Latest Vulnerability Related Headlines

Prev Next

ManageEngine AD360 Integration Flaw Exposes User Identity and Role Information to Attackers (cybersecuritynews.com)

25 Jun 2026

Cisco SD-WAN Flaw Exploited Months Before Public Disclosure (securityboulevard.com)

25 Jun 2026

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning (www.securityweek.com)

25 Jun 2026

Update Chrome to patch critical browser security flaws (www.malwarebytes.com)

25 Jun 2026

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure (securityaffairs.com)

25 Jun 2026

CVE-2026-46140 Bluetooth: btmtk: validate WMT event SKB length before struct access (msrc.microsoft.com)

25 Jun 2026

CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing (msrc.microsoft.com)

25 Jun 2026

CVE-2026-11816 Path Traversal in keras-team/keras (msrc.microsoft.com)

25 Jun 2026

Cisco SD-WAN Zero-Day Exploited Months Before Patching (www.securityweek.com)

25 Jun 2026

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access (thehackernews.com)

25 Jun 2026

Threat Intelligence Brief: CVE-2026–26980 — SQL Injection Vulnerability in Ghost CMS (medium.com)

24 Jun 2026

Chrome 149 Security Update — Patch for Critical Flaws that Enable Code Execution Attacks (cybersecuritynews.com)

24 Jun 2026

What do Ports Hear When Nobody's Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th) (isc.sans.edu)

24 Jun 2026

The hits keep on coming for Cisco vulnerabilities (www.theregister.com)

24 Jun 2026

Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access (www.bleepingcomputer.com)

24 Jun 2026

Patched Samsung KNOX kernel flaw (CVE-2026-20971) detailed (www.scworld.com)

24 Jun 2026

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited (thehackernews.com)

24 Jun 2026

PixelSmash flaw turns video files into attack tools (www.malwarebytes.com)

24 Jun 2026

Hackers Exploiting Cisco Catalyst SD-WAN Manager 0-Day Flaw to Gain Root-Level Access (cybersecuritynews.com)

24 Jun 2026

How much cyber risk does AI create for organizations? 457 million security issues. Here’s what you can do about it…

24 Jun 2026

PoC Exploit Released for Microsoft Exchange Server Elevation of Privilege Vulnerability (cybersecuritynews.com)

24 Jun 2026

Laravel Livewire Applications Compromised to Steal Credentials Exploiting RCE Vulnerability (cybersecuritynews.com)

24 Jun 2026

Critical Webmin Vulnerabilities Allow Attackers to Impersonate as Any User (cybersecuritynews.com)

24 Jun 2026

PoC Exploit Released for libssh2 Remote Code Execution Vulnerability (cybersecuritynews.com)

24 Jun 2026

GhostShell Malware Uses mTLS Implant and Telegram Dead-Drop to Target Ukrainian Drone Operations (cybersecuritynews.com)

24 Jun 2026

Why Frontier AI makes prioritization the most important part of your CTEM program (securityaffairs.com)

24 Jun 2026

Red-Team AI Tool Vulnerabilities Let Attackers Exfiltrate API Keys and Compromise Operators’ Systems (cybersecuritynews.com)

24 Jun 2026

Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild (securityaffairs.com)

24 Jun 2026

Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230) (www.helpnetsecurity.com)

24 Jun 2026

Attackers exploit Cisco Unified CM flaw weeks after patch release (www.csoonline.com)

24 Jun 2026

Hackers Exploit Unpatched SharePoint Servers to Deploy Ransomware and Custom Backdoors (cybersecuritynews.com)

24 Jun 2026

StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader (securelist.com)

24 Jun 2026

U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

24 Jun 2026

Cisco Unified CM Flaw CVE-2026-20230 Now Exploited in Attacks (securityboulevard.com)

24 Jun 2026

Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks (securityboulevard.com)

24 Jun 2026

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root (thehackernews.com)

24 Jun 2026

Critical Cisco Unified CM and SME Flaw Enables Remote Attacker to Launch SSRF Attacks (cybersecuritynews.com)

24 Jun 2026

From Langflow to Monero: Inside CVE-2026-33017 Cryptominer (www.trendmicro.com)

24 Jun 2026

Hackers Exploiting Cisco Unified CM Vulnerability (www.securityweek.com)

24 Jun 2026

CVE-2025-54068 Laravel Livewire Credential Theft Campaign: 6,000+ Applications Compromised (securityboulevard.com)

23 Jun 2026

CISA Warns of Ubiquiti UniFi OS Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

23 Jun 2026

Hole in widely-used FFmpeg codec could crash media servers or enable RCE (www.csoonline.com)

23 Jun 2026

4 vulnerabilities in Dify expose cross-tenant data (www.scworld.com)

23 Jun 2026

Samsung KNOX Kernel UAF Exposes Millions of Galaxy Devices (securityaffairs.com)

23 Jun 2026

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks (www.bleepingcomputer.com)

23 Jun 2026

FFmpeg PixelSmash Vulnerability Enables Remote Code Execution  (www.esecurityplanet.com)

23 Jun 2026

Mythos discovers 'Squidbleed,' a memory leak that's gone undetected since Clinton era (www.theregister.com)

23 Jun 2026

DifyTap: Four Bugs Put over 1 million AI Apps at Risk (securityaffairs.com)

23 Jun 2026

CVE-2026-12957 and CVE-2026-12958 - Issues in Language Servers for AWS and Amazon Q Developer Plugins (aws.amazon.com)

23 Jun 2026

AWS Warns Outbound Traffic Blind Spots Can Enable Cloud Data Exfiltration (cybersecuritynews.com)

23 Jun 2026

DifyTap Flaws Allow Attackers to Wiretap AI Data Across Tenants – 1M+ Apps Impacted (cybersecuritynews.com)

23 Jun 2026

CVE-2026-33840 Win32k Elevation of Privilege Vulnerability (msrc.microsoft.com)

23 Jun 2026

CVE-2026-42271: Unauthenticated RCE in LiteLLM AI Gateway (securityboulevard.com)

23 Jun 2026

Researcher Earns $148,337 for Google Cloud Production RCE Vulnerability (cybersecuritynews.com)

23 Jun 2026

Critical libssh2 Vulnerability Allows Attackers to Execute Remote Code Via Malicious SSH packets (cybersecuritynews.com)

23 Jun 2026

Critical FFmpeg Vulnerability Allows Attackers to Weaponize Media Files (cybersecuritynews.com)

