Zimbra has identified a serious cross-site scripting (XSS) vulnerability in the Classic Web Client of its Collaboration suite, which is widely used by various organizations, including businesses and government entities. The flaw currently does not have a Common Vulnerabilities and Exposures (CVE) ID, making it crucial for users to take immediate action to protect their systems. This vulnerability could allow attackers to execute scripts in the context of a user's browser, potentially leading to data theft or other malicious activity. Organizations relying on Zimbra should prioritize patching this vulnerability to safeguard their information and maintain the integrity of their communications. Without a fix, they remain at risk of exploitation.
Zimbra has issued a warning regarding a serious stored cross-site scripting (XSS) vulnerability in its Classic Web Client, which is commonly used for accessing Zimbra Collaboration. This flaw allows attackers to execute malicious code when users open compromised emails. The company has released version 10.1.19 to address this vulnerability, which currently does not have a CVE ID. Users of the Classic Web Client should update to this latest version as soon as possible to safeguard their mailboxes from potential exploitation. This incident emphasizes the need for prompt software updates to protect sensitive information from cyber threats.
The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. The vulnerabilities are CVE-2026-48939 and CVE-2026-56291, both linked to unrestricted file uploads in iCagenda and Balbooa Forms, respectively. These types of vulnerabilities allow attackers to upload potentially harmful files, posing a serious risk to federal agencies and other organizations. CISA's Binding Operational Directive 26-04 emphasizes the need for federal agencies to prioritize the remediation of these high-risk vulnerabilities swiftly. While the directive specifically targets federal entities, CISA encourages all organizations to adopt similar risk-based strategies for vulnerability management.
Microsoft has rolled out a security update to address a serious vulnerability in its Malware Protection Engine, specifically CVE-2026-50656. This flaw, which affects Windows 10 and Windows 11, allows authenticated attackers to escalate their privileges to SYSTEM-level by exploiting improper link resolution before file access. The vulnerability was brought to light on June 10, and it poses a significant risk as it can be exploited with relatively low complexity. Users of affected systems should prioritize applying this update to safeguard their devices against potential attacks that could compromise system security.
A serious vulnerability has been found in OpenPLC v3, which could allow authenticated attackers to write arbitrary files to the filesystem and execute malicious code. This flaw, identified as CVE-2026-14480, stems from how the legacy web user interface handles file uploads, enabling attackers to specify file names without proper validation. If exploited, it could lead to code execution under the OpenPLC runtime user, posing significant risks to critical infrastructure sectors such as manufacturing, energy, and transportation. OpenPLC v3 is now end-of-life and no longer receives security updates, making it essential for users to upgrade to OpenPLC v4 to mitigate this risk.
Schneider Electric's PowerChute Serial Shutdown software has several vulnerabilities that could allow attackers to manipulate system files, inject malicious data, or gain unauthorized access to accounts. Versions 1.4 and earlier are affected by these security flaws, which include issues like improper path restrictions and output handling. If exploited, these vulnerabilities could disrupt services or expose sensitive information across critical sectors such as energy, healthcare, and transportation. Users of affected versions are urged to upgrade to version 1.5, which includes fixes for these issues. The vulnerabilities were disclosed recently, and it is crucial for organizations to address them promptly to mitigate potential risks.
Schneider Electric has reported a vulnerability affecting its Easergy MiCOM Px40 Series protection relays, which are used in medium to extra high voltage applications. The vulnerability allows unauthorized exposure of device identification through the SNMP protocol, impacting various models including the Easergy MiCOM P14x, P24x, P341, and several others, all prior to specific firmware versions. This issue raises concerns for critical infrastructure sectors such as energy and manufacturing, as it could lead to unauthorized access to sensitive device information. Users are advised to implement immediate mitigations or upgrade to firmware versions that eliminate SNMP functionality to protect their systems. This situation is particularly pressing for organizations relying on these devices for operational safety and security.
