Critical vulnerabilities, curated daily for security professionals
đ¯ SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
đ
Today's Security Brief
Sunday's disclosures center on high-severity flaws in enterprise infrastructure, with actively exploited weaknesses surfacing in Oracle WebLogic Server, SolarWinds Serv-U, and the Linux kernel. No critical CVEs (CVSS 9.0+) were disclosed, down from 10 the prior day, while high-priority vulnerabilities totaled 23, a 23% decrease from 30. Among the actively exploited issues are CVE-2024-21182 in Oracle WebLogic Server (CVSS 9.5), CVE-2026-28318 in SolarWinds Serv-U (CVSS 9.5), and CVE-2022-0492 in the Linux kernel (CVSS 9.5). The activity spans web application servers, file transfer software, container runtimes, and mobile platforms, with several entries tied to privilege escalation and remote code execution. Patch availability for today's set is limited, so teams should prioritize the exploited items and apply vendor mitigations where fixes are pending.
Oracle WebLogic Server, SolarWinds Serv-U, and the Linux kernel headline today's set with confirmed active exploitation
No new critical CVEs (CVSS 9.0+), down 100% from 10 the prior day
23 high-priority CVEs disclosed, a 23% decrease from 30
Privilege escalation and remote code execution patterns affect web servers, file transfer tools, and container runtimes
Patch availability stands at 0% for this set, requiring interim mitigations for unpatched issues
5 actively exploited vulnerabilities span Oracle, SolarWinds, Linux, Android Framework, and a Magento extension
Immediate action: Prioritize Oracle WebLogic Server, SolarWinds Serv-U, Linux kernel, Android Framework, and the Mirasvit Magento cache warmer, as all have confirmed active exploitation. With no patches currently available for today's disclosures, apply vendor-recommended workarounds, restrict exposed services, and monitor affected systems until fixes are released.
đĄ Tip: Swipe CVE cards left to â star, right to â remove
Section Navigation
â ī¸
CISA Known Exploited Vulnerabilities
â ī¸ CISA KEVURGENT
CVE-2024-21182
9.5đđ Late Disclosure
OracleWebLogic Server
â° Federal Deadline:June 3, 2026(-3 days remaining)
Oracle WebLogic Server contains an unspecified vulnerability that is currently being exploited in the wild.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2022-0492
9.5đđ Late Disclosure
LinuxKernel
â° Federal Deadline:June 4, 2026(-2 days remaining)
A privilege escalation vulnerability in the Linux Kernel cgroup_release_agent_write function allows unprivileged users to escape container environments and gain elevated host privileges.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2025-48595
9.5đ
AndroidFramework
â° Federal Deadline:June 4, 2026(-2 days remaining)
An integer overflow vulnerability in the Android Framework allows for potential unauthorized system access and is currently tracked in the CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEVURGENT
CVE-2026-45247
9.5đ
MirasvitFull Page Cache Warmer for Magento 2
â° Federal Deadline:June 5, 2026(EXPIRED)
Mirasvit Full Page Cache Warmer for Magento 2 contains a PHP object injection vulnerability allowing unauthenticated RCE via the CacheWarmer cookie.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2026-28318
9.5đ
SolarWindsServ-U
â° Federal Deadline:June 18, 2026(12 days remaining)
SolarWinds Serv-U is vulnerable to an uncontrolled resource consumption flaw allowing unauthenticated attackers to crash the service via specially crafted POST requests.
CVSS Base9.5
â
CRSSelect profile
â ī¸
High Priority Updates
CVE-2026-7654
8.8đ
WordPressAdmin Columns Plugin
The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection, which can lead to Remote Code Execution via unvalidated post meta values.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-9126
8.8đ
GoogleChrome
A use-after-free vulnerability in the Google Chrome DOM allows remote attackers to execute arbitrary code via a specially crafted HTML page.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-5415
8.8đ
GoogleAdvanced Google reCAPTCHA (WP Captcha PRO)
An authentication bypass vulnerability in the WordPress WP Captcha PRO plugin allows authenticated attackers to log in as any user, including administrators.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-5411
8.8đ
GoogleAdvanced Google reCAPTCHA (WP Captcha PRO)
An arbitrary file upload vulnerability in the WordPress WP Captcha PRO plugin allows authenticated attackers to execute arbitrary code on the server.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-8389
8.8đ
MozillaFirefox
A JIT miscompilation vulnerability in the Mozilla Firefox JavaScript engine can lead to memory corruption and potential code execution.
