Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Today's Security Brief
Thursday's disclosures center on critical infrastructure components, with Cisco Secure Workload, NLnet Labs Unbound DNSSEC resolver, and Netatalk file sharing facing maximum-severity flaws. The brief covers 10 critical CVEs (down 58% from prior day) and 44 high-priority vulnerabilities (down 31%), reflecting a narrower but more impactful disclosure set. Notable entries include CVE-2026-20223 (CVSS 10) in Cisco Secure Workload, CVE-2026-42960 (CVSS 10) in NLnet Labs Unbound, and CVE-2026-44050 (CVSS 9.9) in Netatalk. Attack patterns skew toward remote code execution and authentication bypass against network appliances, DNS infrastructure, and WordPress ecosystem plugins, with embedded SMS gateway devices also appearing twice. No vendor patches are currently published for these disclosures, and nine CVEs carry confirmed active exploitation including a Cisco Catalyst SD-WAN flaw and multiple Microsoft Defender issues.
Cisco Secure Workload (CVE-2026-20223) and NLnet Labs Unbound DNSSEC (CVE-2026-42960) both carry CVSS 10 ratings affecting core network and DNS infrastructure
10 critical CVEs disclosed, down 58% from the prior day's 24
44 high-priority CVEs disclosed, down 31% from the prior day's 64
Remote code execution and authentication bypass dominate, hitting Netatalk file sharing, WordPress plugins, and embedded SMS alert gateways
Patch availability sits at 0% across this disclosure set, leaving administrators to rely on mitigations and network controls
9 CVEs with confirmed active exploitation include Cisco Catalyst SD-WAN (CVE-2026-20182) and Microsoft Defender (CVE-2026-45498, CVE-2026-41091)
Immediate action: Prioritize inventory and mitigation for Cisco Secure Workload, Cisco Catalyst SD-WAN, NLnet Labs Unbound resolvers, Netatalk deployments, and Microsoft Defender installations, since these account for the highest-severity and actively exploited issues. With no patches yet available, apply vendor-recommended workarounds, restrict management interfaces, and increase monitoring on affected DNS and network infrastructure until fixes ship.
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2026-20182
9.5
CiscoCatalyst SD-WAN
β° Federal Deadline:May 16, 2026(-4 days remaining)
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-42897
9.5π
MicrosoftMicrosoft
β° Federal Deadline:May 28, 2026(8 days remaining)
A cross-site scripting (XSS) vulnerability in Microsoft Exchange Server allows unauthenticated attackers to perform spoofing over a network.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2008-4250
9.5π Late Disclosure
MicrosoftWindows
β° Federal Deadline:June 2, 2026(13 days remaining)
Microsoft Windows Buffer Overflow Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2009-1537
9.5π Late Disclosure
MicrosoftDirectX
β° Federal Deadline:June 2, 2026(13 days remaining)
Microsoft DirectX NULL Byte Overwrite Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2009-3459
9.5π Late Disclosure
AdobeAcrobat and Reader
β° Federal Deadline:June 2, 2026(13 days remaining)
Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2010-0249
9.5π Late Disclosure
MicrosoftInternet Explorer
β° Federal Deadline:June 2, 2026(13 days remaining)
Microsoft Internet Explorer Use-After-Free Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2010-0806
9.5π Late Disclosure
MicrosoftInternet Explorer
β° Federal Deadline:June 2, 2026(13 days remaining)
Microsoft Internet Explorer Use-After-Free Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-45498
9.5
MicrosoftDefender
β° Federal Deadline:June 2, 2026(13 days remaining)
Microsoft Defender Denial of Service Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-41091
7.8
MicrosoftDefender allows
β° Federal Deadline:June 2, 2026(13 days remaining)
Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally
CVSS Base7.8
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2026-6279
9.8π
WordPressis vulnerable
The Avada Builder plugin for WordPress is vulnerable to unauthenticated remote code execution via PHP function injection in the `fusion_get_widget_markup` AJAX endpoint.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-9139
9.8π
the embeddedAG1000-01A SMS Alert Gateway
The Taiko AG1000-01A SMS Alert Gateway exposes hard-coded administrative credentials via client-side JavaScript in its configuration interface.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-20223
10π
CiscoSecure Workload
Cisco Secure Workload contains an access validation flaw in internal REST APIs that permits unauthenticated, remote attackers to perform unauthorized configuration changes as a Site Admin.
