24h | 7d | 30d

CVE-2026-48907

Overview

  • joomlacontenteditor.net
  • Joomla Content Editor (JCE) extension for Joomla
05 Jun 2026
Published
17 Jun 2026
Updated
CVSS v4.0
CRITICAL (10.0)
EPSS
0.84%
KEV

Description

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

Statistics

  • 6 Posts
  • 1 Interaction
Last activity: Last hour

Fediverse

Profile picture fallback
AD IT Systems @aditsystems

Akute Sicherheitslücke im JCE-Editor!

Mit einem Volltreffer auf der CVE-Skala (10/10) ist ein Update des JCE-Editor im Joomla kein Task für morgen, sondern für "nach meinem Wissen jetzt ... sofort".

Weitere Infos:

https://www.aditsystems.de/blog/2026/06/jce-sicherheitsluecke-cve-2026-48907/?utm_source=fediverse&utm_medium=social&utm_campaign=jce

#joomla #jce #cve #cve202648907

  • 1
  • 0
  • 0
  • 2h ago
Profile picture fallback
Rishi @rxerium

🚨 New critical improper access control vulnerability tagged CVE-2026-48907, affecting Widget Factory Joomla Content Editor is seeing active exploitation in the wild as reported by CISA.

Vulnerability detection script available below:
github.com/rxerium/rxerium-tem

Patches and mitigations are available:
sentinelone.com/vulnerability-

  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
:mastodon: decio @decio

⚠️ Vous administrez un site Joomla ?

Petit point sécurité : la faille CVE-2026-48907 touche l’extension **JCE / Joomla Content Editor **et elle est déjà exploitée automatiquement sur Internet.
👇 🩹
joomlacontenteditor.net/news/j

En clair : un site vulnérable peut être compromis même sans compte public ni inscription ouverte.

À faire dès que possible:
• mettre JCE à jour en 2.9.99.6 ou plus récent
• vérifier les profils/comptes suspects
• changer les mots de passe admin, base de données et hébergement
• lancer un scan serveur

(La mise à jour ferme la porte, mais ne nettoie pas forcément ce qui aurait déjà été déposé.)

🔍
⬇️
vulnerability.circl.lu/vuln/cv

  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
Michael I Ransier @thecybermind

URGENT: CVE-2026-48907 is seeing active exploitation in Joomla! JCE extensions. This critical RCE flaw allows unauthenticated attackers to take full control. Read our executive remediation brief to harden your environment now.
thecybermind.co/ic6z

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Jun 16) CVE-2026-48907 Widget Factory Joomlaコンテンツエディターの不適切なアクセス制御の脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Joomla JCE CVE-2026-48907 and LiteSpeed cPanel CVE-2026-54420 are being actively exploited, enabling file uploads, PHP execution, and possible root escalation on shared hosting servers. #Joomla #LiteSpeed #CISA
  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-50656

Overview

  • Microsoft
  • Microsoft Malware Protection Engine
16 Jun 2026
Published
17 Jun 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.

Statistics

  • 3 Posts
  • 5 Interactions
Last activity: 5 hours ago

Fediverse

Profile picture fallback
nyanbinary @nyanbinary

Nightmare Eclipses RoguePlanet now has a CVE 🎉: nvd.nist.gov/vuln/detail/cve-2

Not any new detail in there & no fix yet (has only been a week, give them some time...).

Much less relevant but annoying me personally: It taking them a week to ... sorry, shit this out. Broken description in the CVE form & even in the MSRC page it's pretty obvious no one even proofread the non-description. Also empty Acknoledgement section despite link to the Github (not the first time btw)... at least they didn't have it taken down this time? 🙃

  • 1
  • 3
  • 0
  • 19h ago

Bluesky

Profile picture fallback
Help Net Security @helpnetsecurity.com
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656) 📖 Read more: www.helpnetsecurity.com/2026/06/17/r... #cybersecurity #cybersecuritynews #0day #exploit #MicrosoftDefender #vulnerabilitydisclosure
  • 0
  • 1
  • 0
  • 5h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Microsoft is developing a patch for RoguePlanet, now tracked as CVE-2026-50656. The zero-day affects fully patched Windows 10 and 11 systems and may allow SYSTEM-level command prompts via a race condition. #RoguePlanet #CVE-2026-50656
  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-4020

Overview

  • RocketGenius
  • Gravity SMTP
31 Mar 2026
Published
08 Apr 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
2.98%
KEV

Description

The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4. This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permission_callback that unconditionally returns true, allowing any unauthenticated visitor to access it. When the ?page=gravitysmtp-settings query parameter is appended, the plugin's register_connector_data() method populates internal connector data, causing the endpoint to return approximately 365 KB of JSON containing the full System Report. This makes it possible for unauthenticated attackers to retrieve detailed system configuration data including PHP version, loaded extensions, web server version, document root path, database server type and version, WordPress version, all active plugins with versions, active theme, WordPress configuration details, database table names, and any API keys/tokens configured in the plugin.

