24h | 7d | 30d

CVE-2026-20253

Overview

  • Splunk
  • Splunk Enterprise
10 Jun 2026
Published
19 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
10.04%
KEV

Description

In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service.

Statistics

  • 10 Posts
  • 2 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
tomcat @tomcat

This Splunk flaw is no longer just theoretical.

Splunk says it is aware of limited exploitation of CVE-2026-20253.

CISA has added it to KEV, giving federal agencies until June 21, 2026 to patch.

Upgrade now.

Read the update: thehackernews.com/2026/06/crit

  • 0
  • 1
  • 0
  • 9h ago
Profile picture fallback
Michael I Ransier @thecybermind

ACTIVE THREAT: CVE-2026-20253 Splunk Enterprise vulnerability is being exploited in the wild. Our latest TSUITE Brief provides a full SQL injection defense playbook, including n8n automation triggers for your SOC. Secure your infrastructure now. thecybermind.co/2yn5

  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
𝔸𝕟𝕠𝕟𝕪𝕞𝕠𝕦𝕤 :verified: @youranonnewsirc

Latest Geopolitical: An interim US-Iran agreement aims to de-escalate tensions and reopen the Strait of Hormuz, while Moscow endured its largest Ukrainian drone attack, hitting an oil refinery.

Technology: Anthropic's Claude Fable 5 AI is back online after a six-day shutdown, as Google makes Gemini 2.5 Flash its default model.

Cybersecurity: CISA issued alerts for an actively exploited Splunk vulnerability (CVE-2026-20253) and widespread Fortinet "FortiBleed" attacks. Accenture also acquired key OT security firms.

#AnonNews_irc #Cybersecurity #News

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture fallback
boredchilada @boredchilada.bsky.social
~Cisa~ CISA added CVE-2026-20253, a Splunk Enterprise missing authentication flaw, to its KEV catalog due to active exploitation. - IOCs: CVE-2026-20253 - #CVE202620253 #Splunk #threatintel
  • 1
  • 0
  • 0
  • 20h ago
Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 CVE-2026-20253 : RCE pré-authentifiée dans Splunk Enterprise via le service PostgreSQL Sidecar 📝 ## 🔍 Contexte Le 12 juin 2026, watch… https://cyberveille.ch/posts/2026-06-18-cve-2026-20253-rce-pre-authentifiee-dans-splunk-enterprise-via-le-service-postgresql-sidecar/ #CVE_2026_20253 #Cyberveille
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Jun 18) CVE-2026-20253 Splunk Enterpriseにおける重要機能の認証欠落の脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CVE-2026-20253 in Splunk Enterprise enables unauthenticated attackers to perform arbitrary file operations and can lead to remote code execution; patch immediately.
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
Help Net Security @helpnetsecurity.com
Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) 📖 Read more: www.helpnetsecurity.com/2026/06/19/s... #cybersecurity #cybersecuritynews #monitoring #SIEM #vulnerability #CISA
  • 0
  • 0
  • 0
  • 6h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
CISA says CVE-2026-20253 in Splunk Enterprise is being actively exploited. Affects versions 10.2.0-10.2.3 and 10.0.0-10.0.6, enabling file writes and possible code execution. #Splunk #CISA #CVE202620253
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
AlphaHunt Converge @alphahunt.io
Today’s CTI call: patch Splunk first. CISA added CVE-2026-20253 to KEV after Splunk confirmed limited exploitation of a critical unauthenticated PostgreSQL sidecar flaw in Splunk Enterprise. This beats the actor-brand chatter. #ThreatIntel #CTI #CyberSecurity #InfoSec
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-50656

Overview

  • Microsoft
  • Microsoft Malware Protection Engine
16 Jun 2026
Published
17 Jun 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.34%
KEV

Description

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.

Statistics

  • 3 Posts
  • 6 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
N_{Dario Fadda} @nuke

CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet
#CyberSecurity
securebulletin.com/cve-2026-50

  • 5
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
Microsoft Defenderのゼロデイ 脆弱性 RoguePlanetにCVE-2026-50656が付与 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 1
  • 0
  • 18h ago
Profile picture fallback
ohhara @shiojiri.com
マイクロソフト、Defenderゼロデイ「RoguePlanet」の修正パッチ開発に着手(CVE-2026-50656) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/46255/
  • 0
  • 0
  • 0
  • 15h ago

CVE-2026-47729

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 4 Posts
  • 7 Interactions
Last activity: 6 hours ago

Fediverse

Profile picture fallback
scriptjunkie @sj

"We sent Claude Mythos Preview spelunking through Squid’s guts, and it surfaced clutching a 29-year-old bug.