23 Jun 2026

Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials (securityaffairs.com)

23 Jun 2026

CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd) (isc.sans.edu)

22 Jun 2026

AryStinger Botnet Hijacks 4,300+ Routers to Build Global Attack Proxy Network (cybersecuritynews.com)

22 Jun 2026

Report: CVE Disclosures Are 46% Higher Than Projected in First Half of 2026 (securityboulevard.com)

22 Jun 2026

Apple Beats Studio Buds Vulnerability Allows Hackers to Eavesdrop on Users (cybersecuritynews.com)

22 Jun 2026

How to automate workflows using open-source AI agents (www.techradar.com)

22 Jun 2026

29-Year-Old ‘Squidbleed’ Vulnerability Discovered With the Aid of Claude Mythos Preview (cybersecuritynews.com)

22 Jun 2026

Vibe coding guide: How to transition from AI generation to live deployment (www.techradar.com)

22 Jun 2026

pgAdmin 4 Released With Fixes for Seven Security Vulnerabilities and New Features (cybersecuritynews.com)

22 Jun 2026

QNAP Patches Multiple Injection Vulnerabilities Leads to Arbitrary Command Execution (cybersecuritynews.com)

22 Jun 2026

4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware (securityaffairs.com)

22 Jun 2026

Security Affairs newsletter Round 582 by Pierluigi Paganini – INTERNATIONAL EDITION (securityaffairs.com)

21 Jun 2026

Hackers Exploit Gravity SMTP WordPress Plugin Vulnerability (securityboulevard.com)

21 Jun 2026

Microsoft SharePoint Under Siege: A Deep Dive into the ToolShell Zero-Day Campaign (CVE-2025–53770) (medium.com)

21 Jun 2026

SEC Consult SA-20260618-0 :: Hardcoded Root Cloud Credentials in Application Binaries in Silver Leaf Technologies - Worksnaps.net Worksnaps (seclists.org)

20 Jun 2026

SEC Consult SA-20260617-1 :: Multiple Vulnerabilities in Quanos Content Solutions - SCHEMA ST4 (seclists.org)

20 Jun 2026

SEC Consult SA-20260617-0 :: Multiple Critical Vulnerabilities in Sprecher Automation SPRECON-E-C/-E-P/-E-T3 (seclists.org)

20 Jun 2026

OpenBSD mpls_do_error: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read (seclists.org)

20 Jun 2026

SEC Consult SA-20260616-0 :: Broken Access Control in syracom AG Secure Login (2FA) for Atlassian Jira / Confluence / Bitbucket…

20 Jun 2026

CVE-2025-68624: Cross-Tenant Authentication Bypass by Spoofing in N-able Mail Assure (seclists.org)

20 Jun 2026

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys (thehackernews.com)

20 Jun 2026

CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption (msrc.microsoft.com)

20 Jun 2026

CVE-2026-12462 Use after free in Media (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12460 Insufficient policy enforcement in File System Access (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12459 Inappropriate implementation in Serial (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12458 Incorrect security UI in Passwords (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12457 Insufficient data validation in Extensions (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12456 Insufficient validation of untrusted input in Extensions (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12455 Use after free in Tab Strip (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12463 Inappropriate implementation in Views (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12464 Use after free in Browser (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12466 Heap buffer overflow in WebRTC (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12449 Use after free in Chromoting (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12461 Out of bounds read in WebRTC (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12437 Use after free in WebShare (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12444 Out of bounds read in Chromoting (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12468 Inappropriate implementation in Updater (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12454 Race in Safe Browsing (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12467 Use after free in Extensions (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12465 Insufficient validation of untrusted input in Metrics (msrc.microsoft.com)

19 Jun 2026

CVE-2026-24289 Windows Kernel Elevation of Privilege Vulnerability (msrc.microsoft.com)

19 Jun 2026

CVE-2026-32177 .NET Elevation of Privilege Vulnerability (msrc.microsoft.com)

19 Jun 2026

CISA Adds LiteSpeed cPanel Plugin Vulnerability to KEV List Following Active Exploitation (cybersecuritynews.com)

19 Jun 2026

CVE-2026-20253: CISA Warns of Actively Exploited Splunk Enterprise RCE (socradar.io)

19 Jun 2026

Critical WordPress Plugin Vulnerability Exposes 1 Million Sites to File Deletion Attacks (cybersecuritynews.com)

19 Jun 2026

FortiBleed: Everything You Need to Know (socradar.io)

19 Jun 2026

CVE-2026-42530 & CVE-2026-42055: F5 Patches NGINX Vulnerabilities (socradar.io)

19 Jun 2026

Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap (www.malwarebytes.com)

19 Jun 2026

INC Ransomware Uses Rust-Based Windows and Linux/ESXi Encryptors in New Attacks (cybersecuritynews.com)

19 Jun 2026

U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday (securityaffairs.com)

19 Jun 2026

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) (www.helpnetsecurity.com)

19 Jun 2026

CISA Warns of Splunk Enterprise Critical Function Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

19 Jun 2026

Node.js Fixes 12 Vulnerabilities, Including 2 High-Severity Authentication Bypasses (cybersecuritynews.com)

19 Jun 2026

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone (thehackernews.com)

19 Jun 2026

M365 Copilot SearchLeak: Your prompt injection attack surface just got bigger (www.csoonline.com)

19 Jun 2026

CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling (msrc.microsoft.com)

19 Jun 2026

CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow (msrc.microsoft.com)

19 Jun 2026

CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2 (msrc.microsoft.com)

19 Jun 2026

CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow (msrc.microsoft.com)

19 Jun 2026

CVE-2026-12087 Socket versions before 2.041 for Perl have an out-of-bounds heap read (msrc.microsoft.com)

19 Jun 2026

CVE-2026-53689 (msrc.microsoft.com)

19 Jun 2026

CVE-2026-42014 Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin (msrc.microsoft.com)

19 Jun 2026

CVE-2026-44967 opentelemetry-cpp: OTLP HTTP exporters read unbounded HTTP response (msrc.microsoft.com)

19 Jun 2026

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure (www.securityweek.com)

18 Jun 2026

Oracle releases 245 new security patches, all rated ‘high-priority security’ (www.csoonline.com)

18 Jun 2026

Issue with containerd CRI Plugin - CVE-2026-50195, CVE-2026-53488, CVE-2026-53492, CVE-2026-53489, CVE-2026-47262 (aws.amazon.com)

