< ciso
brief />
Tag Banner

All news with #patch release tag

439 articles · page 4 of 22

Cisco warns of critical Unified CM flaw

🔒 Cisco released updates for a critical Unified Communications Manager (Unified CM) vulnerability (CVE-2026-20230) that can be exploited via SSRF to gain root privileges. The issue affects systems with the WebDialer service enabled, which is disabled by default, and Cisco notes public proof-of-concept exploit code is available. Administrators should apply patched versions 14SU6 or 15SU5 or temporarily disable the WebDialer service as a mitigation.
read more →

HTTP/2 Bomb: New Remote DoS Impacting Major Servers

🛡️ Cybersecurity researchers disclosed a remote denial-of-service exploit called HTTP/2 Bomb that affects major web servers including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The flaw leverages HPACK header compression combined with a zero-byte flow-control hold to amplify tiny on-wire headers into large server allocations. Vendors have released patches for some products and provided configuration mitigations for others while several popular implementations remain unpatched.
read more →

Google June 2026 Android security updates

🔒 Google released June 2026 security patches addressing 124 Android vulnerabilities, including a high-severity Framework flaw tracked as CVE-2025-48595 affecting Android 14–16 and 16 QPR2. This privilege escalation bug can be exploited without user interaction and is reportedly under limited targeted exploitation. The June updates arrive in two batches, with the latter adding kernel and chipset fixes from MediaTek, Qualcomm, Unisoc, and others.
read more →

Google issues June 2026 Android security patches

🔒 Google released the June 2026 Android security updates fixing 124 vulnerabilities, including one actively exploited Android Framework zero-day (CVE-2025-48595) affecting devices running Android 14 and later. The company warned of limited, targeted exploitation and urged users to update to the latest Android versions. Two patch bundles (2026-06-01 and 2026-06-05) were issued; Pixel devices will receive updates immediately while other vendors may delay. Google also addressed 18 critical flaws across System, Framework, and Qualcomm components, and previously patched other zero-days this year.
read more →

Oracle launches monthly Critical Security Patch Update

🔒 Oracle has issued its first monthly Critical Security Patch Update (CSPU), addressing 35 vulnerabilities that require more urgent attention than quarterly releases. The batch includes 11 critical, 18 high, and 6 medium severity flaws, with several affecting Oracle REST Data Services, Oracle E-Business Suite, and Oracle Payments. Some older supply-chain bugs have public proof-of-concept exploits, increasing patching urgency.
read more →

Palo Alto fixes auth-bypass in GlobalProtect VPN

🔒 Palo Alto Networks patched CVE-2026-0257, an authentication bypass on the GlobalProtect portal and gateway, after attackers began exploiting the flaw. Initially rated medium, the issue was raised to high severity following multiple exploitation attempts on unpatched PAN-OS devices. Rapid7 observed forged-cookie probes and VPN IP assignment to internal networks, prompting urgent patching guidance. CISA added the vulnerability to its KEV Catalog and federal agencies must remediate by June 1.
read more →

Critical WP Maps Pro Bug Lets Attackers Create Admins

🔒 A critical vulnerability in WP Maps Pro (CVE-2026-8732) allowed unauthenticated attackers to create administrator accounts via a flawed "temporary access" AJAX endpoint. Discovered by researcher David Brown, the issue affected versions 6.1.0 and older and relied on a publicly exposed nonce in frontend JavaScript, making protections ineffective. Defiant observed active exploitation attempts and blocked thousands of requests, and the vendor released WP Maps Pro 6.1.1 to address the flaw. Site owners are urged to update immediately to prevent account takeover and persistent backdoors.
read more →

Notepad++ XML flaws allow local arbitrary code execution

🔒 Two High-severity vulnerabilities in Notepad++ (CVE-2026-48778 and CVE-2026-48800, CVSS 7.8) let local attackers run arbitrary commands by tampering with the editor’s XML configuration files. Both issues affected versions up to 8.9.6 and were patched in 8.9.6.1 along with a lower-severity crash bug (CVE-2026-48770). The flaws stem from unvalidated values in shortcuts.xml and config.xml, enabling persistence and stealthy execution if an attacker can write to a user’s AppData or supply a poisoned settings folder.
read more →

Amazon RDS for Oracle adds April 2026 RU and SPB

🔔 Amazon RDS for Oracle now supports the Oracle April 2026 Release Update (RU) for 19c and 21c and the Supplemental Patch Bundle (SPB) for 19c. The SPB, formerly the Oracle Spatial Patch Bundle, contains additional patches for targeted features such as Oracle Spatial, Data Pump, and GoldenGate. You can apply the RU or SPB via the RDS Console, SDK, or CLI and enable Automatic Minor Version Upgrade or use AWS Organizations rollout policies to stagger updates across environments.
read more →

ABB EIBPORT XSS Vulnerability and Firmware Patch

🔒 ABB disclosed a cross-site scripting vulnerability in affected ABB EIBPORT firmware versions that can expose session identifiers and allow unauthorized access. A firmware update is available that modifies session and credential handling and hardens product configuration. ABB recommends applying the update promptly and following network segmentation and firewall best practices to reduce exposure.
read more →

