< ciso
brief />
Security Advisory and Patch Watch Banner

All news in category “Security Advisory and Patch Watch

2054 articles · page 3 of 103

Apple issues urgent iOS, macOS and Safari security updates

🔒 Apple released security updates for iOS, macOS, and Safari to address over three dozen vulnerabilities, including four WebKit flaws discovered with AI tools such as Anthropic Claude and OpenAI Codex Security. The fixes target memory corruption, out-of-bounds write, use-after-free, and other WebKit issues, plus several kernel-level bugs that could leak or corrupt memory. Updates are available for iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2, and Apple noted no active exploitation has been reported.
read more →

Critical Oracle E‑Business Suite Flaw Actively Exploited

🔒 A critical authentication and privilege-management vulnerability, tracked as CVE-2026-46817 (CVSS 9.8), affects Oracle Payments in E‑Business Suite versions 12.2.3 through 12.2.15 and has been observed under active exploitation. Patches were released in Oracle's last Critical Security Patch Update, but Defused Cyber reported exploitation against their honeypots and noted no prior public PoC. Details about the attack method, attribution, and campaign scope remain unknown, while experts urge rapid incident response and patching.
read more →

Chromium extension spoofs AI brand to hijack searches

🔍 Microsoft Threat Intelligence discovered a malicious Chromium extension impersonating Perplexity AI to intercept Omnibox queries and real-time search suggestions. The extension used MV3, declarativeNetRequest rules, and a typosquatted domain (perplexity-ai[.]online) to route searches through attacker infrastructure before redirecting to expected providers. Google removed the extension after responsible disclosure. Microsoft provides indicators, dynamic analysis findings, and mitigation guidance.
read more →

Critical libssh2 Integer Overflow POC Released

🛡️ A public proof-of-concept is available for CVE-2026-55200, a critical libssh2 flaw that allows a malicious SSH server to trigger memory corruption on connecting clients, potentially enabling code execution without credentials or user interaction. The bug affects all releases up to 1.11.1 and scores 9.2 (CVSS 4.0). It stems from an unbounded packet_length parsed during the SSH handshake, producing a 32-bit wrap and an out-of-bounds heap write. A patch was merged on June 12 and the CVE published June 17; distributions are backporting fixes while a tagged release is prepared.
read more →

Critical PTC Windchill PLM Flaw Under Active Exploitation

🛡️ Hackers are exploiting a critical unsafe deserialization vulnerability in PTC Windchill and FlexPLM that enables remote code execution. The flaw, tracked as CVE-2026-12569 and scored 9.3 CVSS, affects the Windchill PDMLink web component. PTC issued mitigations and patches on June 17–19 and provided indicators of compromise after reports of web shell deployment. CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog.
read more →

CISA orders urgent patches for exploited Cisco and PLM flaws

🔔 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has set a June 28 deadline under BOD 26-04 for federal agencies to patch a critical Cisco Unified Communications Manager Server SSRF vulnerability, CVE-2026-20230, which is being actively exploited. Cisco released a patch on June 3 and labeled the issue critical after a proof-of-concept existed; subsequent reports showed active attacks writing arbitrary files. CISA also added a critical RCE flaw, CVE-2026-12569, affecting PTC Windchill and FlexPLM products to its Known Exploited Vulnerabilities list, requiring immediate remediation.
read more →

High-severity Amazon Q MCP flaw enables cloud theft

🛡️ A high-severity flaw in Amazon Q Developer allowed a malicious repository to spawn MCP servers and execute commands, exposing a developer's cloud credentials. Wiz Research discovered the issue and demonstrated that a single config file (.amazonq/mcp.json) in a cloned repo could trigger AWS credential theft. Amazon patched the vulnerability, tracked as CVE-2026-12957 (CVSS 8.5), and updated Language Servers for AWS and IDE plugins to require explicit consent for untrusted MCP servers.
read more →

Linux pedit COW exploit lets local users gain root

⚠️ A critical memory-corruption bug in the Linux traffic-control subsystem (CVE-2026-46331, “pedit COW”) enables a local unprivileged user to gain root by corrupting shared page-cache memory. The flaw allows modification of a cached setuid binary image in memory without touching the on-disk file; a public exploit appeared within a day of CVE assignment. The exploit requires the act_pedit module be loadable and unprivileged user namespaces enabled; affected vendors have issued patches and mitigations.
read more →

CISA Adds PTC Windchill RCE to KEV Catalog

🔒 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical RCE vulnerability affecting PTC Windchill PDMlink and PTC FlexPLM to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The flaw, tracked as CVE-2026-12569 with a CVSS score of 9.3, allows arbitrary code execution via improper input validation and deserialization of untrusted data. Patches were released last week, but PTC warns of ongoing attacks deploying JSP web shells and published IoCs and mitigations.
read more →

DirtyClone Linux kernel flaw enables local root

🛡️ JFrog Security Research published a working exploit for DirtyClone (CVE-2026-43503) on June 25, demonstrating a local privilege escalation in the DirtyFrag family. The flaw lets a local user corrupt file-backed memory via cloned network packets to gain root; the upstream patch landed in mainline on May 21. Exploitation requires CAP_NET_ADMIN to configure an IPsec tunnel, and unprivileged user namespaces on Debian and Fedora enable the default attack path. Ubuntu 24.04+ mitigates the default vector via AppArmor restrictions.
read more →

macOS XPC Flaw Lets Non‑Root Users Disable EDR/MDM

🔒 A disclosed macOS privilege escalation allows a non-root user to abuse XPC trusted caller caching to invoke privileged helper functions without authentication, impacting multiple EDR and MDM products. XM Cyber found attackers can tamper with a legitimate app to inherit its cached trust and call sensitive methods to unload or disable security agents with minimal forensic traces. Vendors including CrowdStrike and Kandji have issued fixes and mitigations, while XM Cyber released a scanner and will present findings at Black Hat.
read more →

