Browsing Tag
Vulnerability Management
20 posts
Prioritizing, patching, and reducing exposure to software vulnerabilities.
curl 8.21.0 Fixes 25-Year-Old libcurl mTLS Bug
curl 8.21.0 fixes 18 security flaws, including CVE-2026-8932, a 25-year-old libcurl mTLS connection-reuse bug. The practical risk is in applications that embed libcurl and change client certificate settings while reusing connection pools.
Mandiant Details Cisco SD-WAN Attack That Turned a Malicious CSV Into Root Access
Mandiant says an attacker used rogue Cisco Catalyst SD-WAN peering, admin password manipulation, and CVE-2026-20245 to gain root access through a malicious CSV upload. The new details make the June SD-WAN advisories an incident-response problem, not just a patching task.
CISA Gives UniFi OS and Lantronix Flaws a June 26 Patch Deadline
CISA added three Ubiquiti UniFi OS flaws and a Lantronix EDS5000 code-injection bug to its Known Exploited Vulnerabilities catalog, setting a June 26 remediation deadline for federal agencies. The risk is not just another CVE list: exposed network management interfaces can become a fast path to device control.
Five Eyes Warns Frontier AI Could Compress Cyber Risk Into Months
Five Eyes cyber agencies warned on June 22 that frontier AI could transform offensive and defensive cyber operations on a months-long timeline. The guidance turns AI-enabled cyber risk into a board-level resilience issue, with practical pressure on patching, identity controls, legacy systems, incident response, and defensive AI use.
FortiSandbox Exploits Put Fortinet Appliances on a Patch Clock
Attackers are probing three critical FortiSandbox vulnerabilities that can expose Fortinet malware-analysis appliances to authentication bypass and command execution. Security teams should verify FortiSandbox 4.4 and 5.0 patch levels, check whether management interfaces are reachable, and review logs for exploit attempts rather than treating the April and June fixes as routine maintenance.
Cisco ISE Flaws Put Network Access Control on a Patch Clock
Cisco patched two Identity Services Engine flaws that can expose hashed credentials and let an authenticated attacker run commands on the underlying operating system. The urgency is highest for teams running ISE 3.4, ISE 3.5, or ISE-PIC, especially because one Cisco ISE 3.5 fix is not due in the normal patch stream until August.
Oracle PeopleSoft Zero-Day Turns ERP Servers Into an Incident Response Priority
Oracle’s CVE-2026-35273 alert, CISA’s exploited-vulnerability listing, and Mandiant’s ShinyHunters findings make PeopleSoft patching only the first step. Exposed systems need log review, endpoint checks, and network hardening now.
Splunk Enterprise Flaw Hits CISA’s Exploited-Vulnerability List
CISA added CVE-2026-20253 to its Known Exploited Vulnerabilities catalog after evidence of active exploitation, and Splunk now says it is aware of limited exploitation. Affected self-managed Splunk Enterprise 10.0 and 10.2 systems should upgrade or carefully apply the PostgreSQL sidecar mitigation.
CISA’s New Patch Directive Makes Three Days the High-Risk Deadline
CISA’s BOD 26-04 replaces flat federal vulnerability deadlines with a risk-based model that can require three-day remediation and forensic triage. The lesson for security teams is that exposure, exploitation, automation, and impact now matter more than CVSS alone.
Microsoft’s June Patch Tuesday Is a Windows Patching Priority List
Microsoft’s June 2026 Patch Tuesday fixes more than 200 vulnerabilities, including publicly disclosed Windows, BitLocker, and HTTP.sys flaws. The useful question is not whether to patch, but which systems should move first.