18 Jun 2026

Apple releases security update for Beats Studio Buds vulnerability (www.scworld.com)

18 Jun 2026

CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-54130 M365 Copilot Information Disclosure Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-42895 Microsoft Copilot Tampering Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-32174 Azure Bot Service Elevation of Privilege Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-47646 Dynamics 365 Customer Voice Spoofing Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-32208 Microsoft Edge (Chromium-based) Spoofing Vulnerability (msrc.microsoft.com)

18 Jun 2026

CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability (msrc.microsoft.com)

18 Jun 2026

Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds (arstechnica.com)

18 Jun 2026

How Biometrics Help Combat Human Trafficking at Major Events Like the FIFA World Cup and Super Bowl  (www.esecurityplanet.com)

18 Jun 2026

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution (thehackernews.com)

18 Jun 2026

Cisco fixed a critical ISE vulnerability that lets attackers to gain root access (securityaffairs.com)

18 Jun 2026

Multiple Vulnerabilities in Firefox 152 Enables Remote Code Execution Attacks (cybersecuritynews.com)

18 Jun 2026

F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution (securityaffairs.com)

18 Jun 2026

Critical Cisco ISE Vulnerability Allows Attacker to Execute Malicious Code Remotely (cybersecuritynews.com)

18 Jun 2026

Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control (www.malwarebytes.com)

18 Jun 2026

Oracle June 2026 Critical Security Patch Update Addresses 243 CVEs (CVE-2026-35273) (securityboulevard.com)

18 Jun 2026

F5 Patches NGINX Vulnerability That Enables Code Execution and DoS Attacks (cybersecuritynews.com)

18 Jun 2026

PoC Exploit Released for HTTP/2 Bomb Remote DoS Vulnerability in Apache HTTP Server (cybersecuritynews.com)

18 Jun 2026

Oracle June 2026 Critical Security Patch Update Addresses 243 CVEs (CVE-2026-35273) (www.tenable.com)

18 Jun 2026

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development (securityaffairs.com)

18 Jun 2026

Splunk AI Toolkit Vulnerability Enables Arbitrary OS Command Execution Attacks (cybersecuritynews.com)

18 Jun 2026

CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() (msrc.microsoft.com)

18 Jun 2026

CVE-2026-48854 Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc (msrc.microsoft.com)

18 Jun 2026

Microsoft Confirms Defender RoguePlanet 0-Day Exploit and Working to Release Patch (cybersecuritynews.com)

17 Jun 2026

Analyzing Root Privilege Escalation in Cisco Catalyst SD-WAN Manager (medium.com)

17 Jun 2026

CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages() (aws.amazon.com)

17 Jun 2026

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development (thehackernews.com)

17 Jun 2026

CVE-2026-35433 .NET Elevation of Privilege Vulnerability (msrc.microsoft.com)

17 Jun 2026

U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

17 Jun 2026

Cisco adds another SD-WAN box to max-severity bug advisory (www.theregister.com)

17 Jun 2026

FortiSandbox Vulnerabilities Expose Systems to Auth Bypass and Command Execution (socradar.io)

17 Jun 2026

May 2026: TeamPCP’s Supply Chain Blitz Hits Checkmarx, GitHub, and npm (socradar.io)

17 Jun 2026

FishMonger Hackers Expands SprySOCKS Backdoor From Linux to Windows With Advanced Stealth Features (cybersecuritynews.com)

17 Jun 2026

CISA Warns of Oracle PeopleSoft 0-Day Vulnerability Exploited in Ransomware Attacks (cybersecuritynews.com)

17 Jun 2026

Fortra Access Manager Vulnerability Enables Remote Command Injection Attacks (cybersecuritynews.com)

17 Jun 2026

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656) (www.helpnetsecurity.com)

17 Jun 2026

Most of the CVE-2026-4020 attackers are the same client (honeylabs.net)

17 Jun 2026

China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints (securityaffairs.com)

17 Jun 2026

Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection (cybersecuritynews.com)

17 Jun 2026

Critical Chrome Vulnerabilities Allow Attackers to Execute Arbitrary Code – Update Now! (cybersecuritynews.com)

17 Jun 2026

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution (thehackernews.com)

17 Jun 2026

Three critical Fortinet sandbox bugs splattered by unknown attackers (www.theregister.com)

16 Jun 2026

CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability (msrc.microsoft.com)

16 Jun 2026

Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in Attacks (cybersecuritynews.com)

16 Jun 2026

Attackers are exploiting FortiSandbox vulnerabilities (www.helpnetsecurity.com)

16 Jun 2026

Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack (securityaffairs.com)

16 Jun 2026

Hackers Weaponize Microsoft Teams Relay to Hide Malware Traffic (cybersecuritynews.com)

16 Jun 2026

SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558) (www.helpnetsecurity.com)

16 Jun 2026

CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root (socradar.io)

16 Jun 2026

Interlock and Rhysida Ransomware Operations Share Supper Backdoor and Malware Codebase (cybersecuritynews.com)

16 Jun 2026

CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation (securityaffairs.com)

16 Jun 2026

CISA warns of another cPanel plugin flaw exploited in attacks (www.bleepingcomputer.com)

16 Jun 2026

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week (thehackernews.com)

16 Jun 2026

State Sponsored Activity

This chart provides an indication of state sponsored activity suspected or known to be actively targetting vulnerabilities recently.

Government Alerts & Advisories

Prev Next

GitLab security advisory (AV26-630) (cyber.gc.ca)

24 Jun 2026

Jenkins security advisory (AV26-629) (cyber.gc.ca)

24 Jun 2026

n8n security advisory (AV26-628) (cyber.gc.ca)

24 Jun 2026

Tenable security advisory (AV26-627) (cyber.gc.ca)

24 Jun 2026

Google Chrome security advisory (AV26-626) (cyber.gc.ca)

24 Jun 2026

CISA Adds Four Known Exploited Vulnerabilities to Catalog (www.cisa.gov)

23 Jun 2026

Siemens SIPROTEC 5 Using DIGSI5 Protocol (www.cisa.gov)

23 Jun 2026

Siemens Products using OpenSSL (www.cisa.gov)

23 Jun 2026

Hubbell Aclara Metrum Cellular Web Interface (www.cisa.gov)

23 Jun 2026

Impact of Linux Kernel vulnerabilities on B&R products (www.cisa.gov)

23 Jun 2026

Broadcom VMware security advisory (AV26-625) (cyber.gc.ca)

23 Jun 2026

Nodejs security advisory (AV26-624) (cyber.gc.ca)

22 Jun 2026

JetBrains security advisory (AV26-623) (cyber.gc.ca)

22 Jun 2026

Microsoft Edge security advisory (AV26-622) (cyber.gc.ca)

22 Jun 2026

Red Hat security advisory (AV26-621) (cyber.gc.ca)

22 Jun 2026

[Control systems] CISA ICS security advisories (AV26–620) (cyber.gc.ca)

22 Jun 2026

IBM security advisory (AV26-617) (cyber.gc.ca)

22 Jun 2026

Dell security advisory (AV26-619) (cyber.gc.ca)

22 Jun 2026

Ubuntu security advisory (AV26-618) (cyber.gc.ca)

22 Jun 2026

[Control systems] Mitsubishi Electric security advisory (AV26-616) (cyber.gc.ca)

19 Jun 2026

Drupal security advisory (AV26-615) (cyber.gc.ca)

18 Jun 2026

Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module (www.cisa.gov)

18 Jun 2026

(Unknown source)

18 Jun 2026

AVer PTC cameras (www.cisa.gov)

18 Jun 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

18 Jun 2026

Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT (www.cisa.gov)

18 Jun 2026

Alert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gateways (www.ncsc.gov.uk)

18 Jun 2026

AL26-014 – FortiBleed leak of thousands of compromised credentials impacting Fortinet devices (cyber.gc.ca)

18 Jun 2026

CRITICAL ALERT: Reported widespread credential exposure affecting Fortinet Firewalls and VPN Gateways (www.cyber.gov.au)

18 Jun 2026

Splunk security advisory (AV26-614) (cyber.gc.ca)

17 Jun 2026

Cisco security advisory (AV26-613) (cyber.gc.ca)

17 Jun 2026

F5 security advisory (AV26-612) (cyber.gc.ca)

17 Jun 2026

Mitel security advisory (AV26-611) (cyber.gc.ca)

17 Jun 2026

[Control Systems] Moxa security advisory (AV26-610) (cyber.gc.ca)

17 Jun 2026

Google Chrome security advisory (AV26-609) (cyber.gc.ca)

17 Jun 2026

Atlassian security advisory (AV26-608) (cyber.gc.ca)

17 Jun 2026

Microsoft security advisory (AV26-607) (cyber.gc.ca)

17 Jun 2026

JetBrains security advisory (AV26-606) (cyber.gc.ca)

17 Jun 2026

Oracle security advisory – June 2026 quarterly rollup (AV26-605) (cyber.gc.ca)

17 Jun 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

16 Jun 2026

Mozilla security advisory (AV26-604) (cyber.gc.ca)

16 Jun 2026

Rockwell Automation CompactLogix (www.cisa.gov)

16 Jun 2026

Rockwell Automation FLEX I/O EtherNet/IP Adapters (www.cisa.gov)

16 Jun 2026

Zyxel security advisory (AV26-603) (cyber.gc.ca)

16 Jun 2026

Cisco security advisory (AV26-602) (cyber.gc.ca)

16 Jun 2026

CISA Adds Two Known Exploited Vulnerabilities to Catalog (www.cisa.gov)

15 Jun 2026

Red Hat security advisory (AV26-601) (cyber.gc.ca)

15 Jun 2026

[Control systems] CISA ICS security advisories (AV26–600) (cyber.gc.ca)

15 Jun 2026

Ubuntu security advisory (AV26-599) (cyber.gc.ca)

15 Jun 2026

Dell security advisory (AV26-598) (cyber.gc.ca)

15 Jun 2026

IBM security advisory (AV26-597) (cyber.gc.ca)

15 Jun 2026

FreePBX security advisory (AV26–596) (cyber.gc.ca)

12 Jun 2026

GeoServer security advisory (AV26-595) (cyber.gc.ca)

12 Jun 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

12 Jun 2026

[Control Systems] Moxa security advisory (AV26-594) (cyber.gc.ca)

12 Jun 2026

Google Chrome security advisory (AV26-593) (cyber.gc.ca)

12 Jun 2026

Spring security advisory (AV26-592) (cyber.gc.ca)

12 Jun 2026

Microsoft Edge security advisory (AV26-591) (cyber.gc.ca)

12 Jun 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

11 Jun 2026

Check Point security advisory (AV26-590) (cyber.gc.ca)

11 Jun 2026

Ubiquiti security advisory (AV26-589) (cyber.gc.ca)

11 Jun 2026

Brickcom Cameras (www.cisa.gov)

11 Jun 2026

Naxclow IoT Platform (www.cisa.gov)

11 Jun 2026

Yarbo Android/iOS Mobile Application and Cloud Infrastructure (www.cisa.gov)

11 Jun 2026

Oracle security advisory (AV26-587) (cyber.gc.ca)

11 Jun 2026

GitLab security advisory (AV26-588) (cyber.gc.ca)

11 Jun 2026

Splunk security advisory (AV26-586) (cyber.gc.ca)

10 Jun 2026

Broadcom VMware security advisory (AV26-585) (cyber.gc.ca)

10 Jun 2026

n8n security advisory (AV26-584) (cyber.gc.ca)

10 Jun 2026

Palo Alto Networks security advisory (AV26-583) (cyber.gc.ca)

10 Jun 2026

HPE security advisory (AV26-582) (cyber.gc.ca)

10 Jun 2026

Erlang security advisory (AV26-581) (cyber.gc.ca)

10 Jun 2026

[Control systems] ABB security advisory (AV26-580) (cyber.gc.ca)

10 Jun 2026

FreePBX security advisory (AV26–579) (cyber.gc.ca)

10 Jun 2026

Jenkins security advisory (AV26-578) (cyber.gc.ca)

10 Jun 2026

AMD security advisory (AV26-577) (cyber.gc.ca)

10 Jun 2026

FreeBSD security advisory (AV26-576) (cyber.gc.ca)

10 Jun 2026

Spring security advisory (AV26-574) (cyber.gc.ca)

10 Jun 2026

OpenSSL security advisory (AV26-572) (cyber.gc.ca)

10 Jun 2026

Mozilla security advisory (AV26-575) (cyber.gc.ca)

10 Jun 2026

HPE security advisory (AV26-573) (cyber.gc.ca)

