Critical vulnerabilities, curated daily for security professionals
🎯 SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
📊
Archived Security Brief
Monday's brief centers on critical vulnerabilities in widely used developer and web-platform software, led by Crawl4AI, SiYuan, and Cisco Catalyst SD-WAN Manager. The day brought 4 critical CVEs (down 20% from the prior day's 5) and 19 high-priority CVEs (down 72% from 67), for 23 total disclosures. Standout issues include CVE-2026-56265 (CVSS 9.8) in Crawl4AI, the paired CVE-2026-56395 and CVE-2026-56397 (CVSS 9.6) in SiYuan, and CVE-2026-11746 (CVSS 9.4) in LY Central Dogma. Splunk Enterprise, Cisco Catalyst SD-WAN Manager, and the LiteSpeed cPanel plugin are among four CVEs (CVSS 9.5) with confirmed active exploitation. No patches were available at disclosure across this set, so teams should prioritize compensating controls and monitoring for the affected products until vendor fixes ship.
Crawl4AI (CVE-2026-56265, CVSS 9.8) is the highest-scoring disclosure, alongside two SiYuan flaws (CVE-2026-56395, CVE-2026-56397, CVSS 9.6)
Critical CVEs fell 20% day-over-day to 4
High-priority CVEs dropped 72% to 19 from 67
Active exploitation spans Splunk, Cisco Catalyst SD-WAN Manager, LiteSpeed cPanel plugin, and Joomla Content Editor (all CVSS 9.5)
Patch availability is 0% across this set, affecting developer tools, web CMS plugins, and network management platforms
Four CVEs carry confirmed in-the-wild exploitation
Immediate action: Prioritize the actively exploited products — Splunk Enterprise and Cloud, Cisco Catalyst SD-WAN Manager, the LiteSpeed cPanel plugin, and Joomla Content Editor — for immediate review, along with internet-facing Crawl4AI and SiYuan deployments. With no vendor patches available at disclosure, apply access restrictions, network segmentation, and enhanced monitoring on affected systems until fixes are released.
💡 Tip: Swipe CVE cards left to ⭐ star, right to ❌ remove
Section Navigation
⚠️
CISA Known Exploited Vulnerabilities
⚠️ CISA KEVURGENT
CVE-2026-54420
9.5📝
LiteSpeed TechnologiescPanel plugin
⏰ Federal Deadline:June 17, 2026(-4 days remaining)
A symlink mishandling vulnerability in the LiteSpeed cPanel plugin allows users with limited access to escalate privileges on shared hosting environments.
CVSS Base9.5
→
CRSSelect profile
⚠️ CISA KEVURGENT
CVE-2026-48907
9.5📝
Widget FactoryJoomla Content Editor
⏰ Federal Deadline:June 18, 2026(-3 days remaining)
An improper access control vulnerability in the Widget Factory Joomla Content Editor allows unauthorized users to perform restricted actions.
CVSS Base9.5
→
CRSSelect profile
⚠️ CISA KEVURGENT
CVE-2026-20253
9.5📝
SplunkEnterprise and Cloud Platform
⏰ Federal Deadline:June 20, 2026(EXPIRED)
Splunk Enterprise and Cloud Platform contain an authentication bypass vulnerability in a PostgreSQL sidecar service, allowing unauthenticated users to create or truncate arbitrary files.
CVSS Base9.5
→
CRSSelect profile
⚠️ CISA KEVURGENT
CVE-2026-20262
9.5📝
CiscoCatalyst SD-WAN Manager
⏰ Federal Deadline:June 28, 2026(7 days remaining)
Cisco Catalyst SD-WAN Manager contains an arbitrary file write vulnerability in its web UI, allowing authenticated remote attackers to escalate privileges to root.
CVSS Base9.5
→
CRSSelect profile
🚨
Critical Vulnerabilities
CVE-2026-56395
9.6📝
SiYuanSiYuan
SiYuan versions before 3.6.1 contain an XSS vulnerability in the Bazaar marketplace that allows remote code execution via malicious package metadata.
CVSS Base9.6
→
CRSSelect profile
CVE-2026-56397
9.6📝
SiYuanSiYuan
SiYuan versions before 3.6.1 contain an XSS vulnerability in the Bazaar marketplace that allows remote code execution via malicious package metadata.
CVSS Base9.6
→
CRSSelect profile
CVE-2026-56265
9.8📝
Crawl4AICrawl4AI
Crawl4AI versions before 0.8.7 contain an authentication bypass vulnerability due to a hardcoded JWT signing key in the Docker API server.
