High Severity Vulnerability — CVSS 8.8 CVE-2026-6933 is a high-severity missing authorization vulnerability in the Premmerce Dev Tools WordPress plugin leading to unauthenticated remote code … Read More
What Happened Security researchers have identified a concerning trend among ransomware gangs who are exploiting Microsoft Teams relay infrastructure to conceal their command-and-control (C2) traffic. … Read More
What Is CVE-2026-8443? CVE-2026-8443 is a critical SQL injection vulnerability discovered in the WP Review Slider Pro WordPress plugin. The flaw resides in the wppro_get_o … Read More
CISA Known Exploited Vulnerability CVE-2026-48907 has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog. Date Added: June 16, 2026 | Due Date: June … Read More
Critical Vulnerability — Actively Exploited Multiple critical-severity vulnerabilities in Fortinet FortiSandbox are being actively exploited in the wild. Product: FortiSandbox (Enterprise Malware Detonation Sandbox) | … Read More
What Happened Multiple malicious plugins hosted on the JetBrains Marketplace have been discovered actively exfiltrating AI API keys from developer environments. The rogue plugins target … Read More
Vulnerability Intelligence Report — June 17, 2026 Coverage: June 1–17, 2026 | Total CISA KEV additions (period): 15 | New KEVs yesterday: 1 | KEV … Read More
Critical Vulnerability — CVSS 9.8 CVE-2026-8935 is a critical-severity unauthenticated AJAX vulnerability in the WP MAPS PRO WordPress plugin. CVSS Score: 9.8 (Critical) | Attack … Read More
CISA Known Exploited Vulnerability CVE-2026-20262 has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog. Date Added: June 15, 2026 | Due Date: June … Read More
OptinMonster, the popular lead-generation and conversion optimization WordPress plugin with over 1.4 million active installations, has been compromised in a CDN supply-chain attack that also … Read More
