Vulnerability Intelligence Report — June 6, 2026
Coverage: June 5–6, 2026 | New CISA KEV additions: 1 | New items: 5 | KEV deadlines today: 1 | KEV deadlines June 10: 2
Previous reports: June 5, 2026 | June 4, 2026 | June 3, 2026
Today — June 6, 2026 — the CISA KEV deadline for Mirasvit (Magento/Adobe Commerce) arrives. A critical remote code execution vulnerability in Hugging Face Transformers (CVE-2026-4372) allows attackers to execute arbitrary code by loading a model with a malicious config.json file — affecting every version prior to 5.3.0. CISA added SolarWinds Serv-U (CVE-2026-28318) to the KEV catalog with confirmed active exploitation and a June 19 deadline. Six privilege escalation vulnerabilities in the X.Org X server and Xwayland enable root access on Linux systems.
Quick Reference — Most Important Vulnerabilities Today
Hugging Face Transformers: CVE-2026-4372 (critical RCE via malicious model config.json, all versions before 5.3.0)
SolarWinds Serv-U: CVE-2026-28318 (NEW CISA KEV, actively exploited, due June 19)
X.Org X Server / Xwayland: CVE-2026-50256 through CVE-2026-50264 (6 CVEs, privilege escalation to root)
Ansible Galaxy: CVE-2026-11332 (CVSS 7.8, RCE via malicious role dependency)
Hippoo WP Plugin: CVE-2026-10580 (CVSS 9.8, unauthenticated admin account takeover)
KEV DEADLINE TODAY: Mirasvit Full Page Cache Warmer CVE-2026-45247
Hugging Face Transformers — CVE-2026-4372 (Critical RCE via Malicious Model Config)
Software affected: All versions of the Hugging Face Transformers library prior to version 5.3.0. Transformers is the most widely used library for working with AI/ML models — it has hundreds of millions of monthly downloads and is the foundation of the modern NLP and generative AI ecosystem.
CVE: CVE-2026-4372 | Critical severity | Remote Code Execution | All versions before 5.3.0 affected
Fixable: Yes. Update Transformers to version 5.3.0 or later. GitHub commit: a7f8e7ff37d87d1a1a0c8cf607971c607741452f
Business impact: The vulnerability allows an attacker to craft a malicious config.json file containing the _attn_implementation_internal field set to an attacker-controlled Hugging Face Hub repository ID. When a victim loads a model using standard Transformers APIs such as AutoModelForCausalLM.from_pretrained(), the library fetches and executes code from the attacker’s repository — enabling arbitrary remote code execution. The attack requires the victim to load a model from an untrusted source, which is a common workflow in AI/ML development: downloading community models from the Hugging Face Hub, loading models shared by colleagues, or using models from third-party repositories. This follows the pattern of CVE-2026-45829 (ChromaDB) and CVE-2026-47117 (OpenMed) — both involving Hugging Face model loading with trust_remote_code or equivalent mechanisms. The Transformers library is the single most widely deployed AI/ML library globally — its install base spans every organisation doing any form of NLP, LLM inference, or generative AI work.
How to fix: pip install --upgrade transformers>=5.3.0. Verify with pip show transformers. For containerised deployments, rebuild images with the updated version. For applications that pin specific Transformers versions, update the pinned version.
Recommended action: Critical — update Transformers to 5.3.0 immediately across all AI/ML environments. Every Jupyter notebook, model serving endpoint, training pipeline, and inference service using Transformers is affected. This is the third critical Hugging Face-related RCE this month — audit all AI/ML tooling for untrusted model loading paths.
Official source: GitHub — Transformers Fix Commit
SolarWinds Serv-U — CVE-2026-28318 (NEW CISA KEV, Actively Exploited)
Software affected: SolarWinds Serv-U — managed file transfer (MFT) and FTP server software deployed in enterprise environments for secure file exchange.
CVE: CVE-2026-28318 | Added to CISA KEV June 5, 2026 — federal agency deadline June 19, 2026 | Unauthenticated denial of service via crafted POST requests with Content-Encoding: deflate
Fixable: Yes. SolarWinds has released mitigation steps and updates. Apply the Serv-U update immediately.
Business impact: Specially crafted POST requests using the Content-Encoding: deflate header can crash the Serv-U service without authentication. While the vulnerability itself is a denial of service, the CISA KEV addition and confirmed active exploitation elevate its priority. Serv-U is widely deployed in enterprise environments — including government, financial services, and healthcare — for automated and ad-hoc secure file transfers. A crashed Serv-U instance disrupts critical file transfer workflows. The fact that CISA added this to KEV suggests exploitation may be part of a broader attack chain — for example, crashing security monitoring or file transfer services to mask other malicious activity.
How to fix: Apply the SolarWinds Serv-U security update immediately. Verify the update applied correctly. Consider restricting access to the Serv-U management interface to trusted administrative networks.
Recommended action: Apply the Serv-U update. The CISA KEV deadline of June 19 gives two weeks, but confirmed active exploitation means you should patch sooner.
Official source: SolarWinds Security Advisory | CISA KEV Catalog
X.Org X Server and Xwayland — Six Privilege Escalation Vulnerabilities (CVE-2026-50256 through CVE-2026-50264)
Software affected: X.Org X server and Xwayland — the display server infrastructure present on virtually every Linux and Unix desktop and server with graphical capabilities. Xwayland is the X compatibility layer for Wayland-based Linux distributions.