CVSS Base10
β
CRSSelect profile
CVE-2026-33278
9.8π
the DNSSECUnbound
NLnet Labs Unbound contains a DNSSEC validation flaw that can be exploited to cause a denial-of-service or potentially remote code execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-42960
10π
NLnet LabsUnbound
NLnet Labs Unbound is vulnerable to cache poisoning via promiscuous RRSets in the authority section of DNS replies, allowing attackers to inject malicious records into the cache.
CVSS Base10
β
CRSSelect profile
CVE-2026-9141
9.8π
the embeddedAG1000-01A SMS Alert Gateway
The Taiko AG1000-01A SMS Alert Gateway web interface lacks server-side authentication, allowing unauthenticated attackers to access internal pages directly.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-45444
10π
WP SwingsGift Cards For WooCommerce Pro
The WP Swings Gift Cards For WooCommerce Pro plugin allows unauthenticated users to upload malicious files, leading to potential site compromise.
CVSS Base10
β
CRSSelect profile
CVE-2026-44050
9.9π
NetatalkNetatalk
Netatalk contains a heap-based buffer overflow vulnerability within the `cnid` daemon's `comm_rcv()` function.
CVSS Base9.9
β
CRSSelect profile
CVE-2026-8598
9.1π
InforCCTV Cameras
Certain ZKTeco CCTV cameras expose an undocumented, unauthenticated configuration export port that reveals sensitive information, including account credentials.
CVSS Base9.1
β
CRSSelect profile
CVE-2026-22314
9π
Mesalvo MeonaMeona
The Mesalvo Meona Client and Server components are vulnerable to code injection, allowing an attacker to execute code on other users' systems.
CVSS Base9
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2026-9111
8.8π
GoogleChrome on
A use-after-free vulnerability exists in the WebRTC component of Google Chrome on Linux, which could allow for arbitrary code execution.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-9112
8.8π
GoogleChrome on
A use-after-free vulnerability in the GPU component of Google Chrome on Windows could lead to memory corruption and potential arbitrary code execution.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-9114
8.8π
GoogleChrome on
A use-after-free vulnerability in the QUIC protocol implementation within Google Chrome could allow an attacker to trigger memory corruption.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-9118
8.8π
GoogleChrome on
A use-after-free vulnerability exists in the XR (Extended Reality) component of Google Chrome on Windows, potentially leading to code execution.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-9119
8.8π
GoogleChrome on
A heap buffer overflow vulnerability in the WebRTC component of Google Chrome could allow attackers to execute arbitrary code.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-9120
8.8
GoogleChrome prior
Use after free in WebRTC in Google Chrome prior to 148
CVSS Base8.8
β
CRSSelect profile
CVE-2026-9126
8.8
GoogleChrome on
Use after free in DOM in Google Chrome on prior to 148
CVSS Base8.8
β
CRSSelect profile
CVE-2026-45584
8.1
MicrosoftDefender allows
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network
CVSS Base8.1
β
CRSSelect profile
CVE-2026-24217
8.8
NVIDIAcontains
NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file
CVSS Base8.8
β
CRSSelect profile
CVE-2026-9121
8.8
GoogleChrome on
Out of bounds read in GPU in Google Chrome on prior to 148
CVSS Base8.8
β
CRSSelect profile
CVE-2026-44047
8.8
MySQLcnid backend
In Netatalk 3
CVSS Base8.8
β
CRSSelect profile
CVE-2026-42834
7.8
AzurePortal Windows
Improper link resolution before file access ('link following') in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally
