Tag: cve
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation
Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arbitrary file write vulnerability affecting Catalyst SD-WAN Manager. CVE-2026-20262 (CVSS score of 6.5) is an arbitrary file write vulnerability in the web interface of Cisco Catalyst SD-WAN Manager. The flaw is…
-
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber.In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours.CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could First…
-
U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: CVE-2026-20262 is an arbitrary…
-
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.”A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker…
-
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026.The vulnerability in question is CVE-2026-54420 (CVSS score: 8.5), which has been described as a case of…
-
Microsoft 365 Copilot Vulnerability Exposes Sensitive Data Through One-Click Attack
Microsoft 365 Copilot has been found vulnerable to a critical one-click data exfiltration attack chain dubbed “SearchLeak,” exposing sensitive enterprise data through a combination of AI-specific and traditional web vulnerabilities. Discovered by Varonis Threat Labs, the flaw, tracked as CVE-2026-42824 and rated critical, demonstrates how modern AI integrations can unintentionally expand attack surfaces by linking…
-
CVE-2022-0492 wird aktiv ausgenutzt – Vier Jahre alte Linux-Kernel-Lücke erlaubt Container-Ausbruch
First seen on security-insider.de Jump to article: www.security-insider.de/linux-kernel-cve-2022-0492-container-ausbruch-cgroups-a-dfa9ed0a068ebd2d08d9dccbb4b05916/
-
Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited
Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign targeting universities. The post Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-peoplesoft-zero-day-shinyhunters/
-
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/
-
AI vulnerability discovery is pushing 2026 CVEs toward 66,000
Vulnerability disclosures are piling up faster in 2026 than anyone expected at the start of the year. The running count for the first few months sits well above the original … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/15/first-2026-cve-forecast/
-
Jenkins RCE Flaw Exploited by Attackers in the Wild
A remote code execution (RCE) vulnerability in Jenkins, tracked as CVE-2026-53435, is now actively exploited in the wild. The flaw, stemming from insecure deserialization during Jenkins’ config.xml processing, allows unauthenticated or low-privileged attackers to execute arbitrary code on vulnerable instances, posing a severe risk to organizations that rely on the popular CI/CD automation server. Jenkins RCE Flaw…
-
Jenkins RCE Flaw Exploited by Attackers in the Wild
A remote code execution (RCE) vulnerability in Jenkins, tracked as CVE-2026-53435, is now actively exploited in the wild. The flaw, stemming from insecure deserialization during Jenkins’ config.xml processing, allows unauthenticated or low-privileged attackers to execute arbitrary code on vulnerable instances, posing a severe risk to organizations that rely on the popular CI/CD automation server. Jenkins RCE Flaw…
-
Palo Alto Warns GlobalProtect VPN Flaw Is Being Actively Exploited
Palo Alto Networks has issued an urgent warning after confirming active exploitation of a GlobalProtect VPN vulnerability, tracked as CVE-2026-0257, impacting PAN-OS deployments with specific configurations. The flaw, which affects the GlobalProtect portal and gateway components, enables an authentication bypass that allows unauthenticated attackers to establish VPN sessions and potentially gain access to internal enterprise…
-
Russia-Aligned Hackers Exploit Old WinRAR Vulnerability to Target Ukrainian Organizations
CVE-2025-8088, a WinRAR path traversal vulnerability patched in July 2025, remains a potent initial access vector for multiple intrusion sets targeting Ukraine. Analysis of attacks through April 2026 shows at least two distinct campaigns exploiting this vulnerability: a compiled-stealer chain attributed to an intrusion set we temporarily label SHADOW-EARTH-066 (tracked by CERT”‘UA as UAC”‘0226) and…
-
Mandiant bestätigt CVE-2026-35273 und aktive Angriffe – ShinyHunters missbrauchen Zero-Day-Lücke in Oracle PeopleSoft
First seen on security-insider.de Jump to article: www.security-insider.de/shinyhunters-oracle-peoplesoft-zero-day-cve-2026-35273-a-8b23ff9753f50c14facb5845c4b23ee4/
-
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution.The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system.”In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary…
-
U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, oracle, technology, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle PeopleSoft Enterprise PeopleTools flaw, tracked as CVE-2026-35273 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Oracle PeopleSoft Enterprise PeopleTools is the underlying technology platform…
-
Critical Splunk Enterprise Pre-Auth RCE Chain Exposes Databases
Tags: api, authentication, cve, cvss, cyber, flaw, rce, remote-code-execution, service, vulnerabilityA critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked asCVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects thePostgreSQL Sidecar Serviceintroduced in Splunk version 10. The root cause of CVE-2026-20253 lies in the PostgreSQL Sidecar Service’s HTTP API…
-
Critical Splunk Enterprise Pre-Auth RCE Chain Exposes Databases
Tags: api, authentication, cve, cvss, cyber, flaw, rce, remote-code-execution, service, vulnerabilityA critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked asCVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects thePostgreSQL Sidecar Serviceintroduced in Splunk version 10. The root cause of CVE-2026-20253 lies in the PostgreSQL Sidecar Service’s HTTP API…
-
U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Sentry flaw, tracked as CVE-2026-10520 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti Sentry is a secure gateway appliance that sits between an organization’s internal…
-
Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
WatchTowr researchers have disclosed a technical analysis and a >>Detection Artefact Generator<< for CVE-2026-50751, an authentication bypass flaw in Check … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/12/cve-2026-50751-poc-exploit/
-
Attackers Can Exploit Microsoft Outlook and Word Flaws to Run Malicious Code
Microsoft has disclosed a set of critical remote code execution (RCE) vulnerabilities affecting Outlook and Word that could allow attackers to execute arbitrary code on targeted systems. The flaws, tracked as CVE-2026-45456, CVE-2026-45458, and CVE-2026-47635, were released on June 9, 2026, and carry high severity ratings with CVSS scores of 8.4. Security researchers warn that…
-
Palo Alto PAN-OS Flaw Lets Attackers Run Arbitrary Commands With Root Privileges
Palo Alto Networks has released patches for three new PAN-OS vulnerabilities that could allow authenticated administrators or users to execute arbitrary commands with root privileges or force firewalls into repeated reboots, raising operational and security concerns for enterprises relying on PA-Series and VM-Series appliances. PAN-OS Root Command Injection via CLI and Web UI (CVE-2026-0273) CVE-2026-0273…
-
Microsoft Teams Android Flaw Could Let Attackers Disclose Sensitive Information
Microsoft has disclosed a high-severity information disclosure vulnerability affecting its Teams application for Android, tracked as CVE-2026-42835. The flaw, publicly released on June 9, 2026, has been assigned a CVSS v3.1 base score of 8.1, categorizing it as an “Important” severity issue. According to Microsoft’s advisory, the vulnerability stems from improper neutralization of special elements…
-
Oracle PeopleSoft Zero-Day RCE Vulnerability Exploited by ShinyHunters
Tags: cve, cvss, cyber, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, vulnerability, zero-dayA newly disclosed zero-day vulnerability in Oracle PeopleSoft is being actively exploited by the ShinyHunters threat group, according to a joint investigation by Mandiant and Google Threat Intelligence Group (GTIG). Tracked as CVE-2026-35273 with a critical CVSS score of 9.8, the flaw affects the Environment Management component and enables unauthenticated remote code execution. Researchers confirmed…
-
CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release
Tags: cve, data-breach, exploit, flaw, injection, Internet, ivanti, remote-code-execution, threat, updateAttackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploiting a maximum-severity OS command injection flaw in Ivanti Sentry, tracked as CVE-2026-10520, that allows remote code execution with root privileges. >>An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote…