24h | 7d | 30d

CVE-2026-20230

Overview

  • Cisco
  • Cisco Unified Communications Manager
03 Jun 2026
Published
04 Jun 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
0.02%
KEV

Description

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.

Statistics

  • 8 Posts
  • 3 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture fallback
elhacker.NET @elhackernet

Cisco corrige vulnerabilidad CVE-2026-20230 en Unified CM tras la publicación de código explotable

blog.elhacker.net/2026/06/cisc

  • 1
  • 1
  • 0
  • 9h ago
Profile picture fallback
𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

Geopolitical tensions remain high with Israel's continued strikes despite ceasefire efforts. (June 5, 2026) Cybersecurity sees a critical Cisco Unified CM vulnerability (CVE-2026-20230) with public exploit code and over 60k GTA V players exposed in a cheat service attack. (June 5, 2026) Phishing also hit Eversource, exposing 3K+ customer data. (June 4, 2026) In tech, AI search shifts user habits as Google's revamp boosts DuckDuckGo installs. (June 5, 2026)

#AnonNews_irc #Cybersecurity #News

  • 0
  • 0
  • 0
  • 10h ago

Bluesky

Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Cisco patched CVE-2026-20230 in Unified CM and Session Management Edition, a SSRF flaw that can allow arbitrary file writes and potential root escalation. PoC code is public. #Cisco #UnifiedCM #WebDialer
  • 0
  • 1
  • 0
  • 18h ago
Profile picture fallback
Bitnewsbot @bitnewsbot.bsky.social
Cisco has patched a critical server-side request forgery vulnerability, CVE-2026-20230, in its Unified Communications Manager and Session Management Edition. The […]
  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback
Ninja Owl @ninjaowl.ai
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 0
  • 0
  • 0
  • 17h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
Ciscoは、エクスプロイトコードが公開されたことを受け、Unified CMのCVE-2026-20230を修正した Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public #HackerNews (Jun 4) thehackernews.com/2026/06/cisc...
  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
ohhara @shiojiri.com
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
Critical Cisco Unified CM Vulnerability (CVE-2026-20230): Unauthenticated File-Write Leads to Root – Patch Immediately + Video Introduction A newly disclosed critical vulnerability in Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to exploit a…
  • 0
  • 0
  • 0
  • 4h ago

CVE-2026-20245

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
04 Jun 2026
Published
05 Jun 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.08%
KEV

Description

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user. To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.

Statistics

  • 5 Posts
  • 5 Interactions
Last activity: Last hour

Bluesky

Profile picture fallback
BleepingComputer @bleepingcomputer.com
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation.
  • 3
  • 2
  • 0
  • 10h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CVE-2026-20245 in Cisco Catalyst SD-WAN Manager CLI enables authenticated local attackers with netadmin privileges to execute root commands via crafted files.
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
Help Net Security @helpnetsecurity.com
Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) 📖 Read more: www.helpnetsecurity.com/2026/06/05/c... #cybersecurity #cybersecuritynews #SDWAN #APT #=day #exploit @cisco.com @mandiant.com
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Cisco warns CVE-2026-20245 is an actively exploited zero-day in Cisco Catalyst SD-WAN Manager, enabling root access via crafted file upload across on-prem, cloud, and FedRAMP deployments. #Cisco #SDWAN #CVE202620245
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
boredchilada @boredchilada.bsky.social
~Cybergcca~ Cisco addressed an authenticated privilege escalation vulnerability (CVE-2026-20245) in Catalyst SD-WAN Manager. - IOCs: CVE-2026-20245 - #CVE202620245 #Cisco #ThreatIntel
  • 0
  • 0
  • 0
  • Last hour

CVE-2026-3300

Overview

  • WPEverest
  • Everest Forms Pro
31 Mar 2026
Published
08 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.31%
KEV

Description

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's process_filter() function concatenating user-submitted form field values into a PHP code string without proper escaping before passing it to eval(). The sanitize_text_field() function applied to input does not escape single quotes or other PHP code context characters. This makes it possible for unauthenticated attackers to inject and execute arbitrary PHP code on the server by submitting a crafted value in any string-type form field (text, email, URL, select, radio) when a form uses the "Complex Calculation" feature.

