Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > actively exploited
#actively exploited

CISA Adds Oracle WebLogic CVE-2024-21182 to KEV Catalog as Active Exploitation Confirmed — Patch by June 4

3 June 2026  |  dark6  |  Vulnerability

CISA has added CVE-2024-21182, a critical unauthenticated Oracle WebLogic Server vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active in-the-wild exploitation. Federal agencies must patch by June...

>> read more

CVE-2026-41089: Windows Netlogon 0-Click RCE Now Actively Exploited — Patch Domain Controllers Immediately

1 June 2026  |  dark6  |  Vulnerability

Microsoft’s May 2026 Patch Tuesday addressed CVE-2026-41089, a critical Windows Netlogon 0-click RCE — now actively exploited in the wild. Domain controllers running unpatched Windows Server face complete...

>> read more

CVE-2026-0257: Palo Alto PAN-OS Authentication Bypass Actively Exploited — Patch Immediately

30 May 2026  |  dark6  |  Vulnerability

A critical authentication bypass in Palo Alto Networks PAN-OS (CVE-2026-0257) is being actively exploited in two distinct waves, with attackers forging GlobalProtect VPN session cookies to gain unauthorized...

>> read more

CISA Warns of Actively Exploited Microsoft Exchange Server XSS Flaw — Patch by May 29

19 May 2026  |  dark6  |  Vulnerability

CISA has added CVE-2026-42897, a cross-site scripting vulnerability in Microsoft Exchange Server's Outlook Web Access, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild....

>> read more

Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild

19 May 2026  |  dark6  |  Vulnerability

Hackers are actively exploiting CVE-2026-42945, a critical heap buffer overflow in NGINX Open Source and NGINX Plus, with real-world attacks confirmed just days after public disclosure. With approximately...

>> read more

New Ivanti EPMM Zero-Day CVE-2026-6973 Actively Exploited — Patch Immediately

8 May 2026  |  dark6  |  Vulnerability

Ivanti has confirmed active exploitation of CVE-2026-6973, a new zero-day vulnerability in its on-premises Endpoint Manager Mobile (EPMM) product. The flaw requires admin authentication and is part of...

>> read more