Meet Squidbleed: a Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration."
blog.calif.io/p/squidbleed-cve

  • 2
  • 3
  • 0
  • 20h ago

Bluesky

Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 Squidbleed (CVE-2026-47729) : fuite mémoire de type Heartbleed dans Squid Proxy depuis 1997 📝 ## 🔍 Contexte Publié le 18 juin 2026 par Cal… https://cyberveille.ch/posts/2026-06-18-squidbleed-cve-2026-47729-fuite-memoire-de-type-heartbleed-dans-squid-proxy-depuis-1997/ #CVE_2026_47729 #Cyberveille
  • 1
  • 0
  • 0
  • 18h ago
Profile picture fallback
/r/netsec @r-netsec-bot.bsky.social
Squidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration
  • 1
  • 0
  • 1
  • 6h ago

CVE-2026-54103

Overview

  • Government Accountability Office
  • Electronic Protest Docketing System (EPDS)
18 Jun 2026
Published
19 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
Pending
KEV

Description

The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could change an arbitrary user's password.

Statistics

  • 3 Posts
  • 16 Interactions
Last activity: 21 hours ago

Fediverse

Profile picture fallback
:brdKnife: @cR0w

lol. lmao.

nvd.nist.gov/vuln/detail/CVE-2

The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could change an arbitrary user's password.

  • 6
  • 10
  • 0
  • 21h ago
Profile picture fallback
OffSequence @offseq

CVE-2026-54103 (CRITICAL, CVSS 9.8): GAO EPDS & CBCA EDS lack authentication on password change API, enabling remote takeover. No patch yet. Restrict access, monitor logs. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 23h ago
Profile picture fallback
nyanbinary @nyanbinary

db.gcve.eu/vuln/cve-2026-54103
db.gcve.eu/vuln/cve-2026-54104

:blobcatthinkingglare:

  • 0
  • 0
  • 0
  • 23h ago

CVE-2026-55074

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 26 Interactions
Last activity: 20 hours ago

Fediverse

Profile picture fallback
Larvitz :fedora: @Larvitz

I'm more than 25 years into IT at this point, but this is a first for me. Not one I'm proud of, but one I take responsibility for:

My project ansible_jailexec (an Ansible connection plugin for FreeBSD Jails) had a bug that turned out to be a vulnerability. Improper Link Resolution Before File Access (CWE-59), a jail escape. It's been assigned CVE-2026-55074 so people can scan for it (I know it's bundled into Collections out there).

If you're running < 2.0.0: please upgrade. 2.0.0 fixes it.

Advisory: github.com/chofstede/ansible_j
Release: github.com/chofstede/ansible_j

#ansible #cve #security #freebsd

  • 13
  • 13
  • 0
  • 20h ago

CVE-2026-8713

Overview

  • themefusion
  • Avada (Fusion) Builder
19 Jun 2026
Published
19 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
Pending
KEV

Description

The Avada (Fusion) Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the maybe_delete_files function in all versions up to, and including, 3.15.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The attack requires a published Avada form configured to save entries to the database; an unauthenticated attacker submits a path-traversal payload via the wp_ajax_nopriv_fusion_form_submit_ajax handler while also controlling the fusion_privacy_expiration_interval and privacy_expiration_action fields to force an immediate 'delete' cleanup, causing the planted entry to be automatically processed by the Fusion_Form_DB_Privacy shutdown-hook routine without any administrator interaction.

Statistics

  • 2 Posts
Last activity: 6 hours ago

Fediverse

Profile picture fallback
Wordfence @wordfence

Critical Unauthenticated Arbitrary File Deletion Vulnerability Patched in Avada Builder WordPress Plugin

Unauthenticated Arbitrary File Deletion (CVE-2026-8713, CVSS 9.1 Critical) in Avada Builder <= 3.15.3 lets attackers delete wp-config.php and take over sites.

Patched in 3.15.4 update now.

wordfence.com/blog/2026/06/cri

#WordPress #WordPressSecurity #Wordfence

  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
OffSequence @offseq

CVE-2026-8713: CRITICAL path traversal (CVSS 9.1) in Avada (Fusion) Builder ≤3.15.3. Unauthenticated file deletion possible; RCE risk if wp-config.php is removed. Restrict access, monitor usage, check vendor for fixes. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-49252

Overview

  • deepstreamIO
  • deepstream.io
18 Jun 2026
Published
18 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
Pending
KEV

Description

deepstream is a server that allows clients and backend services to sync data, send messages and make rpcs at scale. Versions prior to 10.0.5 are vulnerable to Prototype Pollution. Exploitation can lead to potential privilege escalation from any authenticated user with write permission to any record. This issue has been fixed in version 10.0.5.

