Friday, July 17, 2026 Archive

Archived Security Snapshot

Critical vulnerabilities, curated daily for security professionals

Archived Security Brief

Friday's disclosures center on high-impact flaws in widely deployed infrastructure and collaboration tooling, including jupyter-server enterprise_gateway (CVE-2026-44181, CVSS 10) and Zoom Workplace for Windows (CVE-2026-53412, CVSS 9.8). Critical CVEs rose to 32 (up 78% from the prior day) and high-priority CVEs climbed to 81 (up 138%), across 113 total vulnerabilities. Additional notable critical issues include Kopia backup (CVE-2026-45695, CVSS 9.8), Yamcs mission control (CVE-2026-46562, CVSS 9.8), and two Microsoft Kiota flaws (CVE-2026-59864 and CVE-2026-59865, both CVSS 9.3). The set is dominated by remote code execution and authentication bypass conditions affecting backup systems, developer tooling, WordPress plugins, and enterprise gateways, and 10 vulnerabilities have confirmed active exploitation spanning Microsoft SharePoint, SonicWall SMA1000, and Fortinet FortiSandbox. Patch availability is currently reported at 0%, so teams should prioritize monitoring vendor advisories, applying interim mitigations, and restricting exposure of affected services.

  • jupyter-server enterprise_gateway (CVE-2026-44181) carries a maximum CVSS 10 score, with Zoom Workplace for Windows (CVE-2026-53412) and Kopia backup (CVE-2026-45695) both rated CVSS 9.8
  • 32 critical CVEs disclosed, up 78% from the prior day's 18
  • 81 high-priority CVEs disclosed, up 138% from the prior day's 34
  • Remote code execution and authentication bypass patterns dominate, affecting developer tooling, backup systems, mission-control software, and WordPress plugins
  • Patch availability sits at 0%, leaving Yamcs, Microsoft Kiota, and Happy Coders OTP Login for WooCommerce without published fixes
  • 10 vulnerabilities show confirmed active exploitation, including Microsoft SharePoint, SonicWall SMA1000, Fortinet FortiSandbox, and Oracle Payments

Immediate action: Prioritize the actively exploited flaws in Microsoft SharePoint, SonicWall SMA1000, and Fortinet FortiSandbox, and reduce exposure of jupyter-server enterprise_gateway and internet-facing Kopia and Yamcs deployments. With patch availability at 0% for today's critical disclosures, apply vendor mitigations, restrict network access, and monitor advisories closely for fixes as they are released.

How to read this brief

CVSS score (e.g. 9.1) — severity from 0–10. Red marks critical (9+), orange high (7–8.9).

Exploitability — how hard the flaw is to attack, read from the CVSS vector:

  • Network / Adjacent / Local / Physical — how close an attacker must get. Network means reachable over the internet.
  • No / Low / High privileges — the access they need first. No privileges means no login required.
  • No interaction / User interaction — whether a victim has to do something (open a file, click a link). No interaction means fully automatable.

The lower the bar on all three, the easier to exploit at scale — “Network · No privileges · No interaction” is the worst case: hit from anywhere, no credentials, no victim action.

Actively exploited — confirmed under attack in the wild (CISA’s Known Exploited Vulnerabilities catalog). Prioritize these regardless of score.

EPSS · Nth percentile — FIRST.org’s estimated chance a flaw is exploited within 30 days. We flag it only in the top 10% — a statistical signal it’s unusually likely to be targeted, separate from whether attacks are confirmed.

💡 Tip: Swipe CVE cards left to ⭐ star, right to ❌ remove

Section Navigation