Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > CISA
#CISA

CISA Flags Actively Exploited Ubiquiti UniFi OS Vulnerabilities — Patch Deadline June 26

25 June 2026  |  dark6  |  Vulnerability

CISA has added three Ubiquiti UniFi OS vulnerabilities to its KEV catalog following confirmed active exploitation. Federal agencies must patch by June 26, 2026; the chained flaws enable...

>> read more

CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation

18 June 2026  |  dark6  |  Ransomware

CISA has added a critical Oracle PeopleSoft vulnerability (CVE-2026-35273) to its Known Exploited Vulnerabilities catalog after confirming active exploitation in ransomware campaigns. The flaw allows unauthenticated attackers to...

>> read more

CISA BOD 26-04: Federal Agencies Must Patch Critical Vulnerabilities Within 3 Days Under New Risk-Based Mandate

12 June 2026  |  dark6  |  Vulnerability

CISA has issued Binding Operational Directive BOD 26-04, requiring federal civilian agencies to patch the most critical vulnerabilities — those that are internet-exposed, KEV-listed, automatable, and grant full...

>> read more

CISA Warns: SolarWinds Serv-U CVE-2026-28318 Actively Exploited — Zero-Auth DoS Attack Hits File Transfer Platform

8 June 2026  |  dark6  |  Vulnerability

CISA has added CVE-2026-28318, a zero-authentication denial-of-service flaw in SolarWinds Serv-U, to its Known Exploited Vulnerabilities catalog. Attackers can crash the service remotely with a single crafted HTTP...

>> read more

CISA Adds Actively Exploited Linux Kernel CVE-2022-0492 to KEV Catalog — Patch Now

8 June 2026  |  dark6  |  Vulnerability

CISA has added CVE-2022-0492, a Linux kernel improper authentication flaw, to its Known Exploited Vulnerabilities catalog. The vulnerability enables privilege escalation and container escape attacks and is being...

>> read more

CISA Warns: Hackers Are Targeting U.S. Fuel Tank Monitoring Systems Across Critical Infrastructure

8 June 2026  |  dark6  |  Vulnerability

CISA, the FBI, NSA, and five other federal agencies have issued a joint advisory confirming active cyberattacks against Automatic Tank Gauge (ATG) systems used in US energy, chemical,...

>> read more

CISA Adds Oracle WebLogic CVE-2024-21182 to KEV Catalog as Active Exploitation Confirmed — Patch by June 4

3 June 2026  |  dark6  |  Vulnerability

CISA has added CVE-2024-21182, a critical unauthenticated Oracle WebLogic Server vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active in-the-wild exploitation. Federal agencies must patch by June...

>> read more

CVE-2026-41089: Windows Netlogon 0-Click RCE Now Actively Exploited — Patch Domain Controllers Immediately

1 June 2026  |  dark6  |  Vulnerability

Microsoft’s May 2026 Patch Tuesday addressed CVE-2026-41089, a critical Windows Netlogon 0-click RCE — now actively exploited in the wild. Domain controllers running unpatched Windows Server face complete...

>> read more