnerabilities (KEV) catalog. This highlights the increasing risk to both enterprise and small-office network environments that rely on this popular network management platform. The newly identified flaws, CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, affect UniFi OS…
-
FortiSandbox-CVEs ermöglichen Codeausführung ohne Anmeldung – Drei FortiSandbox-Schwachstellen werden aktiv ausgenutzt
First seen on security-insider.de Jump to article: www.security-insider.de/fortisandbox-schwachstellen-aktiv-ausgenutzt-a-1d10887a5103748972c33e726a845414/
-
Samsung KNOX Kernel UAF Exposes Millions of Galaxy Devices
Samsung’s KNOX flaw (CVE-2026-20971) is a kernel UAF in PROCA/FIVE that can enable corruption via a race; Samsung patched it in Jan 2026. Experts found a nasty kernel flaw in Samsung’s KNOX stack, and the uncomfortable part is where it lived: inside the software designed to raise the bar for attackers. CVE-2026-20971 is a use-after-free…
-
Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks
A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-unified-cm-sme-flaw-cve-2026-20230-now-exploited-in-attacks/
-
CVE-2026-49975 erschöpft Webserver-RAM mit einem Byte – HTTP/2 Bomb crasht Webserver in Sekunden
Tags: cveFirst seen on security-insider.de Jump to article: www.security-insider.de/http2-bomb-webserver-ram-denial-of-service-cve-2026-49975-a-98003db5dc164179ca5da92c1a970d9c/
-
Critical libssh2 Vulnerability Lets Remote Attackers Execute Code via Crafted SSH Packets
A critical security vulnerability has been identified in libssh2, a widely used client-side SSH library. This flaw allows remote attackers to execute code by sending specially crafted SSH packets. The vulnerability, tracked as CVE-2026-55200, has a CVSS score of 9.2 and affects libssh2 versions up to and including 1.11.1. The issue has been resolved in…
-
Critical FFmpeg Vulnerability Lets Hackers Execute Remote Code via Malicious Media Files
A critical memory corruption vulnerability in FFmpeg has been disclosed, allowing for remote code execution through specially crafted media files. This flaw, tracked as CVE-2026-8461 and named “PixelSmash,” affects the MagicYUV decoder within FFmpeg’s libavcodec library and has a CVSS score of 8.8. Discovered by JFrog Security Research, the vulnerability arises from a heap out-of-bounds…
-
Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials
Squidbleed is a 29-year-old Squid Proxy flaw that can leak credentials, tokens, and other users’ HTTP data through a memory overread. Researchers at Calif.io have disclosed CVE-2026-47729, a memory leak vulnerability in Squid Proxy that was introduced in 1997 and has remained undetected through nearly three decades of releases, audits, and rewrites. They named it…
-
29-Year-Old Squid Proxy Vulnerability Exposes Authorization Headers and API Keys
A recently disclosed vulnerability in Squid Proxy, tracked as CVE-2026-47729 and referred to as “Squidbleed,” is exposing sensitive user data, including HTTP authorization headers and API keys. This issue arises from a decades-old memory-handling flaw in Squid’s codebase, dating back to at least 1997. It affects default configurations and illustrates how support for legacy protocols…
-
CVE-2026-20253 in Splunk Enterprise aktiv ausgenutzt – Splunk Enterprise anfällig für Dateioperationen ohne Authentifizierung
First seen on security-insider.de Jump to article: www.security-insider.de/splunk-enterprise-cve-2026-20253-aktiv-ausgenutzt-a-c8295b90addaca7919847b79ed110813/
-
Beats Studio Buds Vulnerability Lets Attackers Within Bluetooth Range Access Microphone
Apple has revealed a significant security vulnerability affecting Beats Studio Buds, which could allow attackers within Bluetooth range to access a device’s microphone without user consent. This issue, identified as CVE-2025-20701, was addressed in Beats Firmware Update 1B211, released on June 16, 2026. According to Apple’s advisory, the flaw impacts devices that are not yet…
-
pgAdmin 4 Released with Patches for Seven Vulnerabilities and Feature Enhancements
pgAdmin 4 version 9.16 has been released by the pgAdmin Development Team, introducing significant security improvements along with feature enhancements and bug fixes. This update addresses seven vulnerabilities, tracked as CVE-2026-12044 through CVE-2026-12050, and includes 64 bug fixes and various usability upgrades. As one of the most widely used open-source management tools for PostgreSQL environments,…
-
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about 100,000 sites.The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens First seen…