24h | 7d | 30d

Overview

  • Microsoft
  • Microsoft SharePoint Enterprise Server 2016

22 May 2026
Published
02 Jul 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
3.02%

Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Statistics

  • 14 Posts
  • 2 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

CISA flags an actively exploited SharePoint vulnerability (CVE-2026-45659) enabling remote code execution. Patch SharePoint Server 2016 now.

securityonline.info/sharepoint

  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback

Critical Alert: CVE-2026-45659 is actively exploited. If you are running Microsoft SharePoint, you need to audit your deserialization logic immediately. CISA has added this to the KEV catalog, and BOD 26-04 mandates action. I’ve just released the full forensic playbook for the SOC—detailing this
Read the full critical threat briefing here:
thecybermind.co/r8pt

  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback

C-Suite Alert: CVE-2026-45659 is actively exploited. CISA BOD 26-04 mandates immediate action. Is your organization compliant? My executive briefing provides the risk assessment and strategic roadmap to secure your SharePoint assets and mitigate enterprise liability. thecybermind.co/x3h5

  • 0
  • 0
  • 0
  • 4h ago

Bluesky

Profile picture fallback
Microsoft MSRC — CVE-2026-45659 vulnerability record: msrc.microsoft.com/update-guide... Microsoft Security Blog — MCP tool poisoning / AI agents: www.microsoft.com/en-us/securi...
  • 0
  • 1
  • 0
  • 2h ago
Profile picture fallback
#CTI Brief for 2026-07-02: CISA added Microsoft SharePoint Server CVE-2026-45659 to KEV with a July 4 due date. This is the action item: patch exposed/high-value SharePoint first, then assess for compromise. #ThreatIntel #Cybersecurity
  • 0
  • 1
  • 0
  • 2h ago
Profile picture fallback
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Jul 1) CVE-2026-45659 Microsoft SharePoint Serverにおける信頼できないデータの逆シリアル化の脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
CISA added CVE-2026-45659, a SharePoint Server remote code execution flaw, to the KEV catalog due to evidence of active exploitation.
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
The U.S. CISA has flagged a high-severity Microsoft SharePoint flaw, CVE-2026-45659, as actively exploited, demanding federal agency patches by July […]
  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
CISA added CVE-2026-45659, a high-severity SharePoint Server RCE flaw, to its KEV catalog after active exploitation was found. Microsoft also tied related attacks to Storm-2603 and Warlock ransomware. #SharePoint #CISA #RCE
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
CISA added CVE-2026-45659 to KEV, urging agencies to patch within three days because authenticated attackers can execute arbitrary code on affected SharePoint servers.
  • 0
  • 0
  • 0
  • 6h ago
Profile picture fallback
⚠️ CVE-2026-45659 (CVSS 8.8, CISA KEV): deserialization flaw in Microsoft SharePoint letting an authenticated attacker with Site Member permissions run code remotely, no user interaction. Actively exploited. Affects SharePoint 2016, 2019 & Sub Edition. Query: technology="Microsoft SharePoint"
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation reconbee.com/sharepoint-r... #sharepoint #RCE #CISA #KEV #cybersecurity #cyberattack
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation thehackernews.com/2026/07/shar...
  • 0
  • 0
  • 0
  • 1h ago
Profile picture fallback
~Cybergcca~ Active exploitation of CVE-2026-45659, a critical deserialization RCE vulnerability in Microsoft SharePoint Server. - IOCs: CVE-2026-45659 - #CVE202645659 #SharePoint #ThreatIntel
  • 0
  • 0
  • 0
  • Last hour

Overview

  • NetScaler
  • ADC

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS v4.0
HIGH (8.8)
EPSS
0.50%

KEV

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP

Statistics

  • 7 Posts
  • 7 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

Citrix has patched a series of bugs this week, including another CitrixBleed-like vulnerability that can allow remote attackers to leak a device's memory and find goodies inside, such as auth or config data.