CVEs: Six vulnerabilities — three stack-based buffer overflows (CVE-2026-50256, CVE-2026-50258, CVE-2026-50259 — all CVSS 7.8, CWE-121), two use-after-free vulnerabilities (CVE-2026-50257, CVE-2026-50260, CVE-2026-50261 — CVSS 7.8, CWE-416), and one out-of-bounds write (CVE-2026-50264 — CVSS 7.8, CWE-787). All enable privilege escalation if the X server runs as root.
Fixable: Yes. Updates are available through Linux distribution package managers. Apply the X.Org server and Xwayland security updates.
Business impact: Six vulnerabilities in the X.Org display server — present on virtually every Linux system with a graphical interface, including developer workstations, engineering desktops, and Linux servers running graphical applications. The vulnerabilities exploit flaws in font alias resolution, fence synchronisation, keyboard map processing, and DRI buffer handling. Any local user who can connect to the X server can trigger these vulnerabilities. If the X server runs as root — which it does by default on many distributions — exploitation leads to root privilege escalation. On systems where the X server runs as a non-root user (the modern default on many distributions), exploitation can still crash the display server or escalate to the X server’s user privileges. Multi-user Linux systems, shared workstations, and environments where untrusted users have local shell access are at highest risk.
How to fix: Apply the X.Org server and Xwayland updates through your distribution’s package manager. After updating, restart the X server or reboot the system. Verify the updated version is active.
Recommended action: Apply X.Org updates on all Linux workstations and servers with graphical capabilities. Prioritise multi-user systems and shared workstations where unprivileged users have local access.
Official source: Linux distribution security advisories | NVD — CVE-2026-50256
Ansible Galaxy — CVE-2026-11332 (CVSS 7.8, RCE via Malicious Role Dependency)
Software affected: ansible-core — the Ansible automation engine used for configuration management, application deployment, and orchestration across enterprise IT environments.
CVE: CVE-2026-11332 | CVSS 7.8 High | CWE-88 (Argument Injection) | RCE via malicious Ansible Galaxy role
Fixable: Yes. Update ansible-core to the patched version.
Business impact: The ansible-galaxy role install command processes dependency specifications from a role’s meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field, leading to arbitrary code execution on the machine running the role installation. Ansible is the dominant automation platform in enterprise IT — used for server provisioning, configuration management, and application deployment across thousands of servers. A malicious role — either from Ansible Galaxy, a compromised internal role repository, or a supply chain attack — could compromise the Ansible control node and, from there, every managed server.
How to fix: Update ansible-core via pip or your distribution’s package manager. Audit installed Ansible roles and their requirements.yml files for unexpected git configuration flags in the src fields. Only install roles from trusted sources.
Recommended action: Update ansible-core and audit installed roles. Ansible control nodes are high-value targets — they hold credentials and SSH keys for entire managed infrastructure estates.
Official source: NVD — CVE-2026-11332
Hippoo Mobile App for WooCommerce — CVE-2026-10580 (CVSS 9.8, Unauthenticated Admin Takeover)
Software affected: Hippoo Mobile App for WooCommerce WordPress plugin, all versions up to and including 1.9.4.
CVE: CVE-2026-10580 | CVSS 9.8 Critical | CWE-285 (Improper Authorization) | Authentication bypass leading to administrator account takeover
Fixable: Yes. Update Hippoo Mobile App to a version beyond 1.9.4.
Business impact: A logic conflation in HippooPermissions::get_user_permissions() returns the same null sentinel for both administrators and unauthenticated visitors, creating an authentication bypass. An unauthenticated attacker can exploit this to gain administrator-level access to the WordPress site — full site takeover with no credentials. This follows the pattern of WP Maps Pro (CVE-2026-8732) and Burst Statistics (CVE-2026-8181) — WordPress plugins with logic flaws that conflate unauthenticated and administrative states.
Recommended action: Update Hippoo Mobile App immediately. CVSS 9.8 unauthenticated admin takeover demands immediate patching.
Official source: NVD — CVE-2026-10580
KEV Deadline Watch — Today, June 10, June 19
Today — June 6: Mirasvit Full Page Cache Warmer CVE-2026-45247. Dedicated advisory.
June 10: Nx Console CVE-2026-48027 and TanStack CVE-2026-45321 — supply chain compromises.
June 19: SolarWinds Serv-U CVE-2026-28318 — NEW, actively exploited. Patch well before the deadline.
Updates on Items from Previous Reports
Windows MiniPlasma CVE-2026-33825: Still no patch. Dedicated advisory.
Cisco SD-WAN CVE-2026-20245: Actively exploited. Dedicated advisory.
Azure HorizonDB CVSS 10.0, Exchange Online, BarTender, binding.gyp, OpenStack Ironic, OpenShift CCO, Acer M6E: All covered in the June 5 report and dedicated advisories.
Azure ARM CVSS 10.0, SharePoint, BitLocker YellowKey, Microsoft Defender, Microsoft Graph, Copilot: Covered in dedicated advisories published June 5.
Android KEV deadline (passed June 5), Linux cgroups KEV deadline (passed June 5): Both past deadline.
OpenSSL pre-announcement: Update coming June 9 (3 days). Prepare inventory.
Acer Wave 7 zero-days: Still no patch. Dedicated advisory.
Drupal, PAN-OS, Citrix NetScaler, Windows Netlogon, FortiClient, Ghost CMS, SonicWall, ChromaDB, Oracle ORDS, Cisco UC Manager, authentik, BIRD BGP, MLflow, React Router, LibreChat, MISP, and all WordPress plugin CVEs: Covered in dedicated advisories and previous reports.
This report is compiled from official vendor advisories, the CISA Known Exploited Vulnerabilities catalog, the National Vulnerability Database, and primary security research sources.