CISA warns of critical Ubiquiti and Lantronix flaws

🔒 CISA has added four high-severity vulnerabilities to its Known Exploited Vulnerabilities catalog, including three Ubiquiti UniFi OS flaws and a Lantronix EDS5000 command injection. The agency's BOD 26-04 requires federal agencies to apply fixes or mitigations within three days. Vendors have released patches and detection guidance, and researchers provided proof-of-concept chaining and a detection script to help defenders identify affected devices.
read more →

Cisco Unified CM SSRF Flaw Now Being Exploited

🛡️ Threat actors are actively exploiting a critical vulnerability in Cisco Unified Communications Manager and its SME edition, tracked as CVE-2026-20230 (CVSS 8.6). The flaw stems from improper input validation in handling specific HTTP requests, enabling unauthenticated SSRF and arbitrary file writes that could lead to root escalation. Exploitation requires the WebDialer service to be enabled (disabled by default); Cisco has released patches in 14SU6 and 15SU5 and recommends disabling WebDialer if immediate patching is not possible.
read more →

Critical FFmpeg MagicYUV Flaw Demands SBOM Focus

🔒 A critical heap out-of-bounds write in the MagicYUV decoder of FFmpeg (CVE-2026-8461), dubbed PixelSmash, can crash applications or enable remote code execution. Researchers at JFrog demonstrated full exploits against Jellyfin and Nextcloud by uploading crafted media files; any app using libavcodec is potentially affected. Users and vendors should upgrade to FFmpeg 8.1.2 or disable the MagicYUV decoder if unused.
read more →

Windows 11 KB5095093 preview adds Point-in-Time

🛈 Microsoft released optional preview update KB5095093 for Windows 11 24H2 and 25H2, installing build 26100.8737 and introducing new features and bug fixes. The update offers a new Point-in-Time restore capability that captures VSS-based restore points for up to 72 hours and simplifies rollback of the OS, apps, and files. It also fixes a Recycle Bin filename confirmation bug and brings improvements across Secure Boot, Netlogon, File Explorer, Bluetooth, Widgets, accessibility, and networking.
read more →

Cloud bucket hijacking risks across major providers

🔒 Unit 42 researchers describe a bucket hijacking technique that exploits globally unique storage bucket names across major cloud providers. By deleting a target bucket and recreating it under an attacker-controlled account with the same name, data streams (logs, Pub/Sub, replication, transfer jobs, etc.) can be silently rerouted to an adversary. The team validated the attack across Google Cloud, AWS and demonstrated cross-subscription scenarios in Azure, and has shared findings with the affected vendors.
read more →

FFmpeg patches PixelSmash MagicYUV vulnerability

🛡️ FFmpeg fixed a high-severity heap out-of-bounds flaw dubbed PixelSmash (CVE-2026-8461) in the MagicYUV decoder that can be triggered by crafted AVI, MKV, or MOV files. The bug allows denial-of-service in many media apps and can enable remote code execution in specific setups — for example, Jellyfin and Nextcloud instances — particularly if ASLR is disabled or chained with another vulnerability. FFmpeg 8.1.2 addresses the issue and vendors are updating or applying mitigations.
read more →

Microsoft fixes AutoGen Studio flaw enabling code execution

🛡️ Microsoft patched a vulnerability chain named AutoJack in AutoGen Studio that could allow a visiting webpage to coerce a developer’s AI agent into executing arbitrary commands on the host. AutoGen Studio is the graphical interface for Microsoft’s open-source AutoGen framework for multi-agent AI systems; the flaw was fixed during development and never shipped in a PyPI release. The issue affected developers who built from the main GitHub branch in a limited window and allowed attacker-supplied commands to be launched with the developer’s account privileges. Microsoft urges running AutoGen Studio only as a developer prototype in isolated, low-privilege environments and avoiding exposure to untrusted content.
read more →

DifyTap vulnerabilities expose cross-tenant AI data

🛡️ Cybersecurity researchers disclosed four vulnerabilities in Dify, an open-source agentic workflow platform, that could let attackers read AI conversations across tenants without authentication. Codenamed DifyTap by Zafran Security, two flaws are critical and three enable cross-tenant impact on Dify's multi-tenant cloud service. Issues include authorization bypasses, path traversal to internal Plugin Daemon APIs, and file preview leaks. Patches were released in v1.14.2 for all but one flaw, with the remaining fix forthcoming.
read more →

Squidbleed: 29-Year-Old Squid Proxy Heap Over-Read

🔎 A heap over-read in the Squid web proxy can leak cleartext HTTP requests, including credentials and session tokens, to any user already allowed to use the same proxy. Disclosed by researchers at Calif.io in June and tracked as CVE-2026-47729 (Squidbleed), the bug stems from a 1997 FTP-parsing change and affects Squid default configurations that enable FTP and port 21. The flaw only exposes traffic Squid can inspect (cleartext HTTP or TLS-terminating setups); normal CONNECT-tunneled HTTPS remains opaque. Calif.io demonstrated extracting an Authorization header from a co-proxy user; public proof-of-concept code exists and mitigations include patching or simply disabling FTP.
read more →