CVSS Base7.8
β
CRSSelect profile
CVE-2026-24425
8.8
HPcallables to
Twig versions 2
CVSS Base8.8
β
CRSSelect profile
CVE-2026-24218
8.1
NVIDIADGX OS
NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems
CVSS Base8.1
β
CRSSelect profile
CVE-2026-24216
7.8
NVIDIAcontains
NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data
CVSS Base7.8
β
CRSSelect profile
CVE-2026-42383
7.6
YITH YITH WooCommerceMultiple Products
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection
CVSS Base7.6
β
CRSSelect profile
CVE-2026-24188
8.2
NVIDIATensorRT contains
NVIDIA TensorRT contains a vulnerability where an attacker could cause an out-of-bounds write
CVSS Base8.2
β
CRSSelect profile
CVE-2026-8952
8.8
PrivilegeMultiple Products
Privilege escalation in the Application Update component
CVSS Base8.8
β
CRSSelect profile
CVE-2026-8955
8.8
PrivilegeMultiple Products
Privilege escalation in the DOM: Workers component
CVSS Base8.8
β
CRSSelect profile
CVE-2026-8957
8.8
PrivilegeMultiple Products
Privilege escalation in the Enterprise Policies component
CVSS Base8.8
β
CRSSelect profile
CVE-2026-8972
8.8
PrivilegeMultiple Products
Privilege escalation in the WebRTC: Audio/Video component
CVSS Base8.8
β
CRSSelect profile
CVE-2026-31069
8.8
EventRepositoryMultiple Products
BillaBear (all versions prior to Jan 2026) contains a SQL Injection vulnerability in the EventRepository
Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v
CVSS Base8.8
β
CRSSelect profile
CVE-2026-44926
8.8
CmdServerMultiple Products
InfoScale CmdServer before 7
CVSS Base8.8
β
CRSSelect profile
CVE-2026-44048
8.8
UnknownMultiple Products
In Netatalk 2
CVSS Base8.8
β
CRSSelect profile
CVE-2026-40165
8.7
UnknownMultiple Products
authentik is an open-source identity provider
CVSS Base8.7
β
CRSSelect profile
CVE-2026-39310
8.6
ArchMultiple Products
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases
CVSS Base8.6
β
CRSSelect profile
CVE-2026-8962
8.1
MitigationMultiple Products
Mitigation bypass in the DOM: Security component
CVSS Base8.1
β
CRSSelect profile
CVE-2026-44051
8.1
UnknownMultiple Products
In Netatalk 3
CVSS Base8.1
β
CRSSelect profile
CVE-2025-11954
8
Sitemio InformationMultiple Products
Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technologies Trade Ltd
CVSS Base8
β
CRSSelect profile
CVE-2026-41054
7.8
UnknownMultiple Products
In `src/havegecmd
CVSS Base7.8
β
CRSSelect profile
CVE-2026-44933
7.8
UnknownMultiple Products
`PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the system root) in standard configurations or when using `--root`
CVSS Base7.8
β
CRSSelect profile
CVE-2026-0856
7.8
MeonaMultiple Products
Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gaining access to the admin panel
CVSS Base7.8
β
CRSSelect profile
CVE-2026-9133
7.7
beforeMultiple Products
Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0
CVSS Base7.7
β
CRSSelect profile
CVE-2026-5783
7.6
Beyaz ComputerMultiple Products
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Beyaz Computer Software Design Industry and Trade Ltd
CVSS Base7.6
β
CRSSelect profile
CVE-2026-44068
7.6
UnknownMultiple Products
In Netatalk 2
CVSS Base7.6
β
CRSSelect profile
CVE-2026-8965
7.5
InforMultiple Products
Information disclosure in the DOM: Security component
CVSS Base7.5
β
CRSSelect profile
CVE-2026-8966
7.5
InforMultiple Products
Information disclosure in the IP Protection component
CVSS Base7.5
β
CRSSelect profile
CVE-2026-8967
7.5
InforMultiple Products
Information disclosure in the Graphics: WebGPU component