Browsing Tag
Patch Management
23 posts
Security update planning, patch prioritization, remediation deadlines, and operational patching guidance.
curl 8.21.0 Fixes 25-Year-Old libcurl mTLS Bug
curl 8.21.0 fixes 18 security flaws, including CVE-2026-8932, a 25-year-old libcurl mTLS connection-reuse bug. The practical risk is in applications that embed libcurl and change client certificate settings while reusing connection pools.
Mandiant Details Cisco SD-WAN Attack That Turned a Malicious CSV Into Root Access
Mandiant says an attacker used rogue Cisco Catalyst SD-WAN peering, admin password manipulation, and CVE-2026-20245 to gain root access through a malicious CSV upload. The new details make the June SD-WAN advisories an incident-response problem, not just a patching task.
CISA Gives UniFi OS and Lantronix Flaws a June 26 Patch Deadline
CISA added three Ubiquiti UniFi OS flaws and a Lantronix EDS5000 code-injection bug to its Known Exploited Vulnerabilities catalog, setting a June 26 remediation deadline for federal agencies. The risk is not just another CVE list: exposed network management interfaces can become a fast path to device control.
CISA’s June 23 Deadline Puts Cisco SD-WAN, Chrome, and Arista EOS on the Triage List
CISA’s June 23 remediation deadline covers three actively exploited flaws across Cisco Catalyst SD-WAN Manager, Google Chrome’s V8 engine, and Arista EOS. The useful move for security teams is not treating them as one patch chore, but triaging each layer: network control plane, browsers, and tunnel decapsulation paths.
Five Eyes Warns Frontier AI Could Compress Cyber Risk Into Months
Five Eyes cyber agencies warned on June 22 that frontier AI could transform offensive and defensive cyber operations on a months-long timeline. The guidance turns AI-enabled cyber risk into a board-level resilience issue, with practical pressure on patching, identity controls, legacy systems, incident response, and defensive AI use.
LiteLLM Exploit Puts AI Gateways on a June 22 Patch Deadline
CISA’s June 22 remediation deadline for CVE-2026-42271 puts LiteLLM AI gateways on the security team’s priority list. The flaw affects MCP test endpoints, can expose model-provider credentials, and may become unauthenticated RCE when chained with a Starlette host-header bypass.
FortiSandbox Exploits Put Fortinet Appliances on a Patch Clock
Attackers are probing three critical FortiSandbox vulnerabilities that can expose Fortinet malware-analysis appliances to authentication bypass and command execution. Security teams should verify FortiSandbox 4.4 and 5.0 patch levels, check whether management interfaces are reachable, and review logs for exploit attempts rather than treating the April and June fixes as routine maintenance.
AryStinger Botnet Turns Old Routers Into Attack Proxies
Security researchers say AryStinger has compromised more than 4,300 legacy routers, turning aging home and small-office gear into proxy and reconnaissance infrastructure. The campaign is a reminder that end-of-life routers are not just slow or outdated; they can become someone else’s attack platform.
Microsoft Defender RoguePlanet Zero-Day Leaves Windows Teams Waiting for a Patch
Microsoft has acknowledged RoguePlanet, a Microsoft Defender elevation-of-privilege flaw tracked as CVE-2026-50656, but a patch is still in development. The public proof of concept turns Defender’s own file-handling workflow into a path to SYSTEM privileges, so Windows teams should tighten execution controls and monitoring while they wait for Microsoft’s fix.
Cisco ISE Flaws Put Network Access Control on a Patch Clock
Cisco patched two Identity Services Engine flaws that can expose hashed credentials and let an authenticated attacker run commands on the underlying operating system. The urgency is highest for teams running ISE 3.4, ISE 3.5, or ISE-PIC, especially because one Cisco ISE 3.5 fix is not due in the normal patch stream until August.