🚨 [CISA-2026:0615] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0615)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-20262 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20262)
- Name: Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Catalyst SD-WAN Manager
- Notes: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-20262

⚠️ CVE-2026-54420 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-54420)
- Name: LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: LiteSpeed
- Product: cPanel Plugin
- Notes: https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/ ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-54420

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260615 #cisa20260615 #cve_2026_20262 #cve_2026_54420 #cve202620262 #cve202654420

📢 CVE-2026-28318 : vulnérabilité DoS dans SolarWinds Serv-U exploitée activement
📝 ## 🗓️ Contexte

Source : SecurityWeek, publié le 8 juin 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-06-09-cve-2026-28318-vulnerabilite-dos-dans-solarwinds-serv-u-exploitee-activement/
🌐 source : https://www.securityweek.com/solarwinds-patches-exploited-serv-u-vulnerability
#CISA_KEV #CVE_2026_28318 #Cyberveille

🚨 [CISA-2026:0608] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0608)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-42271 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-42271)
- Name: BerriAI LiteLLM Command Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: BerriAI
- Product: LiteLLM
- Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g ; https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable ; https://nvd.nist.gov/vuln/detail/CVE-2026-42271

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260608 #cisa20260608 #cve_2026_42271 #cve202642271

📢 Exploitation active de CVE-2026-0257 : contournement d'authentification GlobalProtect VPN
📝 ## 🔍 Contexte

Source : BleepingComputer, publié le 30 mai 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-06-01-exploitation-active-de-cve-2026-0257-contournement-d-authentification-globalprotect-vpn/
🌐 source : https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/
#CISA_KEV #CVE_2026_0257 #Cyberveille

📢 CVE-2026-0257 : contournement d'authentification GlobalProtect VPN activement exploité
📝 ## 🔍 Contexte

Source : BleepingComputer, publié le 30 mai 2026 par Lawrence...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-31-cve-2026-0257-contournement-d-authentification-globalprotect-vpn-activement-exploite/
🌐 source : https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/
#CISA_KEV #CVE_2026_0257 #Cyberveille

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0527)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45321)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx ; https://nvd.nist.gov/vuln/detail/CVE-2026-45321

⚠️ CVE-2026-48027 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48027)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w ; https://nvd.nist.gov/vuln/detail/CVE-2026-48027

⚠️ CVE-2026-8398 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-8398)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: https://blog.daemon-tools.cc/post/security-incident ; https://nvd.nist.gov/vuln/detail/CVE-2026-8398

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0521)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-34291 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-34291)
- Name: Langflow Origin Validation Error Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/langflow-ai/langflow ; https://github.com/langflow-ai/langflow/releases/tag/v1.9.3; https://github.com/langflow-ai/langflow/issues/11465#event-25774545848 ; https://nvd.nist.gov/vuln/detail/CVE-2025-34291

⚠️ CVE-2026-34926 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34926)
- Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Trend Micro
- Product: Apex One
- Notes: https://success.trendmicro.com/en-US/solution/KA-0023430 ; https://nvd.nist.gov/vuln/detail/CVE-2026-34926

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

🚨 [CISA-2026:0520] CISA Adds 7 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0520)

CISA has added 7 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2008-4250 (https://secdb.nttzen.cloud/cve/detail/CVE-2008-4250)
- Name: Microsoft Windows Buffer Overflow Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 ; https://nvd.nist.gov/vuln/detail/CVE-2008-4250

⚠️ CVE-2009-1537 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-1537)
- Name: Microsoft DirectX NULL Byte Overwrite Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: DirectX
- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 ; https://nvd.nist.gov/vuln/detail/CVE-2009-1537

⚠️ CVE-2009-3459 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-3459)
- Name: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Adobe
- Product: Acrobat and Reader
- Notes: https://www.cisa.gov/news-events/alerts/2009/10/13/adobe-reader-and-acrobat-vulnerabilities ; https://web.archive.org/web/20120324170253/http://www.adobe.com/support/security/bulletins/apsb09-15.html#:~:text=CVE%2D2009%2D3459).-,NOTE%3A,-There%20are%20reports ; https://nvd.nist.gov/vuln/detail/CVE-2009-3459

⚠️ CVE-2010-0249 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0249)
- Name: Microsoft Internet Explorer Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Internet Explorer
- Notes: https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/979352 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0249

⚠️ CVE-2010-0806 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0806)
- Name: Microsoft Internet Explorer Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Internet Explorer
- Notes: https://learn.microsoft.com/en-us/security-updates/securityadvisories/2010/981374 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0806

⚠️ CVE-2026-41091 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41091)
- Name: Microsoft Defender Link Following Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Defender
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091 ; https://nvd.nist.gov/vuln/detail/CVE-2026-41091

⚠️ CVE-2026-45498 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45498)
- Name: Microsoft Defender Denial of Service Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Defender
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45498 ; https://nvd.nist.gov/vuln/detail/CVE-2026-45498

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260520 #cisa20260520 #cve_2008_4250 #cve_2009_1537 #cve_2009_3459 #cve_2010_0249 #cve_2010_0806 #cve_2026_41091 #cve_2026_45498 #cve20084250 #cve20091537 #cve20093459 #cve20100249 #cve20100806 #cve202641091 #cve202645498

📢 Cisco SD-WAN : vulnérabilité critique CVE-2026-20182 exploitée en zero-day, patch d'urgence requis
📝 ## 🗓️ Contexte

Source : The Register — Publié le 15 mai 2026...
📖 cyberveille : https://cyberveille.ch/posts/2026-05-19-cisco-sd-wan-vulnerabilite-critique-cve-2026-20182-exploitee-en-zero-day-patch-d-urgence-requis/
🌐 source : https://www.theregister.com/patches/2026/05/15/cisco-discloses-yet-another-sd-wan-make-me-admin-0-day/5241071
#CISA_KEV #CVE_2026_20127 #Cyberveille