CVSS Base8.8
â
CRSSelect profile
CVE-2025-5997
8.8đ
HPMultiple Products
Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse
CVSS Base8.8
â
CRSSelect profile
CVE-2026-5140
8.8đ
TUBITAK BILGEMPardus Update
A CRLF injection vulnerability in Pardus Update allows remote attackers to bypass authentication mechanisms via crafted input.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-5141
8.8đ
TUBITAK BILGEMPardus Software Center
Improper privilege management in the Pardus Software Center allows local attackers to hijack privileged processes and escalate system access.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-5161
8.8đ
TUBITAK BILGEMPardus About
An improper link resolution vulnerability in Pardus About enables symlink attacks, potentially allowing for unauthorized file access or privilege escalation.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-6849
8.8đ
TUBITAK BILGEMPardus OS My Computer
An OS command injection vulnerability in Pardus OS My Computer allows attackers to execute arbitrary commands on the underlying operating system.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-8179
8.8đ
IBMAspera High-Speed Transfer
A stack-based buffer overflow in the IBM Aspera High-Speed Transfer component allows authenticated attackers to execute arbitrary code.
CVSS Base8.8
â
CRSSelect profile
CVE-2025-7636
8.8đ
Ergosis SecuritySecurity Systems Computer Industry and Trade Inc
Ergosis Security systems are vulnerable to SQL Injection, allowing unauthorized database access through the improper neutralization of special elements in SQL commands.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-1618
8.8đ
Universal Software IncMultiple Products
An authentication bypass vulnerability exists in multiple products from Universal Software Inc due to the use of an alternate path or channel.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-48095
8.8đ
7-Zip7-Zip
A heap buffer overflow in 7-Zip allows attackers to achieve arbitrary code execution via a crafted NTFS archive.
Markdown Preview Enhanced contains vulnerabilities allowing for OS command injection and arbitrary JavaScript execution via untrusted markdown content.
Markdown Preview Enhanced contains a remote code execution vulnerability due to improper parsing of Bitfield fenced code blocks using unsafe JavaScript evaluation.
Markdown Preview Enhanced is vulnerable to remote code execution because it evaluates untrusted WaveDrom diagram data using the unsafe `eval()` function.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-11413
8.8đ
JingDongJD Cloud Box AX6600
A stack-based buffer overflow in the JingDong JD Cloud Box AX6600 allows remote attackers to achieve arbitrary code execution.
CVSS Base8.8
â
CRSSelect profile
CVE-2025-10228
8.8đ
Rolantis Information TechnologiesAgentis
Rolantis Information Technologies Agentis is susceptible to a session fixation vulnerability that allows unauthorized attackers to hijack valid user sessions.
CVSS Base8.8
â
CRSSelect profile
CVE-2025-2155
8.8đ
Echo Call Center Services Trade and Industry IncSpecto CM
Specto CM contains an unrestricted file upload vulnerability that enables remote attackers to include and execute arbitrary code on the server.
CVSS Base8.8
â
CRSSelect profile
CVE-2026-1819
8.8đ
Karel ElectronicsIndustry and Trade Inc Software
A Cross-site Scripting (XSS) vulnerability in Karel Electronics software allows attackers to inject malicious scripts into web pages generated by the application.
CVSS Base8.8
â
CRSSelect profile
CVE-2025-10465
8.8đ
Birtech Information Technologies Industry and Trade LtdSensaway
Birtech Sensaway contains an unrestricted file upload vulnerability that allows attackers to upload a web shell and gain remote control of the server.
CVSS Base8.8
â
CRSSelect profile
CVE-2025-7347
8.8đ
Dinibh Puzzle Software SolutionsDinibh Patrol Tracking System
An authorization bypass vulnerability in the Dinibh Patrol Tracking System allows authenticated users to exploit trusted identifiers and gain unauthorized system control.