This impacts NetScaler ADC devices.

labs.watchtowr.com/citrixbleed

support.citrix.com/support-hom

  • 4
  • 1
  • 0
  • 5h ago
Profile picture fallback

‼️ CVE-2026-8451: Citrix Netscaler overread Detection Artifact Generator Tool

GitHub: github.com/watchtowrlabs/watch

Full writeup: labs.watchtowr.com/citrixbleed

CVE-2026-8451 is a NetScaler ADC and NetScaler Gateway memory overread flaw caused by insufficient input validation, affecting appliances configured as a SAML Identity Provider.

The risk is sensitive memory disclosure, with researchers showing NetScaler can be tricked into returning process memory that should never leave the appliance.

  • 0
  • 1
  • 0
  • 16h ago

Bluesky

Profile picture fallback
CitrixBleed CVE-2026-8451 was exploited within 24 hours of disclosure, targeting NetScaler ADC and Gateway devices using SAML IDP. The XML parser flaw can leak memory without authentication. #Citrix #NetScaler #Germany
  • 0
  • 1
  • 0
  • Last hour
Profile picture fallback
CVE-2026-8451: Citrix NetScaler SAML Memory Overread Exploitation and IoCs
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) labs.watchtowr.com/citrixbleed-...
  • 0
  • 0
  • 1
  • 5h ago
Profile picture fallback
Threat actors exploited CVE-2026-8451 in NetScaler ADC/Gateway within 24 hours of disclosure, using a SAML IDP XML overread to leak memory via NSC_TASS without authentication.
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Cisco
  • Cisco Unified Communications Manager

03 Jun 2026
Published
01 Jul 2026
Updated

CVSS v3.1
HIGH (8.6)
EPSS
41.69%

Description

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.

Statistics

  • 3 Posts

Last activity: 3 hours ago

Bluesky

Profile picture fallback
CVE-2026-20230 in Cisco Unified CM/SME is actively exploited, enabling SSRF and potential root access; WebDialer-enabled appliances require patching to remediate.
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
Cisco confirma exploração ativa de vulnerabilidade nos sistemas Unified CM, com agentes maliciosos a explorar o problema identificado como CVE-2026-20230, que permite ataques de falsificação de pedidos do lado do servidor (SSRF). A confirmação surge semanas após a empresa ter disponibilizado as corr
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
Cisco confirms active exploitation of CVE-2026-20230 in Unified CM, where unauthenticated SSRF via crafted HTTP requests can create files using file:// payloads. Fix release or disable WebDialer. #Cisco #UnifiedCM #WebDialer
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • Linux
  • Linux

28 May 2026
Published
14 Jun 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.13%

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: drm: Set old handle to NULL before prime swap in change_handle There was a potential race condition in change_handle. The ioctl briefly had a single object with two idr entries; a concurrent gem_close could delete the object and remove one of the handles while leaving the other one dangling, which could subsequently be dereferenced for a use-after-free. To fix this, do the same dance that gem_close itself does. (f6cd7daecff5 drm: Release driver references to handle before making it available again) First idr_replace the old handle to NULL. Later, if the prime operations are successful, actually close it. create_tail required a similar dance to avoid a similar problem. (bd46cece51a3 drm/gem: Fix race in drm_gem_handle_create_tail()) It idr_allocs the new handle with NULL, then swaps in the correct object later to avoid races. We don't need to do that here, since the only operations that could race are drm_prime, and change_handle holds the prime lock for the entire duration. v2: cleanups of error paths

Statistics

  • 2 Posts
  • 12 Interactions

Last activity: 16 hours ago

Fediverse

Profile picture fallback

Unprivileged root via a use-after-free in DRM GEM change_handle (CVE-2026-46215):

cyberstan.co.uk/drm-lpe-linux/

  • 5
  • 7
  • 0
  • 21h ago

Bluesky

Profile picture fallback
CVE-2026-46215: The Unprivileged Root via a DRM UAF That Bypasses KASAN + Video Introduction: In a concerning development for Linux security, a high-severity use-after-free (UAF) vulnerability in the Direct Rendering Manager (DRM) subsystem has been uncovered, tracked as CVE-2026-46215. This flaw,…
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • SimpleHelp
  • SimpleHelp

12 Jun 2026
Published
30 Jun 2026
Updated

CVSS v4.0
CRITICAL (9.5)
EPSS
1.16%

Description

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacker can submit a forged token containing arbitrary identity claims to obtain a fully authenticated technician session. In some configurations, this may also allow bypass of multi-factor authentication. No user interaction is required.