10 Jun 2026

2026-008: Critical vulnerabilities in Ivanti Sentry (cert.europa.eu)

10 Jun 2026

2026-007: Critical Vulnerability in Windows Netlogon (cert.europa.eu)

10 Jun 2026

Security Alert: Microsoft Releases June 2026 Security Updates (www.jpcert.or.jp)

10 Jun 2026

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-63) (www.jpcert.or.jp)

10 Jun 2026

CISA Adds Three Known Exploited Vulnerabilities to Catalog (www.cisa.gov)

09 Jun 2026

HPE security advisory (AV26-571) (cyber.gc.ca)

09 Jun 2026

Adobe security advisory (AV26-570) (cyber.gc.ca)

09 Jun 2026

Microsoft security advisory – June 2026 monthly rollup (AV26-569) (cyber.gc.ca)

09 Jun 2026

Schneider Electric Modicon Network Managed Switches (www.cisa.gov)

09 Jun 2026

CISA Alerts & KEV Catalog Updates

CISA KEVs (known exploited vulnerabilities) identified as a priroty to mitigate over the past three months.

View Catalog & Updates

Actively Exploited Vulnerabilities

Prev Next

Cisco SD-WAN Flaw Exploited Months Before Public Disclosure (securityboulevard.com)

25 Jun 2026

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning (www.securityweek.com)

25 Jun 2026

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure (securityaffairs.com)

25 Jun 2026

Cisco SD-WAN Zero-Day Exploited Months Before Patching (www.securityweek.com)

25 Jun 2026

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access (thehackernews.com)

25 Jun 2026

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited (thehackernews.com)

24 Jun 2026

CISA warns of max severity Ubiquiti flaws exploited in attacks (www.bleepingcomputer.com)

24 Jun 2026

Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild (securityaffairs.com)

24 Jun 2026

Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230) (www.helpnetsecurity.com)

24 Jun 2026

U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

24 Jun 2026

Cisco Unified CM Flaw CVE-2026-20230 Now Exploited in Attacks (securityboulevard.com)

24 Jun 2026

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root (thehackernews.com)

24 Jun 2026

CISA Warns of Ubiquiti UniFi OS Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

23 Jun 2026

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks (www.bleepingcomputer.com)

23 Jun 2026

WordPress plugin Gravity SMTP exploited for sensitive information disclosure (www.scworld.com)

22 Jun 2026

CISA Warns of Active Exploitation Following FortiBleed Leak (securityaffairs.com)

20 Jun 2026

CISA Adds LiteSpeed cPanel Plugin Vulnerability to KEV List Following Active Exploitation (cybersecuritynews.com)

19 Jun 2026

CVE-2026-20253: CISA Warns of Actively Exploited Splunk Enterprise RCE (socradar.io)

19 Jun 2026

U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday (securityaffairs.com)

19 Jun 2026

CISA: Splunk Enterprise flaw actively exploited, patch by Sunday (www.bleepingcomputer.com)

19 Jun 2026

7 GCP Misconfigurations That Are Actively Being Exploited in 2026 (securityboulevard.com)

19 Jun 2026

CISA Warns of Splunk Enterprise Critical Function Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

19 Jun 2026

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure (www.securityweek.com)

18 Jun 2026

U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

17 Jun 2026

Another healthcare firm attacked days after Novo Nordisk breach (www.helpnetsecurity.com)

17 Jun 2026

CISA Warns of Oracle PeopleSoft 0-Day Vulnerability Exploited in Ransomware Attacks (cybersecuritynews.com)

17 Jun 2026

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks (www.securityweek.com)

17 Jun 2026

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution (thehackernews.com)

17 Jun 2026

Three critical FortiSandbox bugs rated 9.8 actively exploited (www.scworld.com)

16 Jun 2026

Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in Attacks (cybersecuritynews.com)

16 Jun 2026

Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack (securityaffairs.com)

16 Jun 2026

CISA warns of another cPanel plugin flaw exploited in attacks (www.bleepingcomputer.com)

16 Jun 2026

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) (www.helpnetsecurity.com)

16 Jun 2026

Cisco patches SD-WAN flaw amid evidence of active exploitation (www.csoonline.com)

16 Jun 2026

U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

16 Jun 2026

Critical Fortinet FortiSandbox flaws now exploited in attacks (www.bleepingcomputer.com)

16 Jun 2026

How ShinyHunters Exploited Oracle PeopleSoft: A Deep Dive Into Zero-Day Logic Flaws (medium.com)

16 Jun 2026

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw (thehackernews.com)

16 Jun 2026

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation (thehackernews.com)

16 Jun 2026

LiteSpeed cPanel Plugin 0-Day Vulnerability Actively Exploited in the Wild (cybersecuritynews.com)

16 Jun 2026

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks (www.securityweek.com)

16 Jun 2026

Cisco SD-WAN vManage Vulnerability Exploited in Zero-Day Attacks (cybersecuritynews.com)

16 Jun 2026

Cisco SD-WAN make-me-root bug under attack (www.theregister.com)

15 Jun 2026

PAN-OS GlobalProtect bug actively exploited, added to CISA's KEV list (www.scworld.com)

15 Jun 2026

Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks (www.bleepingcomputer.com)

15 Jun 2026

WinRAR Vulnerability Exploited by Russian Hackers to Deploy GIFTEDCROOK Stealer (cybersecuritynews.com)

15 Jun 2026

Palo Alto Warns of GlobalProtect VPN Vulnerability Actively Exploited in the Wild (cybersecuritynews.com)

15 Jun 2026

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw (thehackernews.com)

15 Jun 2026

Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack (www.helpnetsecurity.com)

14 Jun 2026

CVE-2026-35273 in Oracle PeopleSoft PeopleTools EMHub Under Active Exploitation (socradar.io)

14 Jun 2026

U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

13 Jun 2026

U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14 (securityaffairs.com)

12 Jun 2026

The Weaponization Window: Botnets, Ransomware, and Active Exploitation Converge (medium.com)

12 Jun 2026

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751) (www.helpnetsecurity.com)

12 Jun 2026

CISA orders feds to patch actively exploited Ivanti flaw by Sunday (www.bleepingcomputer.com)

12 Jun 2026

Oracle PeopleSoft 0-Day RCE Vulnerability Exploited in Attacks by ShinyHunters (cybersecuritynews.com)

11 Jun 2026

Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure (www.darkreading.com)