Statistics

  • 4 Posts
Last activity: 6 hours ago

Fediverse

Profile picture fallback
Wordfence @wordfence

Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin

A critical Remote Code Execution vulnerability (CVE-2026-3300, CVSS 9.8) in Everest Forms Pro <= 1.9.12 is being actively exploited.

Over 29,300 exploit attempts have been blocked by the Wordfence Firewall. Update to version 1.9.13.

wordfence.com/blog/2026/06/att

#WordPress #WordPressSecurity #Cybersecurity

  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
🔒 Security Cyber @securitycyber

🚨 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-3300

• CVE ID: CVE-2026-3300
• CVSS Score: 9.8 (Critical)
• Affected: Everest Forms Pro

What it is:

securitycyber.uk

  • 0
  • 0
  • 0
  • 6h ago

Bluesky

Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Everest Forms Pro CVE-2026-3300 enables unauthenticated remote code execution via eval() injection, allowing full site compromise unless updated to 1.9.13.
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
Bitnewsbot @bitnewsbot.bsky.social
A critical vulnerability (CVE-2026-3300) in the Everest Forms Pro WordPress plugin is being actively exploited for remote code execution, compromising […]
  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-46243

Overview

  • Linux
  • Linux
01 Jun 2026
Published
05 Jun 2026
Updated
CVSS v3.1
HIGH (7.1)
EPSS
0.02%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcall_target that cifs.upcall treats as kernel-originating inputs. However, userspace can also create keys of this type through request_key(2) or add_key(2), allowing those fields to be supplied without CIFS origin. Only accept cifs.spnego descriptions while CIFS is using its private spnego_cred to request the key.

Statistics

  • 4 Posts
  • 10 Interactions
Last activity: Last hour

Fediverse

Profile picture fallback
Rocky Linux :rockylinux: @rockylinux

Patches for CVE-2026-46243 (CIFSwitch), a local privilege escalation vulnerability in the Linux kernel's CIFS subsystem, have been built for Rocky Linux 8, 9, and 10. Our hot fix security repository has been updated.

If you're running any supported Rocky Linux release, update now:
sudo dnf --enablerepo=security update

#RockyLinux #OpenSource #Linux #LinuxSecurity #CVE #EnterpriseLinux

  • 3
  • 2
  • 0
  • Last hour

Bluesky

Profile picture fallback
Rocky Linux @rockylinux.org
Patches for CVE-2026-46243 (CIFSwitch) are now available for Rocky Linux 8, 9, and 10. Our hot fix security repo is updated. What the fix? sudo dnf --enablerepo=security update #RockyLinux #LinuxSecurity #CVE
  • 0
  • 3
  • 0
  • Last hour
Profile picture fallback
AlmaLinux @almalinux.org
Patched kernels for CIFSwitch (CVE-2026-46243) have been released to the production repositories/mirrors. Thank you to everyone who helped verify these builds! Learn more: https://almalinux.org/blog/2026-05-28-cifswitch/?utm_medium=social&utm_source=bluesky
  • 0
  • 2
  • 1
  • 22h ago

CVE-2026-45247

Overview

  • Mirasvit
  • Full Page Cache Warmer for Magento 2
26 May 2026
Published
04 Jun 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
6.15%
KEV

Description

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted call to PHP's native unserialize() function combined with gadget chains available in Magento and its dependencies to execute arbitrary code on the server.

