Advisories 10 June 2026

Microsoft Defender "RoguePlanet" Race Condition Zero-Day Grants SYSTEM Privileges on Fully Patched Windows

Scope: Microsoft Windows 10 and Windows 11 (Including June 2026 Patch Tuesday Updates)

Advisories 10 June 2026
SolarWinds Serv-U Unauthenticated Denial of Service Added to CISA KEV (CVE-2026-28318)

Scope: SolarWinds Serv-U (All Versions Prior to 15.5.4 HF1)

Advisories 4 June 2026
Mirasvit Magento Full Page Cache Warmer PHP Object Injection Under Active Exploitation (CVE-2026-45247)

Scope: Mirasvit Full Page Cache Warmer for Magento 2 / Adobe Commerce (Versions Prior to 1.11.12)

Advisories 4 June 2026
Cisco Unified Communications Manager SSRF to Root Privilege Escalation via WebDialer (CVE-2026-20230)

Scope: Cisco Unified CM and Unified CM SME (All Versions with WebDialer Enabled)

Advisories 4 June 2026
Oracle WebLogic Server Unauthenticated Data Access via T3/IIOP Added to CISA KEV (CVE-2024-21182)

Scope: Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0

Severity: Red

Advisories 4 June 2026
Google DoubleClick Abused as Redirector to Deliver DesckVB RAT via Malspam Campaign

Scope: Enterprise Email Users (Windows Endpoints)

Severity: Red

Advisories 1 June 2026
Marimo Python Notebook Pre-Authentication RCE Now Weaponized with LLM-Driven Post-Exploitation (CVE-2026-39987)

Scope: Marimo Python Notebook Versions 0.20.4 and Earlier

Severity: Red

Subscribe to Advisories