Microsoft has addressed a significant vulnerability in its Defender software, identified as RoguePlanet (CVE-2026-50656). This flaw allows local attackers to escalate their privileges by exploiting the Malware Protection Engine, which is integral to Defender's malware scanning and removal functions. The vulnerability has a CVSS score of 7.8, indicating a high severity level. Users of Microsoft Defender should ensure they apply the latest security updates to protect against potential exploitation. This fix is crucial as it mitigates the risk of unauthorized access and control over affected systems, which could lead to further security breaches.
Microsoft has addressed a significant vulnerability in its Defender antivirus software, dubbed RoguePlanet, which was made public nearly a month ago. This flaw, tracked as CVE-2026-50656, has a CVSS score of 7.8, indicating a high risk of privilege escalation. It affects the Microsoft Malware Protection Engine, specifically the 'mpengine.dll' component responsible for scanning and cleaning malware. If exploited, this vulnerability could allow attackers to gain SYSTEM privileges on affected systems, posing a serious security risk. Users of Microsoft Defender are urged to apply the latest security updates to protect their systems from potential exploitation.
Ubiquiti has addressed seven vulnerabilities in its UniFi OS, among which is a critical flaw designated as CVE-2026-50746. This particular vulnerability, with a maximum severity score of 10.0, allows for command injection attacks within the UniFi Connect Application, affecting versions 3.4.16 and earlier. This means that attackers could potentially execute arbitrary commands on the affected systems, leading to possible unauthorized access or control. Users of the UniFi Connect Application are urged to update their software to safeguard against these vulnerabilities. The implications of these flaws are significant, as they could expose sensitive data and disrupt services for organizations relying on Ubiquiti's solutions.
Ubiquiti has released critical updates to address serious security vulnerabilities affecting several of its products, including UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS. One of the vulnerabilities, identified as CVE-2026-50746, has a CVSS score of 10.0, indicating its severity. These flaws could allow attackers to gain unauthorized privileges and execute arbitrary commands, posing significant risks to users. The affected systems are widely used in network management and security, making the urgency of these patches clear. Users are strongly advised to apply the updates to protect their systems from potential exploitation.
A serious flaw known as GhostLock (CVE-2026-43499) has been discovered in the Linux kernel, affecting numerous distributions since 2011. This 15-year-old vulnerability allows any logged-in user to gain root access to an unpatched machine without needing special permissions or network access. Essentially, if users are logged in, they can exploit this flaw to take full control of the system. Given that this vulnerability has been included by default in nearly all mainstream Linux distributions, it poses a significant risk to users and organizations that have not applied the necessary patches. Immediate action is required to address this security issue, as it exposes systems to potential compromise and misuse.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. One of the most critical is CVE-2026-48282, a path traversal vulnerability in Adobe ColdFusion that could allow attackers to execute arbitrary code. This flaw has a maximum CVSS score of 10.0, indicating its severity. Additionally, vulnerabilities in Joomla and Langflow have also been flagged, though specific details about those flaws were not provided in the article. Organizations using affected products should prioritize applying patches and updates to mitigate these risks, as exploitation in the wild can lead to significant data breaches or system compromises.
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, signaling that they are actively being exploited by attackers. The vulnerabilities include CVE-2026-48908, which affects JoomShaper SP Page Builder, allowing unrestricted file uploads of dangerous types; CVE-2026-55255, an authorization bypass in Langflow; and CVE-2026-56290, which involves improper access control in Joomlack Page Builder. These vulnerabilities pose significant risks, particularly to federal agencies, as they can grant attackers total control over affected systems. CISA encourages all organizations to adopt a risk-based approach to vulnerability management, emphasizing the importance of addressing these high-risk vulnerabilities swiftly. Agencies are required to check for any compromise before applying patches as part of their remediation process.
Siemens has identified multiple vulnerabilities in its SINEC OS, particularly affecting the RUGGEDCOM RST2428P product. The issues stem from improper input validation, leading to potential allocation failures that could compromise system operations. Siemens has recommended users upgrade to version 4.0 or later to mitigate these risks. The vulnerabilities have been assigned CVE identifiers, indicating their recognition in the cybersecurity community. This situation is significant as it affects industrial control systems, which are critical for operational integrity and security.