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 6 hours ago

Fediverse

Profile picture fallback
hrbrmstr 🇺🇦 🇬🇱 🇨🇦 @hrbrmstr

Solid breakdown by @honeylabs of the opportunistic activity against CVE-2026-4020

~560 IPs rotating through ~3,300 UAs

Rly important to heed the info further down in the article re: "attacking the CVE" vs "added yet-another-cred path to existing scans".

honeylabs.net/blog/the-cloud-f

  • 0
  • 1
  • 0
  • 6h ago

Bluesky

Profile picture fallback
Hacker News Top Stories @hackernewsbot.bsky.social
Most of the CVE-2026-4020 attackers are the same client | Discussion
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
Hacker News @mm-hacker-news.bsky.social
Most of the CVE-2026-4020 attackers are the same client https://honeylabs.net/blog/the-cloud-fleet-behind-cve-2026-4020
  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-20262

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
15 Jun 2026
Published
17 Jun 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
1.74%
KEV

Description

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected API endpoint of the affected system. A successful exploit could allow the attacker to create or overwrite any file on the underlying operating system. This file could later be used to elevate to root. To exploit this vulnerability, the attacker must have valid credentials with at least a lower-privileged, single-task user account.

Statistics

  • 4 Posts
Last activity: 9 hours ago

Fediverse

Profile picture fallback
CyberNetsecIO @netsecio

📰 Actively Exploited Cisco SD-WAN Flaw Added to CISA KEV Catalog

⚠️ Cisco Catalyst SD-WAN Manager flaw CVE-2026-20262 is actively exploited! The bug allows root privilege escalation. CISA has added it to the KEV catalog, mandating a patch by June 29. Update now! #Cisco #CVE #CyberSecurity #KEV

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ci

  • 0
  • 0
  • 1
  • 22h ago
Profile picture fallback
halil deniz @halildeniz

🚨 CVE-2026-20262: Cisco SD-WAN Manager flaw allows web shell uploads, leading to orchestrator RCE and complete network fabric compromise.

denizhalil.com/2026/06/17/cve-

#CVE202620262 #Cisco #SDWAN #RCE #Cybersecurity

  • 0
  • 0
  • 0
  • 19h ago

Bluesky

Profile picture fallback
キタきつね @kitafox.bsky.social
CVE-2026-20262: CISCO Catalyst SD-WANの脆弱性が標的型攻撃の対象となっている CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation #SecurityAffairs (Jun 16) securityaffairs.com/193693/secur...
  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-35273

Overview

  • Oracle Corporation
  • PeopleSoft Enterprise PeopleTools
11 Jun 2026
Published
13 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.72%
KEV

Description

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Statistics

  • 2 Posts
  • 14 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
Christoph Schmees @PC_Fluesterer

Europarat gehackt – dank Oracle.

Die Besetzungsliste: ShinyHunters, Oracle, der Europarat. Die Handlung: Vor mehr als zwanzig Jahren hat Oracle* nach einer wahren Übernahmeschlacht die Firma PeopleSoft geschluckt. Deren Software wird vor allem in den USA eingesetzt, aber eben auch im Europarat. Die Software enthielt eine Zero-Day Sicherheitslücke CVE-2026-35273, die von ShinyHunters ausgenutzt wurde. Die Hackergruppe will darüber mehr als 100 Institutionen gehackt haben, darunter den Europarat. Dabei seien fast 300 GByte an Daten in die Hände der Erpresser gefallen, darunter Personalakten, Gehaltsabrechnungen, Einkäufe; Lebensläufe, Gehälter,

pc-fluesterer.info/wordpress/2

#0day #closedsource #cybercrime #datenleck #datenschutz #exploits #sicherheit #UnplugOracle #UnplugTrump #zeroday

  • 7
  • 7
  • 0
  • 23h ago

Bluesky

Profile picture fallback
キタきつね @kitafox.bsky.social
CVE-2026-35273: Oracle PeopleSoftのゼロデイ脆弱性の悪用 CVE-2026-35273: Active Exploitation of Oracle PeopleSoft Zero-Day Vulnerability #SecurityBoulevard (Jun 16) securityboulevard.com/2026/06/cve-...
  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-54420

Overview

  • LiteSpeed Technologies
  • cPanel Plugin
  • WHM and cPanel PlugIn
14 Jun 2026
Published
16 Jun 2026
Updated
CVSS v3.1
HIGH (8.5)
EPSS
0.61%
KEV

Description

LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.

