on May 15, 2026 at 8:01 am — CVE-2026-2291 CVE-2026-2291
on May 15, 2026 at 8:01 am — CVE-2026-2291 CVE-2026-2291 Read More »
on May 14, 2026 at 4:02 pm — Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage. Successful exploitation of CVE-2026-20182 allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. The exploitation of CVE-2026-20182 appears to
on May 14, 2026 at 2:00 pm — CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability
Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
on May 14, 2026 at 2:00 pm — CVE-2026-41615 Microsoft Authenticator Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.