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 7 hours ago

Fediverse

Profile picture fallback
Michael I Ransier @thecybermind

🛠️ TECHNICAL DEEP-DIVE: Dissecting the Mirasvit deserialization vulnerability (CVE-2026-45247) allowing unauthenticated RCE via the CacheWarmer cookie. Full forensic breakdown, WAF mitigation scripts, and ring-fencing protocols inside. thecybermind.co/znl8

  • 0
  • 1
  • 0
  • 8h ago
Profile picture fallback
Michael I Ransier @thecybermind

🚨 EXECUTIVE ADVISORY: CISA flags CVE-2026-45247 in Mirasvit Cache Warmer as an active ransomware threat vector. Total business interruption risk. Mandatory remediation deadline is June 6, 2026. Protect your edge.
thecybermind.co/y1lw

  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
🔒 Security Cyber @securitycyber

🚨 CVE-2026-45247 🚨

Description

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted call to PHP's native unserialize() function combined with gadget chains available in Magento and its dependencies to execute arbitrary code on the server.

  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-8206

Overview

  • themeum
  • Kirki – Freeform Page Builder, Website Builder & Customizer
02 Jun 2026
Published
02 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.12%
KEV

Description

The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions 6.0.0 to 6.0.6. This is due to the plugin accepting an arbitrary email address when a username is used in the password reset request. This makes it possible for unauthenticated attackers to send a password reset link for any user registered on the site to their own email address.

Statistics

  • 2 Posts
Last activity: 16 hours ago

Fediverse

Profile picture fallback
Wordfence @wordfence

Unauthenticated Privilege Escalation Vulnerability Patched in Kirki WordPress Plugin

Kirki 6.0.0 - 6.0.6 is vulnerable to an Unauthenticated Privilege Escalation (CVE-2026-8206, CVSS 9.8 Critical) affecting an estimated 150,000 sites.

Patched in 6.0.7. Update now.

wordfence.com/blog/2026/06/una

#WordPress #WordPressSecurity #Cybersecurity

  • 0
  • 0
  • 0
  • 18h ago

Bluesky

Profile picture fallback
Commonwealth Sentinel Cyber Security @cwealthsentinel.bsky.social
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators.
  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-42945

Overview

  • F5
  • NGINX Plus
13 May 2026
Published
21 May 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.29%
KEV

Description

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Statistics

  • 2 Posts
  • 10 Interactions
Last activity: 17 hours ago

Fediverse

Profile picture fallback
AlmaLinux @almalinux

nginx has a critical vuln (CVE-2026-42945).

Patched packages are live for AlmaLinux 8, 9, 10 & Kitten 10.

Two commands and a restart and you're done. Don't sleep on this one! almalinux.org/blog/2026-05-13-

  • 7
  • 3
  • 1
  • 17h ago

CVE-2026-48020

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
DB Tech @dbtechyt

Traefik v2.11.48 patches CVE-2026-48020 plus fixes path injection in k8s ingress, TLS option handling, and StripPrefix normalization. Read the migration guide before upgrading. #selfhosted #homelab

github.com/traefik/traefik/rel

  • 2
  • 0
  • 1
  • 3h ago

CVE-2024-27890

Overview

  • Arista Networks
  • EOS
04 Jun 2026
Published
04 Jun 2026
Updated
CVSS v4.0
HIGH (7.2)
EPSS
0.28%
KEV

Description

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2024-27890 - Critical auth bypass in Arista EOS with OpenConfig. gNMI Set requests improperly accepted, risking unauthorized config changes. CVSS 9.6. No patch available yet. Monitor and restrict access now. #CVE #Arista #infosec

valtersit.com/cve/CVE-2024-278

  • 2
  • 0
  • 0
  • 14h ago

CVE-2026-39987

Overview

  • marimo-team
  • marimo
09 Apr 2026
Published
24 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
80.71%
KEV

Description

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification. This vulnerability is fixed in 0.23.0.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 3 hours ago

Bluesky

Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Sysdig TRT observed an agentic AI attacker exploiting CVE-2026-39987 in marimo to automate container escape, host breakout, and Kubernetes secret theft via Docker socket and nsenter. #CVE202639987 #marimo #Kubernetes
  • 0
  • 1
  • 0
  • 3h ago
Showing 1 to 10 of 474 CVEs