Secure Bulletin Navigating the cyber sea with knowledge
Home > Categoria > Vulnerability
Latest news

CVE-2026-8037: Critical Pre-Auth RCE in Progress Kemp LoadMaster Puts Enterprise Networks at Risk

1 July 2026  |  dark6  |  Vulnerability

A CVSS 9.8 pre-authentication remote code execution vulnerability (CVE-2026-8037) in Progress Kemp LoadMaster allows unauthenticated attackers to run arbitrary commands on enterprise network edge appliances. Patched versions are...

>> read more

Critical Microsoft 365 RCE Flaw CVE-2025-60727 Exploitable via Malicious Excel Files — Patch Now

30 June 2026  |  dark6  |  Vulnerability

Microsoft has disclosed CVE-2025-60727, a critical out-of-bounds read remote code execution vulnerability in Microsoft 365 Apps, Excel 2016, and multiple Office versions. An attacker can achieve full system...

>> read more

Hackers Actively Exploit CVE-2026-46817 in Oracle E-Business Suite — 456 Attacks Recorded in 24 Hours

30 June 2026  |  dark6  |  Vulnerability

Threat actors are actively exploiting CVE-2026-46817, a critical CVSS 9.8 unauthenticated remote takeover flaw in Oracle E-Business Suite, with 456 attack hits recorded in a single day across...

>> read more

Palo Alto GlobalProtect VPN Authentication Bypass CVE-2026-0257 Under Active Exploitation — Patch Now

29 June 2026  |  dark6  |  Vulnerability

Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a critical authentication bypass in GlobalProtect portal and gateway components that lets unauthenticated attackers establish unauthorized VPN sessions. CISA...

>> read more

25-Year-Old cURL Vulnerability Patched in Record-Breaking Security Release Fixing 18 CVEs

26 June 2026  |  dark6  |  Vulnerability

A critical authentication bypass flaw in cURL that had existed undetected for over 25 years has been patched in curl 8.21.0, released June 24, 2026. The release simultaneously...

>> read more

Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk

26 June 2026  |  dark6  |  Vulnerability

Microsoft's original Secure Boot certificates have begun expiring as of June 24, 2026, affecting over a billion UEFI-capable PCs worldwide. Systems that fail to migrate to the 2023...

>> read more

State-Sponsored Hackers Exploit Cisco Catalyst SD-WAN Manager Zero-Day to Gain Root Access

25 June 2026  |  dark6  |  Vulnerability

A state-sponsored threat actor exploited zero-day CVE-2026-20245 in Cisco Catalyst SD-WAN Manager to gain root access via a malicious CSV upload. The multi-phase intrusion also leveraged two CVSS...

>> read more

CISA Flags Actively Exploited Ubiquiti UniFi OS Vulnerabilities — Patch Deadline June 26

25 June 2026  |  dark6  |  Vulnerability

CISA has added three Ubiquiti UniFi OS vulnerabilities to its KEV catalog following confirmed active exploitation. Federal agencies must patch by June 26, 2026; the chained flaws enable...

>> read more