Statistics

  • 3 Posts
Last activity: 7 hours ago

Fediverse

Profile picture fallback
CyberNetsecIO @netsecio

📰 CISA KEV Catalog Adds Exploited LiteSpeed cPanel Plugin Flaw

📢 CISA KEV ALERT: A LiteSpeed cPanel plugin flaw, CVE-2026-54420, is being actively exploited for root privilege escalation on shared servers. Federal agencies must patch by June 18. Hosting providers, check your systems! #CVE #KEV #CISA #CyberSecurity

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ci

  • 0
  • 0
  • 0
  • 22h ago

Bluesky

Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
LiteSpeed cPanel プラグインの脆弱性 CVE-2026-54420がKEVカタログに追加 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 0
  • 0
  • 17h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Joomla JCE CVE-2026-48907 and LiteSpeed cPanel CVE-2026-54420 are being actively exploited, enabling file uploads, PHP execution, and possible root escalation on shared hosting servers. #Joomla #LiteSpeed #CISA
  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-42824

Overview

  • Microsoft
  • Microsoft 365 Copilot
04 Jun 2026
Published
16 Jun 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
0.50%
KEV

Description

Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Statistics

  • 2 Posts
  • 9 Interactions
Last activity: 10 hours ago

Fediverse

Profile picture fallback
Winbuzzer @winbuzzer

winbuzzer.com/2026/06/16/micro

Microsoft has patched a Copilot flaw after researchers showed a one-click chain that could expose two-factor codes and enterprise data via search.

#AI #SearchLeak #Microsoft365Copilot #Microsoft #Microsoft365 #MicrosoftCopilot #Varonis #CVE202642824 #Cybersecurity

  • 2
  • 1
  • 0
  • 19h ago

Bluesky

Profile picture fallback
L'algorisme @lalgorisme.bsky.social
🧵CVE-2026-42824, o com es podíen filtrar els teus correus, calendari i documents compartits amb un sol enllaç. Una URL ben construïda feia que Microsoft 365 Copilot Enterprise enviés dades de la teva empresa a un atacant. Sense que l'usuari insertes cap tipus de dada.
  • 2
  • 4
  • 0
  • 10h ago

CVE-2026-39808

Overview

  • Fortinet
  • FortiSandbox
14 Apr 2026
Published
22 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
66.17%
KEV

Description

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via <insert attack vector here>

Statistics

  • 3 Posts
Last activity: 7 hours ago

Fediverse

Profile picture fallback
ThreatNoir @threatnoir

⚠️ CRITICAL: Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Fortinet FortiSandbox is under active exploitation for three critical unauthenticated RCE vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089). All three bypass authentication and allow arbitrary command execution via HTTP requests. Organizations running FortiSandbox are at immediate ri…

threatnoir.com/focus

  • 0
  • 0
  • 0
  • 22h ago

Bluesky

Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Three Fortinet FortiSandbox flaws, including CVE-2026-39808, are reportedly under active exploitation, alongside attacks on FortiClient EMS. SOCRadar also links FortiBleed to 30,000+ compromised devices. #Fortinet #FortiSandbox #FortiBleed
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
ohhara @shiojiri.com
Fortinet FortiSandboxの重大な脆弱性が攻撃に悪用される(CVE-2026-39813、CVE-2026-39808、CVE-2026-25089) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/46235/
  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-20253

Overview

  • Splunk
  • Splunk Enterprise
10 Jun 2026
Published
16 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
1.68%
KEV

Description

In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 17 hours ago

Fediverse

Profile picture fallback
Patrick C Miller :donor: @patrickcmiller

Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) labs.watchtowr.com/why-use-app

  • 1
  • 3
  • 0
  • 17h ago

CVE-2026-12441

Overview

  • Google
  • Chrome
17 Jun 2026
Published
17 Jun 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 10 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

🔒 CRITICAL: CVE-2026-12441 in Chrome <149.0.7827.155 on Linux — use-after-free in File Input. Remote attacker can trigger heap corruption via crafted HTML. Update Chrome ASAP! radar.offseq.com/threat/cve-20

  • 1
  • 1
  • 0
  • 10h ago
Showing 1 to 10 of 51 CVEs