Microsoft has addressed a new security vulnerability impacting on-premises versions of Exchange Server that is being exploited in the wild. Tracked as CVE-2026-42897, the vulnerability may allow an attacker to perform network spoofing.
Cisco Releases Patches for SD-WAN Vulnerability Exploited in the Wild (CVE-2026-20182)
Cisco warned users about a critical vulnerability impacting the Catalyst SD-WAN Controller, tracked as CVE-2026-20182. Successful exploitation of the vulnerability may allow an attacker to bypass authentication and obtain administrative privileges on an affected system. CISA also acknowledged the active exploitation of the CVE-2026-20182 and added it to its Known Exploited Vulnerabilities Catalog. CISA urged users to patch the vulnerability before May 17, 2026.
Linux Kernel Local Privilege Escalation Vulnerability Exploited in Attacks (Fragnesia) (CVE-2026-46300)
Cybersecurity researchers have identified a new variant in the DirtyFrag family of Linux local privilege escalation vulnerabilities, named ‘Fragnesia’. Tracked as CVE-2026-46300, successful exploitation of the vulnerability may allow an unprivileged local attacker to modify read-only file contents in the kernel page cache and gain root privileges. The vulnerability has been named Fragnesia because the core bug … Continue reading “Linux Kernel Local Privilege Escalation Vulnerability Exploited in Attacks (Fragnesia) (CVE-2026-46300)”
F5 Nginx Remote Code Execution Vulnerability (CVE-2026-42945)
Threat researchers identified a critical severity vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945. The vulnerability discovered by depthfirst is an 18-year-old memory corruption flaw in NGINX Plus and NGINX Open Source. Successful exploitation of the vulnerability may allow an unauthenticated attacker to cause a denial-of-service (DoS) on the NGINX system or to trigger code execution. NGINX is an open-source, high-performance HTTP web server, reverse proxy, … Continue reading “F5 Nginx Remote Code Execution Vulnerability (CVE-2026-42945)”
Ivanti Addresses Multiple Vulnerabilities Impacting EPM, Xtraction, Secure Access Client, & Virtual Traffic Manager
Ivanti has released its May 2026 security updates, addressing security vulnerabilities across its popular products. The list of vulnerabilities and impacted products includes: Ivanti Xtraction — CVE-2026-8043 Ivanti Virtual Traffic Manager (vTM) — CVE-2026-8051 Ivanti Secure Access Client — CVE-2026-7431 and CVE-2026-7432 Ivanti Endpoint Manager (EPM) — CVE-2026-8109, CVE-2026-8110, CVE-2026-811
Microsoft Patch Tuesday, May 2026 Security Update Review
May 2026’s Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching in an increasingly threat-heavy landscape. Here’s a quick breakdown of what you need to know. This month’s release addresses 137 vulnerabilities, including 30 critical and 103 important-severity vulnerabilities. In this month’s updates, Microsoft has not addressed any publicly disclosed zero-day vulnerability. Microsoft has addressed 128 vulnerabilities in Microsoft … Continue reading “Microsoft Patch Tuesday, May 2026 Security Update Review”
Ollama Heap Out-of-bounds Read Vulnerability Leads to Remote Process Memory Leak (CVE-2026-7482)
Threat researchers have identified a critical severity vulnerability impacting Ollama. Tracked as CVE-2026-7482, successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to leak the entire process memory.
Ivanti Endpoint Manager Mobile Vulnerability Exploited in the Wild (CVE-2026-6973)
Ivanti released security updates to address five high-severity vulnerabilities impacting Endpoint Manager Mobile (EPMM). One of these vulnerabilities, tracked as CVE-202606973, is said to be exploited in zero-day attacks. This Improper Input Validation vulnerability in Ivanti EPMM requires Admin authentication for successful exploitation. A remote authenticated user with administrative access may exploit the vulnerability to execute arbitrary code remotely.
vm2 Sandbox Escape Vulnerability Allows Attackers to Execute Code (CVE-2026-26956)
Security researchers have identified a critical severity vulnerability impacting the popular Node.js sandboxing library vm2. Tracked as CVE-2026-26956, successful exploitation of the vulnerability allows an attacker to escape the sandbox and execute arbitrary code on the host system. Proof-of-concept code for the vulnerability is publicly available. vm2 is a widely used JavaScript sandbox that can run untrusted code with allowed Node’s built-in modules. Sandboxes are used in modern applications for a variety of functions.
Apache Addresses Multiple Vulnerabilities Impacting the HTTP Server
Apache has released security updates for the HTTP Server, addressing several security vulnerabilities. One of the vulnerabilities, tracked as CVE-2026-23918, can result in remote code execution.