CVSS Base9.8
→
CRSSelect profile
CVE-2026-11746
9.4📝
LYCentral Dogma
Central Dogma servers incorrectly use a hard-coded secret for ZooKeeper replication when a custom secret is not configured, allowing unauthenticated remote command execution.
CVSS Base9.4
→
CRSSelect profile
⚠️
High Priority Updates
CVE-2026-56396
8.8📝
phpMyFAQphpMyFAQ
A security vulnerability exists in phpMyFAQ versions prior to 4, potentially allowing unauthorized access or system compromise.
CVSS Base8.8
→
CRSSelect profile
CVE-2020-37255
7.5📝📜 Late Disclosure
WordPressTime Capsule Plugin
A security vulnerability has been identified in the WordPress Time Capsule plugin, necessitating an urgent update to the latest available software version.
CVSS Base7.5
→
CRSSelect profile
CVE-2026-44914
7.5📝
ApacheNiFi
Apache NiFi 1 contains an unspecified vulnerability requiring immediate vendor-provided security updates for mitigation.
CVSS Base7.5
→
CRSSelect profile
CVE-2026-11745
8.8📝
centraldogmacentraldogma-server-mirror-git
A high-severity vulnerability has been identified in the centraldogma-server-mirror-git component, necessitating immediate security review and patching.
CVSS Base8.8
→
CRSSelect profile
CVE-2026-12806
8.8📝
EdimaxBR-6478AC V2
A critical security vulnerability has been identified in the Edimax BR-6478AC V2 router, potentially allowing for unauthorized device control.
CVSS Base8.8
→
CRSSelect profile
CVE-2025-71348
8.1📝
PicklescanPicklescan
A security vulnerability exists in the Picklescan utility, potentially allowing for malicious code execution through malformed pickle files.
CVSS Base8.1
→
CRSSelect profile
CVE-2025-71357
8.1📝
PicklescanPicklescan
A high-severity vulnerability in Picklescan may allow for arbitrary code execution via the processing of malicious serialized objects.
CVSS Base8.1
→
CRSSelect profile
CVE-2025-71378
8.1📝
PicklescanPicklescan
A security flaw in Picklescan enables potential arbitrary code execution, requiring immediate attention to prevent system-wide compromise.
CVSS Base8.1
→
CRSSelect profile
CVE-2025-71351
7.6📝
picklescanpicklescan
A security vulnerability exists in the picklescan library that may allow for unauthorized code execution during the deserialization of untrusted pickle files.
CVSS Base7.6
→
CRSSelect profile
CVE-2026-56239
7.6📝
CapgoCapgo
A security flaw in Capgo versions prior to 12 may permit unauthorized access or manipulation of services due to improper implementation of security controls.
CVSS Base7.6
→
CRSSelect profile
CVE-2026-56242
7.5📝
CapgoCapgo
A security vulnerability in Capgo prior to version 12 may allow for unauthorized operations, posing a risk to the integrity of the application deployment process.
CVSS Base7.5
→
CRSSelect profile
CVE-2026-56253
7.5📝
CapgoCapgo
A vulnerability in Capgo versions prior to 12 may allow for unauthorized system interaction.
CVSS Base7.5
→
CRSSelect profile
CVE-2026-56341
7.5📝
AVideoAVideo
A security vulnerability in AVideo through version 26 may permit unauthorized access or execution within the application environment.
CVSS Base7.5
→
CRSSelect profile
CVE-2026-6645
7.3📝
PaperCutPrint Deploy
An insecure process execution vulnerability in the PaperCut Print Deploy pc-printer-updater component may allow for local privilege escalation or arbitrary code execution.
CVSS Base7.3
→
CRSSelect profile
CVE-2026-12795
7.3📝
BerriAIlitellm
A security vulnerability has been identified in BerriAI litellm that may expose the application to unauthorized actions or data access.
CVSS Base7.3
→
CRSSelect profile
CVE-2026-12775
7.3📝
MontodelHouse-Rental-Management
A security vulnerability has been identified in the Montodel House-Rental-Management software that may allow for unauthorized system interaction.
CVSS Base7.3
→
CRSSelect profile
CVE-2026-12773
7.3📝
BerriAIlitellm
A security weakness has been identified in BerriAI litellm that could potentially be leveraged by an attacker to compromise application integrity.
CVSS Base7.3
→
CRSSelect profile
CVE-2026-56382
7.2📝
Craft CMSCMS
Craft CMS versions 5 and later contain a security vulnerability that may expose the system to unauthorized access or manipulation.
CVSS Base7.2
→
CRSSelect profile
CVE-2026-8918
7.1📝
ASUSArmoury Crate
ASUS Armoury Crate contains a vulnerability allowing local administrators to perform arbitrary memory read/write operations or trigger a system crash.