Statistics

  • 2 Posts
  • 6 Interactions

Last activity: 7 hours ago

Bluesky

Profile picture fallback
SimpleHelp CVE-2026-48558 is now confirmed exploited-in-the-wild & on US CISA KEV www.cisa.gov/known-exploi... We are scanning for CVE-2026-48558 vulnerable instances since 2026-06-16. We see 439 unpatched (2026-07-01 scan) Dashboard World Map view: dashboard.shadowserver.org/statistics/c...
  • 2
  • 4
  • 0
  • 7h ago
Profile picture fallback
SimpleHelp RMM Authentication Bypass CVE-2026-48558 and Dj... https://www.bleepingcomputer.com/news/security/simplehelp-bug-lets-hackers-create-rogue-remote-support-accounts https://flagthis.com/newsletter/2026/07/01/tldr/3871 ##SimpleHelp ##CVE202648558 ##DjinnStealer ##RMM ##AuthenticationBypass
  • 0
  • 0
  • 0
  • 21h ago

Overview

  • Apache Software Foundation
  • Apache Tomcat

29 Jun 2026
Published
30 Jun 2026
Updated

CVSS
Pending
EPSS
0.25%

KEV

Description

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Users are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 19 hours ago

Bluesky

Profile picture fallback
The latest update for #CyCognito includes "Emerging Threat: (CVE-2026-55957) Apache Tomcat Authentication Bypass via JNDIRealm GSSAPI Binds". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X
  • 1
  • 0
  • 0
  • 19h ago

Overview

  • Oracle Corporation
  • PeopleSoft Enterprise PeopleTools

11 Jun 2026
Published
13 Jun 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
92.33%

Description

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Statistics

  • 2 Posts
  • 1 Interaction

Last activity: 3 hours ago

Fediverse

Profile picture fallback

ShinyHunters e lo zero-day PeopleSoft: il regolatore assicurativo USA tra le 100+ vittime di UNC6240

Sfruttando CVE-2026-35273, una RCE non autenticata in Oracle PeopleSoft, il collettivo ShinyHunters/UNC6240 ha colpito oltre 100 organizzazioni prima ancora del rilascio della patch. Tra le vittime la NAIC, il regolatore assicurativo USA: 3,1 TB di dati esfiltrati e agenzie di rating in stallo.

insicurezzadigitale.com/shinyh

  • 1
  • 0
  • 1
  • 3h ago

Overview

  • JetBrains
  • Hub

19 Jun 2026
Published
24 Jun 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
0.42%

KEV

Description

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 16 hours ago

Fediverse

Profile picture fallback

JetBrains patched a CVSS 10 authentication bypass and two more flaws (CVE-2026-50242). Its tools reach 15M developers. Update JetBrains Hub now.

securityonline.info/jetbrains-

  • 1
  • 0
  • 0
  • 16h ago

Overview

  • Progress Software
  • LoadMaster

04 Jun 2026
Published
01 Jul 2026
Updated

CVSS v3.1
CRITICAL (9.6)
EPSS
29.64%

KEV

Description

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 23 hours ago

Overview

  • guardian
  • language-system

01 Jul 2026
Published
01 Jul 2026
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
0.37%

KEV

Description

Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in media.php (line 17): SELECT id, filename, extension, type, duration, owner, private FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents.

Statistics

  • 1 Post

Last activity: 4 hours ago

Fediverse

Profile picture fallback

CVE-2026-34100 - Critical SQLi in Guardian media.php. Unauthenticated? id GET param unsanitized. CVSS 9.8. No patch available. Mitigate immediately. #CVE #infosec #Guardian

valtersit.com/cve/CVE-2026-341

  • 0
  • 0
  • 0
  • 4h ago
Showing 1 to 10 of 53 CVEs