11 Jun 2026

Oracle mitigates PeopleSoft zero-day exploited in data theft attacks (www.bleepingcomputer.com)

11 Jun 2026

CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release (securityaffairs.com)

11 Jun 2026

Critical Langflow Vulnerability Exploited to Execute Malicious Code (cybersecuritynews.com)

11 Jun 2026

CISA Warns of Check Point Security Gateway Vulnerability Actively Exploited in Ransomware Attacks (cybersecuritynews.com)

11 Jun 2026

CISA tells govt agencies to patch critical exploited flaws in 3 days (www.bleepingcomputer.com)

11 Jun 2026

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert (www.helpnetsecurity.com)

11 Jun 2026

Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release (cybersecuritynews.com)

11 Jun 2026

GreatXML BitLocker Bypass 0-Day Exploited Via Windows Defender Offline Scan (cybersecuritynews.com)

11 Jun 2026

Microsoft Exchange Server 0-Day Vulnerability Exploited in Attacks Using Weaponized Email (cybersecuritynews.com)

11 Jun 2026

Microsoft Patches Exploited Exchange Server Vulnerability (www.securityweek.com)

11 Jun 2026

Max severity Ivanti Sentry vulnerability now exploited in attacks (www.bleepingcomputer.com)

11 Jun 2026

Path traversal flaw in AI dev platform Langflow exploited in attacks (www.bleepingcomputer.com)

10 Jun 2026

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE (thehackernews.com)

10 Jun 2026

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation (thehackernews.com)

10 Jun 2026

CISA Warns of Google Chromium 0-Day Vulnerability Exploited in Attacks (cybersecuritynews.com)

10 Jun 2026

Microsoft patches Exchange Server zero-day exploited in attacks (www.bleepingcomputer.com)

10 Jun 2026

U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited…

10 Jun 2026

ServiceNow Patches Vulnerability Exploited Against Some Customers (www.securityweek.com)

10 Jun 2026

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances (thehackernews.com)

10 Jun 2026

No Patch Planned for Exploited Arista EOS Vulnerability (www.securityweek.com)

10 Jun 2026

Google releases emergency update for fifth Chrome zero-day exploited in the wild this year (www.scworld.com)

09 Jun 2026

CISA adds Check Point VPN bug to list of exploited vulnerabilities (www.scworld.com)

09 Jun 2026

CVE-2026-11645: Exploited Chrome V8 Bug Enables In-Browser Code Execution (socradar.io)

09 Jun 2026

Google Chrome 0-Day Vulnerability Exploited in the Wild — Update Now (cybersecuritynews.com)

09 Jun 2026

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine (thehackernews.com)

09 Jun 2026

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now (thehackernews.com)

09 Jun 2026

Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year (www.theregister.com)

09 Jun 2026

Google fixes the fifth actively exploited Chrome zero-day of 2026 (securityaffairs.com)

09 Jun 2026

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645) (www.helpnetsecurity.com)

09 Jun 2026

Update Chrome: Google patches actively exploited vulnerability and 73 others (www.malwarebytes.com)

09 Jun 2026

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks (www.securityweek.com)

09 Jun 2026

Hackers Exploiting LiteLLM RCE Vulnerability in the Wild to Run Arbitrary Commands (cybersecuritynews.com)

09 Jun 2026

U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

09 Jun 2026

CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day (www.bleepingcomputer.com)

09 Jun 2026

Google patches new Chrome zero-day flaw exploited in the wild (www.bleepingcomputer.com)

09 Jun 2026

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE (thehackernews.com)

09 Jun 2026

Google Patches 5th Chrome Zero-Day Exploited in 2026 (www.securityweek.com)

09 Jun 2026

Check Point patches critical VPN flaw exploited in zero-day attacks (www.scworld.com)

08 Jun 2026

Check Point VPN Flaw Exploited Since Early May (www.darkreading.com)

08 Jun 2026

Check Point VPN 0-day Vulnerability Exploited in the Wild to Deploy Ransomware (cybersecuritynews.com)

08 Jun 2026

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups (thehackernews.com)

08 Jun 2026

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) (www.helpnetsecurity.com)

08 Jun 2026

Everest Forms Vulnerability Exploited to Hack WordPress Sites (www.securityweek.com)

08 Jun 2026

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) (www.helpnetsecurity.com)

08 Jun 2026

SolarWinds Serv-U Vulnerability Exploited in the Wild (www.securityweek.com)

08 Jun 2026

Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast (www.helpnetsecurity.com)

07 Jun 2026

CISA Warns of Linux Kernel Improper Authentication Vulnerability Exploited in Attacks (cybersecuritynews.com)

06 Jun 2026

U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

06 Jun 2026

Critical Everest Forms Pro flaw exploited to take over WordPress sites (www.bleepingcomputer.com)

06 Jun 2026

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog (thehackernews.com)

06 Jun 2026

CISA Warns of SolarWinds Serv-U Vulnerability Exploited in Attacks (cybersecuritynews.com)

06 Jun 2026

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available (thehackernews.com)

06 Jun 2026

Exposed Fuel Tank Gauges Under Attack in the US (www.darkreading.com)

05 Jun 2026

Another Cisco Catalyst SD-WAN Manager bug actively exploited (www.scworld.com)

05 Jun 2026

Yet another Cisco SD-WAN 0-day under attack, and no patch in sight (www.theregister.com)

05 Jun 2026

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) (www.helpnetsecurity.com)

05 Jun 2026

Cisco SD-WAN Vulnerability Exploited in the Wild to Execute Arbitrary Commands as Root User (cybersecuritynews.com)

05 Jun 2026

Cisco warns of unpatched SD-WAN zero-day exploited in attacks (www.bleepingcomputer.com)

05 Jun 2026

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 (www.securityweek.com)

05 Jun 2026

9.8 Mirasvit bug actively exploited on Magento servers (www.scworld.com)

04 Jun 2026

How Attackers Allegedly Exploited Meta AI to Hijack High-Profile Instagram Accounts (medium.com)

04 Jun 2026

U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

04 Jun 2026

CISA Warns of critical Magento Cache Warmer RCE flaw Exploited in Attacks (cybersecuritynews.com)

04 Jun 2026

Trending Adversarial Group(s)

Top 10 Adverserial groups suspected or known to be actively targetting vulnerabilities.