VDR G4e Firmware Update Fixes Credential Flaws

🔒 The MacGregor Voyage Data Recorder (VDR) G4e contains multiple credential management vulnerabilities, including default and hard-coded credentials, weak password hashing, and accessible authentication files that can allow an attacker to gain administrator access. Danelec has released firmware V5.250 to address these issues and users are urged to update at the next service attendance rather than waiting for annual maintenance. CISA recommends minimizing network exposure, isolating control networks behind firewalls, and using secure remote access methods such as up-to-date VPNs while performing risk assessments prior to deployment of mitigations.
read more →

Windows 11 KB5089573 preview brings performance fixes

🔧 Microsoft released the KB5089573 preview cumulative update for Windows 11 25H2 and 24H2, delivering 30 non-security changes focused on performance and reliability. The optional May 2026 update accelerates app launch and core shell experiences (Start, Search, Action Center) and improves Windows Hello sign-in behavior and reliability. It also addresses File Explorer stability, touch gestures, Modern Standby resume performance, and reduces authentication blocks for Windows Hello Enhanced Sign-in Security. Devices upgrade to builds 26200.8524 and 26100.8524 and updated Secure Boot certificates are being phased in ahead of expiring 2011 certificates.
read more →

Microsoft fixes critical SharePoint remote code flaw

🛡️ Microsoft released updates to address a SharePoint remote code execution vulnerability, CVE-2026-45659, rated CVSS 8.8 and classified as Important. The flaw involves deserialization of untrusted data, allowing an authenticated attacker with minimal Site Member permissions to execute code over a network without elevated privileges. Microsoft credited researcher MEOW for the discovery and urged administrators to apply the updates for affected SharePoint versions. The advisory follows recent fixes for other SharePoint issues that have been exploited in the wild.
read more →

LiteSpeed cPanel plugin bug allows root script execution

🔐 A critical vulnerability, CVE-2026-48172 (CVSS 10.0), in the LiteSpeed User-End cPanel Plugin allows privilege escalation via the lsws.redisAble function, enabling arbitrary scripts to run as root. The flaw affects plugin versions 2.3 through 2.4.4 and is being actively exploited; LiteSpeed fixed it in v2.4.5 and later bundled releases. Administrators are urged to upgrade to cPanel plugin v2.4.7 (with WHM plugin v5.3.1.0) or uninstall the user-end plugin if immediate patching is not feasible.
read more →

Ubiquiti patches three max-severity UniFi OS flaws

🛡️ Ubiquiti issued updates addressing three maximum-severity vulnerabilities in UniFi OS that allow remote, unauthenticated attackers to modify systems, read files via path traversal, and perform command injection after gaining network access. Additional fixes include another critical command injection and a high-severity information disclosure issue. The flaws were reported via HackerOne and can be exploited with low complexity; Ubiquiti has not confirmed any in-the-wild exploitation. Censys reports nearly 100,000 Internet-exposed UniFi OS endpoints, with about 50,000 in the United States, though it is unclear how many have been remediated.
read more →

Critical Cisco Secure Workload vulnerability demands immediate patch

🔒 A critical vulnerability in the on-premises Cisco Secure Workload platform can let a remote, unauthenticated attacker gain site admin privileges by sending a crafted HTTP request to an internal REST API. Cisco assigned CVE-2026-20223 a CVSS score of 10.0 and says the issue stems from insufficient validation and authentication of REST API access. Only on-prem deployments must act immediately by upgrading to the patched versions; SaaS has already been fixed. Cisco reported no known exploitation in the wild at the time of disclosure.
read more →

B&R Automation Runtime SDM Vulnerabilities Fix Released

🔒 An update resolves multiple vulnerabilities in B&R Automation Runtime SDM prior to 6.4 that could allow session takeover, reflected XSS, or CSV formula injection. The vendor corrected the issues in Automation Runtime 6.4 and notes SDM is disabled by default in AR 6. Customers should apply the update based on risk assessment and follow recommended network isolation and access-control practices.
read more →

ABB Terra AC Wallbox Buffer Overflow Advisory

🔒 ABB reports heap, stack and classic buffer overflow vulnerabilities in select Terra AC Wallbox firmware. An attacker who hijacks Bluetooth and crafts oversized fields could corrupt memory and potentially alter firmware behavior. ABB has released firmware version 1.8.36 (JP) to address the issues and recommends updating as soon as possible.
read more →

Hitachi Energy GMS600 OpenSSL timing flaw

🔒 Hitachi Energy reported that GMS600 versions are affected by CVE-2022-4304, a timing-based side-channel in OpenSSL RSA decryption that can allow recovery of pre-master secrets after many trial messages. The flaw impacts all RSA padding modes and can enable decryption of TLS application data. Vendor mitigation is to upgrade to version 1.3.2; CISA reiterates network isolation and defensive best practices.
read more →

Microsoft Warns: Two Defender Zero-Days Patched Urgently

🛡️ Microsoft released emergency updates on Wednesday to address two actively exploited Microsoft Defender zero-day vulnerabilities. The first, CVE-2026-41091, affects the Microsoft Malware Protection Engine and can be abused to achieve SYSTEM privileges via improper link resolution before file access. The second, CVE-2026-45498, impacts the Defender Antimalware Platform and may be used to trigger denial-of-service; Microsoft says updates should deploy automatically but advises administrators to verify platform and signature versions and confirm successful installation.
read more →