CISA Warns of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257) CISA has warned about active exploitation of a vulnerability impacting the GlobalProtect portal and gateway of Palo Alto Networks’ PAN-OS software. Tracked as CVE-2026-0257, the vulnerability may allow... 01/06/2026 Qualys-Threat-Protect
Notepad++ Vulnerabilities Allow Attackers to Execute Arbitrary Code (CVE-2026-48778) Notepad++ released a security advisory addressing three vulnerabilities, including two arbitrary code execution flaws, that could allow attackers to silently... 30/05/2026 Qualys-Threat-Protect
Drupal Core SQL injection Vulnerability Added to CISA KEV (CVE-2026-9082) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Drupal Core active exploited vulnerability to its Known Exploited Vulnerabilities catalog. Tracked as CVE-2026-9082, successful exploitation... 25/05/2026 Qualys-Threat-Protect
Microsoft Exchange Server Spoofing Vulnerability Exploited in Attack (CVE-2026-42897) Microsoft has addressed a new security vulnerability impacting on-premises versions of Exchange Server that is being exploited in the wild.... 18/05/2026 Qualys-Threat-Protect
Cisco Releases Patches for SD-WAN Vulnerability Exploited in the Wild (CVE-2026-20182) Cisco warned users about a critical vulnerability impacting the Catalyst SD-WAN Controller, tracked as CVE-2026-20182. Successful exploitation of the vulnerability may allow an attacker to bypass authentication... 16/05/2026 Qualys-Threat-Protect
Linux Kernel Local Privilege Escalation Vulnerability Exploited in Attacks (Fragnesia) (CVE-2026-46300) Cybersecurity researchers have identified a new variant in the DirtyFrag family of Linux local privilege escalation vulnerabilities, named ‘Fragnesia’. Tracked... 15/05/2026 Qualys-Threat-Protect
F5 Nginx Remote Code Execution Vulnerability (CVE-2026-42945) Threat researchers identified a critical severity vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945. The vulnerability discovered by depthfirst is an 18-year-old memory corruption flaw in... 15/05/2026 Qualys-Threat-Protect
Ivanti Addresses Multiple Vulnerabilities Impacting EPM, Xtraction, Secure Access Client, & Virtual Traffic Manager Ivanti has released its May 2026 security updates, addressing security vulnerabilities across its popular products. The list of vulnerabilities and impacted products includes: Ivanti Xtraction —... 15/05/2026 Qualys-Threat-Protect
Microsoft Patch Tuesday, May 2026 Security Update Review May 2026’s Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching... 13/05/2026 Qualys-Threat-Protect
Ollama Heap Out-of-bounds Read Vulnerability Leads to Remote Process Memory Leak (CVE-2026-7482) Threat researchers have identified a critical severity vulnerability impacting Ollama. Tracked as CVE-2026-7482, successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to... 12/05/2026 Qualys-Threat-Protect