Zero Day ( 0-day)

Prev Next

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure (securityaffairs.com)

25 Jun 2026

Cisco SD-WAN Zero-Day Exploited Months Before Patching (www.securityweek.com)

25 Jun 2026

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access (thehackernews.com)

25 Jun 2026

Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access (www.bleepingcomputer.com)

24 Jun 2026

Hackers Exploiting Cisco Catalyst SD-WAN Manager 0-Day Flaw to Gain Root-Level Access (cybersecuritynews.com)

24 Jun 2026

Microsoft SharePoint Under Siege: A Deep Dive into the ToolShell Zero-Day Campaign (CVE-2025–53770) (medium.com)

21 Jun 2026

AI-Driven Threats, Zero-Days, and Data Breaches Define This Week in Cybersecurity for June 2026 (www.esecurityplanet.com)

18 Jun 2026

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development (securityaffairs.com)

18 Jun 2026

Can Agentic AI Really Find Zero-Days? Ask the Hacker Who Won Pwn2Own Berlin 2026 (thecyberwire.com)

18 Jun 2026

Microsoft Confirms Defender RoguePlanet 0-Day Exploit and Working to Release Patch (cybersecuritynews.com)

17 Jun 2026

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development (thehackernews.com)

17 Jun 2026

CISA Warns of Oracle PeopleSoft 0-Day Vulnerability Exploited in Ransomware Attacks (cybersecuritynews.com)

17 Jun 2026

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656) (www.helpnetsecurity.com)

17 Jun 2026

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day (www.securityweek.com)

17 Jun 2026

Microsoft working on Defender patch for RoguePlanet zero-day (www.bleepingcomputer.com)

17 Jun 2026

Microsoft Defender Zero-Day Privilege Escalation Vulnerability (RoguePlanet) (securityboulevard.com)

16 Jun 2026

CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root (socradar.io)

16 Jun 2026

How ShinyHunters Exploited Oracle PeopleSoft: A Deep Dive Into Zero-Day Logic Flaws (medium.com)

16 Jun 2026

LiteSpeed cPanel Plugin 0-Day Vulnerability Actively Exploited in the Wild (cybersecuritynews.com)

16 Jun 2026

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks (www.securityweek.com)

16 Jun 2026

Cisco SD-WAN vManage Vulnerability Exploited in Zero-Day Attacks (cybersecuritynews.com)

16 Jun 2026

Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks (www.bleepingcomputer.com)

15 Jun 2026

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More (thehackernews.com)

15 Jun 2026

Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack (www.helpnetsecurity.com)

14 Jun 2026

GreatXML zero-day BitLocker bypass doesn’t seem to work, yet (www.csoonline.com)

12 Jun 2026

ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed (www.darkreading.com)

12 Jun 2026

PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data (arstechnica.com)

12 Jun 2026

Microsoft vs. Nightmare Eclipse: The Zero-Day Revenge Cycle (socfortress.medium.com)

12 Jun 2026

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign (securityaffairs.com)

12 Jun 2026

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters (www.securityweek.com)

12 Jun 2026

Oracle PeopleSoft 0-Day RCE Vulnerability Exploited in Attacks by ShinyHunters (cybersecuritynews.com)

11 Jun 2026

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities (thehackernews.com)

11 Jun 2026

Oracle mitigates PeopleSoft zero-day exploited in data theft attacks (www.bleepingcomputer.com)

11 Jun 2026

ShinyHunters claims it hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day (www.theregister.com)

11 Jun 2026

Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day (www.theregister.com)

11 Jun 2026

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks (www.securityweek.com)

11 Jun 2026

GreatXML BitLocker Bypass 0-Day Exploited Via Windows Defender Offline Scan (cybersecuritynews.com)

11 Jun 2026

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research (securityaffairs.com)

11 Jun 2026

‘GreatXML’ Zero-Day Exploit Bypasses BitLocker (www.securityweek.com)

11 Jun 2026

Microsoft Exchange Server 0-Day Vulnerability Exploited in Attacks Using Weaponized Email (cybersecuritynews.com)

11 Jun 2026

Angry bug hunter with Microsoft beef drops new Windows 0-day (www.theregister.com)

10 Jun 2026

RoguePlanet: “Nightmare Eclipse” Unleashes New Defender Zero-Day on Patch Tuesday (medium.com)

10 Jun 2026

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws (www.bleepingcomputer.com)

10 Jun 2026

Windows Collaborative Translation Framework 0-Day Vulnerability Allows Privilege Escalation (cybersecuritynews.com)

10 Jun 2026

June 2026 Patch Tuesday: 206 Vulnerabilities, Three Zero-Days Including HTTP/2 Bomb Flaw (CVE-2026-49160) (socradar.io)

10 Jun 2026

CISA Warns of Google Chromium 0-Day Vulnerability Exploited in Attacks (cybersecuritynews.com)

10 Jun 2026

Microsoft patches Exchange Server zero-day exploited in attacks (www.bleepingcomputer.com)

10 Jun 2026

Microsoft’s biggest-ever Patch Tuesday fixes 206 bugs, including 3 zero-days (www.malwarebytes.com)

10 Jun 2026

Microsoft feud escalates as researcher drops new Windows zero-day (www.csoonline.com)

10 Jun 2026

The Zero-Day Exploit Clock Is Ticking (chribonn.medium.com)

10 Jun 2026

New Windows Zero-Day Exploit ‘RoguePlanet’ Released (www.securityweek.com)

10 Jun 2026

Record Microsoft Patch Tuesday, fresh zero-day (www.helpnetsecurity.com)

10 Jun 2026

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs (thehackernews.com)

10 Jun 2026

Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days (www.bleepingcomputer.com)

10 Jun 2026

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows (thehackernews.com)

10 Jun 2026

Windows BitLocker 0-Day Vulnerability Allows Attackers to Bypass Security Feature (cybersecuritynews.com)

10 Jun 2026

New Windows Defender 0-Day Exploit “RoguePlanet” Lets Attackers Gain SYSTEM-level Access (cybersecuritynews.com)

09 Jun 2026

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges (www.bleepingcomputer.com)

09 Jun 2026

Google releases emergency update for fifth Chrome zero-day exploited in the wild this year (www.scworld.com)

09 Jun 2026

Google Chrome 0-Day Vulnerability Exploited in the Wild — Update Now (cybersecuritynews.com)

09 Jun 2026

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now (thehackernews.com)

09 Jun 2026

Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year (www.theregister.com)