Statistics

  • 2 Posts
Last activity: 7 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

deepstream.io <10.0.5 has a CRITICAL Prototype Pollution flaw (CVE-2026-49252, CVSS 9.9). Authenticated users with write access can escalate privileges. Patch to 10.0.5+ ASAP! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-49252 - Critical Privilege Escalation in Deepstream. Prototype Pollution bug allows auth'd users with write access to escalate privileges. CVSS 9.9. No patch available yet. Update to 10.0.5 immediately. #CVE #Deepstream #infosec

valtersit.com/cve/CVE-2026-492

  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-42055

Overview

  • F5
  • NGINX Open Source
17 Jun 2026
Published
18 Jun 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.64%
KEV

Description

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and ngx_http_grpc_module modules. This vulnerability exists when the proxy_http_version to 2 or grpc_pass directives are used to proxy HTTP/2 traffic, the ignore_invalid_headers directive is set to off, and the large_client_header_buffers directive size is larger than 2 megabytes. A remote, unauthenticated attacker, along with conditions beyond their control, could send large headers while creating an upstream request. This may cause a heap-based buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Statistics

  • 3 Posts
Last activity: 10 hours ago

Fediverse

Profile picture fallback
ThreatNoir @threatnoir

⚠️ CRITICAL: F5 Patches Critical, High-Severity NGINX Vulnerabilities

F5 released patches for critical unauthenticated RCE and DoS vulnerabilities in NGINX (CVE-2026-42530, CVE-2026-42055) affecting NGINX Plus, Controller, and related products. Attackers can exploit heap buffer overflows and use-after-free flaws without credentials to crash services or execute arbitr…

threatnoir.com/focus

  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback
The CyberSec Guru @guru

Two 9.2s in stock NGINX: inside the HTTP/3 QPACK use-after-free and the gRPC heap overflow F5 just patched

F5 patched two critical NGINX flaws (CVSS 9.2): a QPACK use-after-free in HTTP/3 and a gRPC heap overflow. Full technical breakdown and PoCs

thecybersecguru.com/news/nginx

  • 0
  • 0
  • 0
  • 10h ago

Bluesky

Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
F5 patched two critical NGINX Open Source flaws, CVE-2026-42530 and CVE-2026-42055, that could enable remote code execution in certain configs. Mitigations include disabling HTTP/3 or adjusting headers. #NGINX #F5 #CVE202642530
  • 0
  • 0
  • 0
  • 19h ago

CVE-2026-42530

Overview

  • F5
  • NGINX Open Source
17 Jun 2026
Published
18 Jun 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.76%
KEV

Description

NGINX Open Source has a vulnerability in the ngx_http_v3_module module. When NGINX Open Source is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker along with conditions beyond their control can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This may cause a Use-after-Free in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Statistics

  • 3 Posts
Last activity: 10 hours ago

Fediverse

Profile picture fallback
ThreatNoir @threatnoir

⚠️ CRITICAL: F5 Patches Critical, High-Severity NGINX Vulnerabilities

F5 released patches for critical unauthenticated RCE and DoS vulnerabilities in NGINX (CVE-2026-42530, CVE-2026-42055) affecting NGINX Plus, Controller, and related products. Attackers can exploit heap buffer overflows and use-after-free flaws without credentials to crash services or execute arbitr…

threatnoir.com/focus

  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback
The CyberSec Guru @guru

Two 9.2s in stock NGINX: inside the HTTP/3 QPACK use-after-free and the gRPC heap overflow F5 just patched

F5 patched two critical NGINX flaws (CVSS 9.2): a QPACK use-after-free in HTTP/3 and a gRPC heap overflow. Full technical breakdown and PoCs

thecybersecguru.com/news/nginx

  • 0
  • 0
  • 0
  • 10h ago

Bluesky

Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
F5 patched two critical NGINX Open Source flaws, CVE-2026-42530 and CVE-2026-42055, that could enable remote code execution in certain configs. Mitigations include disabling HTTP/3 or adjusting headers. #NGINX #F5 #CVE202642530
  • 0
  • 0
  • 0
  • 19h ago

CVE-2026-48979

Overview

  • php-standard-library
  • php-standard-library
17 Jun 2026
Published
18 Jun 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.27%
KEV

Description

PHP Standard Library (PSL) is set of APIs covering async, collections, networking, I/O, cryptography, terminal UI, etc. In versions 6.1.0, 6.1.1 and 6.2.0, the Psl\H2\ServerConnection does not validate that the total bytes received in DATA frames match the content-length header declared in the HEADERS frame, allowing request smuggling. This is in violation of RFC 9113 §8.1.1. A malicious client is able to send more DATA bytes than declared, smuggling additional content past application-level size limits and send fewer DATA bytes than declared and close the stream early, causing applications that trust the declared length to behave incorrectly. The vulnerability is only reachable for consumers using Psl\H2\ServerConnection directly to accept untrusted client traffic. Consumers of documented high-level PSL APIs are not affected. This issue has been fixed in versions 6.1.2 and 6.2.1.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-48979 - HTTP/2 request smuggling in PHP standard library (PSL). Unvalidated DATA frame bytes allow content overflow. CVSS 7.5. No patch yet; disable PSL H2 servers or upgrade if fix released. #CVE #PHP #infosec

valtersit.com/cve/CVE-2026-489

  • 1
  • 1
  • 0
  • 4h ago
Showing 1 to 10 of 58 CVEs