CISA Adds Oracle WebLogic CVE-2024-21182 to KEV Catalog as Active Exploitation Confirmed — Patch by June 4
CISA has added CVE-2024-21182, a critical unauthenticated Oracle WebLogic Server vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active in-the-wild exploitation. Federal agencies must patch by June...
CVE-2026-41089: Windows Netlogon 0-Click RCE Now Actively Exploited — Patch Domain Controllers Immediately
Microsoft’s May 2026 Patch Tuesday addressed CVE-2026-41089, a critical Windows Netlogon 0-click RCE — now actively exploited in the wild. Domain controllers running unpatched Windows Server face complete...
CVE-2026-0257: Palo Alto PAN-OS Authentication Bypass Actively Exploited — Patch Immediately
A critical authentication bypass in Palo Alto Networks PAN-OS (CVE-2026-0257) is being actively exploited in two distinct waves, with attackers forging GlobalProtect VPN session cookies to gain unauthorized...
CISA Warns of Actively Exploited Microsoft Exchange Server XSS Flaw — Patch by May 29
CISA has added CVE-2026-42897, a cross-site scripting vulnerability in Microsoft Exchange Server's Outlook Web Access, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild....
Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild
Hackers are actively exploiting CVE-2026-42945, a critical heap buffer overflow in NGINX Open Source and NGINX Plus, with real-world attacks confirmed just days after public disclosure. With approximately...
New Ivanti EPMM Zero-Day CVE-2026-6973 Actively Exploited — Patch Immediately
Ivanti has confirmed active exploitation of CVE-2026-6973, a new zero-day vulnerability in its on-premises Endpoint Manager Mobile (EPMM) product. The flaw requires admin authentication and is part of...