09 Jun 2026

Google fixes the fifth actively exploited Chrome zero-day of 2026 (securityaffairs.com)

09 Jun 2026

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645) (www.helpnetsecurity.com)

09 Jun 2026

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks (www.securityweek.com)

09 Jun 2026

CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day (www.bleepingcomputer.com)

09 Jun 2026

Google patches new Chrome zero-day flaw exploited in the wild (www.bleepingcomputer.com)

09 Jun 2026

Google Patches 5th Chrome Zero-Day Exploited in 2026 (www.securityweek.com)

09 Jun 2026

21 0-Day Vulnerabilities in FFmpeg Enables Remote Code Execution Attacks (cybersecuritynews.com)

08 Jun 2026

Check Point patches critical VPN flaw exploited in zero-day attacks (www.scworld.com)

08 Jun 2026

Check Point VPN 0-day Vulnerability Exploited in the Wild to Deploy Ransomware (cybersecuritynews.com)

08 Jun 2026

Ransomware crims got a month-long head start on Check Point VPN 0-day that now has a fix (www.theregister.com)

08 Jun 2026

Gogs patches critical zero-day enabling remote code execution (www.bleepingcomputer.com)

08 Jun 2026

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More (thehackernews.com)

08 Jun 2026

Check Point links VPN zero-day attacks to Qilin ransomware gang (www.bleepingcomputer.com)

08 Jun 2026

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) (www.helpnetsecurity.com)

08 Jun 2026

Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast (www.helpnetsecurity.com)

07 Jun 2026

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs (thehackernews.com)

06 Jun 2026

Yet another Cisco SD-WAN 0-day under attack, and no patch in sight (www.theregister.com)

05 Jun 2026

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) (www.helpnetsecurity.com)

05 Jun 2026

Cisco warns of unpatched SD-WAN zero-day exploited in attacks (www.bleepingcomputer.com)

05 Jun 2026

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 (www.securityweek.com)

05 Jun 2026

Comodo Internet Security 0-Day Vulnerability Lets Attacker Crash the User’s Windows System (cybersecuritynews.com)

04 Jun 2026

Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process (securityaffairs.com)

04 Jun 2026

Acer Working to Patch Wave 7 Router 0-day Vulnerability (cybersecuritynews.com)

04 Jun 2026

Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine (www.theregister.com)

04 Jun 2026

Acer addresses critical zero-day vulnerabilities in Wave 7 routers (www.scworld.com)

03 Jun 2026

Trump executive order on AI calls for voluntary 30-day review period (www.scworld.com)

03 Jun 2026

Five OpenClaw 0-Days let Attackers to Hijack Trusted AI Agent Access (cybersecuritynews.com)

03 Jun 2026

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore (thehackernews.com)

03 Jun 2026

CVE-2025-48595: June 2026 Android Security Update Fixes Framework Zero-Day (socradar.io)

03 Jun 2026

Acer working to patch max severity zero-days in Wave 7 routers (www.bleepingcomputer.com)

03 Jun 2026

Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash (www.securityweek.com)

03 Jun 2026

VS Code zero-day lets hackers steal GitHub tokens in one click (www.bleepingcomputer.com)

03 Jun 2026

Google releases June Android security patches addressing 124 vulnerabilities, including 1 zero-day (www.scworld.com)

02 Jun 2026

Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities (www.securityweek.com)

02 Jun 2026

Tuskira Quell identifies, mitigates, and validates zero-day risk before breach (www.helpnetsecurity.com)

02 Jun 2026

Microsoft reaches for olive branch after public dustup with 0-day researcher (www.theregister.com)

02 Jun 2026

Google fixes one actively exploited Android zero-day, 124 flaws (www.bleepingcomputer.com)

02 Jun 2026

Android 0-Day Vulnerability Exploited in Attacks to Gain Complete Device Control (cybersecuritynews.com)

02 Jun 2026

Microsoft's Zero-Day Legal Threats Spark Backlash (www.darkreading.com)

01 Jun 2026

Gogs Zero-Day Exposes Servers to Remote Code Execution (www.securityweek.com)

29 May 2026

Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It. (securityaffairs.com)

29 May 2026

GitHub bans security researcher who posted zero-day Windows exploits (www.tomshardware.com)

28 May 2026

Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops (www.theregister.com)

28 May 2026

New Gogs 0-Day Vulnerability Lets Attackers Run Malicious Code on the Server Remotely (cybersecuritynews.com)

28 May 2026

New Gogs zero-day flaw lets hackers get remote code execution (www.bleepingcomputer.com)

28 May 2026

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal (thehackernews.com)

28 May 2026

Microsoft Warns Public Release of Zero-Day Details Before Vendor Coordination (cybersecuritynews.com)

28 May 2026

KnowledgeDeliver flaw exploited as a zero-day to install web shells (www.bleepingcomputer.com)

26 May 2026

Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike (www.scworld.com)

26 May 2026

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment (www.securityweek.com)

26 May 2026

KnowledgeDeliver LMS Zero-Day Exploited to Deploy BLUEBEAM Web Shell (cybersecuritynews.com)

25 May 2026

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos (thehackernews.com)

25 May 2026

Anthropic’s Claude Mythos Preview Uncovers 10,000+ 0-Days in Project Glasswing (cybersecuritynews.com)

22 May 2026

LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access (cybersecuritynews.com)

22 May 2026

CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks (cybersecuritynews.com)

22 May 2026

$20 per zero-day is already the WordPress plugin reality (www.helpnetsecurity.com)

22 May 2026

Trend Micro warns of Apex One zero-day exploited in the wild (www.bleepingcomputer.com)

22 May 2026

TrendAI Patches Apex One Zero-Day Exploited in the Wild (www.securityweek.com)

22 May 2026

FAQs

Today’s top cybersecurity headlines typically include actively exploited vulnerabilities, ransomware campaigns, major data breaches, zero-day disclosures, nation-state activity, and critical vendor security advisories. Security teams should prioritise threat alerts involving KEVs, remote code execution vulnerabilities, cloud platform attacks, and vulnerabilities affecting internet-facing systems.
By using this site, you agree to our Terms & Conditions.

COOKIE / PRIVACY POLICY: This website uses essential cookies required for basic site functionality. We also use analytics cookies to understand how the website is used. We do not use cookies for marketing or personalization, and we do not sell or share any personal data with third parties.

Terms & Privacy Policy