A critical stack-based buffer overflow vulnerability in the Windows Netlogon service, tracked as CVE-2026-41089, allows unauthenticated attackers to execute arbitrary code over the network on … Read More
Vulnerability Intelligence Report — June 2, 2026 Coverage: June 1–2, 2026 | New CISA KEV additions: 1 | New items this report: 7 | KEV … Read More
A critical privilege escalation vulnerability in the WP Maps Pro WordPress plugin, tracked as CVE-2026-8732, allows unauthenticated attackers to create rogue administrator accounts on affected … Read More
Vulnerability Intelligence Report — June 1, 2026 Coverage: May 31 – June 1, 2026 | New exploitation confirmations: 1 | CISA KEV deadlines today: 1 … Read More
An unauthenticated SQL injection vulnerability in the GEO my WP WordPress plugin, tracked as CVE-2026-9757, allows remote attackers to execute arbitrary SQL queries against the … Read More
A privilege escalation vulnerability in the Simple History WordPress plugin, tracked as CVE-2026-7459, allows authenticated attackers with Subscriber-level access — the lowest WordPress user role … Read More
A remote code execution vulnerability in the Spectra — Gutenberg Blocks plugin for WordPress, tracked as CVE-2026-7465, allows authenticated attackers with Contributor-level access or higher … Read More
A local privilege escalation vulnerability in the Linux kernel’s CIFS subsystem — named CIFSwitch by its discoverer — allows any unprivileged local user to gain … Read More
Palo Alto Networks has disclosed an authentication bypass vulnerability in PAN-OS GlobalProtect, tracked as CVE-2026-0257, carrying a CVSS score of 9.1. The vulnerability has been … Read More
Vulnerability Intelligence Report — May 31, 2026 Coverage: May 30–31, 2026 | New items this report: 5 | Exploitation status changes: 1 | CISA KEV … Read More
